cargo-deny: upgrade hyper related dependencies

[bergwolf]

Overview

cargo-deny reported that rustls-pemfile is not maintained any more as RUSTSEC-2025-0134. Advisory: https://rustsec.org/advisories/RUSTSEC-2025-0134

See https://github.com/dragonflyoss/nydus/actions/runs/20742099540/job/59550832292?pr=1822

We relied on rustls-pemfile because of the hyper crate. Let's do a full upgrade for multiple dependencies including hyper, http, rustls, and reqwest to their latest versions.

Test Results

https://github.com/bergwolf/nydus/actions/runs/20744598243

[codecov]

Codecov Report

❌ Patch coverage is 78.26087% with 20 lines in your changes missing coverage. Please review.
✅ Project coverage is 56.51%. Comparing base (f1d835c) to head (96ed90f).
⚠️ Report is 2 commits behind head on master.

Files with missing lines	Patch %	Lines
src/bin/nydusctl/client.rs	69.49%	18 Missing ⚠️
storage/src/backend/http_proxy.rs	93.93%	2 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1823      +/-   ##
==========================================
+ Coverage   56.46%   56.51%   +0.04%     
==========================================
  Files         199      199              
  Lines       52048    52096      +48     
  Branches    44851    44899      +48     
==========================================
+ Hits        29388    29441      +53     
+ Misses      21176    21170       -6     
- Partials     1484     1485       +1     

Files with missing lines	Coverage Δ
storage/src/backend/http_proxy.rs	76.64% <93.93%> (+1.87%)	⬆️
src/bin/nydusctl/client.rs	39.43% <69.49%> (+39.43%)	⬆️

... and 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[BraveY]

Thanks a lot. LGTM