chore: bump deps to resolve OSV vulnerabilities

Reduce known vulnerabilities from 17 to 1:
- cargo update: openssl 0.10.78, aws-lc-sys 0.40.0, rustls-webpki 0.103.13,
  rustls 0.23.40, rand 0.8.6 / 0.9.4
- axum-server 0.7 -> 0.8 (drops vulnerable rustls-pemfile@2.2.0); add
  SocketAddr generic to Handle usages
- wiremock 0.5 -> 0.6 (drops vulnerable instant@0.1.13 and rand@0.7.3);
  migrate test_streamable_http_client to http-crate types

Residual: rsa@0.9.10 (RUSTSEC-2023-0071) via oauth2-test-server, a
dev-dependency only with no upstream fix.

Assisted-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: SVilgelm