bump lru dependency to 0.16.3

[svix-jbrown]

Motivation and Context

RUSTSEC-2026-0002 was recently released against the lru crate. aws-sdk-s3 as well as rust-runtime pins a dependency on lru 0.12, but this advisory only fixed in 0.16.3 or later.

Description

This PR updates the lru dependency to resolve the advisory.

The change to rust-runtime/aws-smithy-types/src/blob.rs resolves a warning emitted by cargo check on the current stable version of Rust.

The new lru version does raise the MSRV from 1.65 to 1.70, but that doesn't seem to be a problem given smithy-rs's policy of "stable - 2".

Testing

• ./gradlew :aws:sdk:cargoCheck has no errors
• ./gradlew :aws:sdk:cargoClippy has no errors
• ./gradlew :aws:sdk:sdkTest is still running but seems good so far

Checklist

• For changes to the smithy-rs codegen or runtime crates, I have created a changelog entry Markdown file in the .changelog directory, specifying "client," "server," or both in the applies_to key.
• For changes to the AWS SDK, generated SDK code, or SDK runtime crates, I have created a changelog entry Markdown file in the .changelog directory, specifying "aws-sdk-rust" in the applies_to key.

---

By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

[github-actions]

A new generated diff is ready to view.

• AWS SDK (ignoring whitespace)
• No codegen difference in the Client Test
• No codegen difference in the Server Test
• Server Test Python (ignoring whitespace)
• No codegen difference in the Server Test Typescript

A new doc preview is ready to view.

[aajtodd]

PR Bot: https://github.com/smithy-lang/smithy-rs/actions/runs/20823983231
Canary: https://github.com/smithy-lang/smithy-rs/actions/runs/20823978103