chore(deps): fix cargo audit advisories

[darioush]

Resolves the cargo audit failures (CI runs cargo audit -D warnings, so the notice/unsound advisories fail the gate too):

• RUSTSEC-2026-0185 (high): bump quinn-proto 0.11.14 -> 0.11.15, fixing remote memory exhaustion from unbounded out-of-order stream reassembly.
• RUSTSEC-2026-0174 (notice): bump wiremock 0.5 -> 0.6.5, which drops the http-types dependency entirely.
• RUSTSEC-2026-0186 (unsound, memmap2): added to the .cargo/audit.toml ignore list. The unsoundness is confined to advise_range/flush_range/flush_async_range/unchecked_advise_range. Its only consumer here is dynasmrt 2.0 (near-vm singlepass JIT; the wasmtime path does not use dynasmrt), which calls none of those, only map_anon/make_exec/make_mut. The fix is in memmap2 >= 0.9.11, unreachable without a breaking dynasmrt 2.0 -> 3.0 upgrade of the x86-64 emitter. A TODO marks it for removal when near-vm is deprecated.

Also drops a stale ignore entry while here:

• RUSTSEC-2020-0070 (lock_api < 0.4.2): no longer matches the lockfile (we are on lock_api 0.4.13), so the ignore was dead weight.

[Copilot]

Pull request overview

Updates Rust dependencies and the cargo-audit configuration to clear CI audit failures by addressing two advisories via crate upgrades and suppressing one known-unsound advisory that is currently not practically fixable due to an upstream breaking change.

Changes:

• Bump wiremock from 0.5.x to 0.6.5 (removing the http-types dependency chain).
• Bump quinn-proto from 0.11.14 to 0.11.15 (security fix for remote memory exhaustion).
• Update .cargo/audit.toml to drop a stale ignore and add an ignore for RUSTSEC-2026-0186 (memmap2) with rationale and TODO.

Reviewed changes

Copilot reviewed 2 out of 3 changed files in this pull request and generated no comments.

File	Description
Cargo.toml	Bumps wiremock to 0.6.5 in workspace dependencies.
Cargo.lock	Updates the lockfile to reflect wiremock/quinn-proto upgrades and their transitive dependency changes.
.cargo/audit.toml	Removes a dead ignore entry and adds an ignore for RUSTSEC-2026-0186 with justification/TODO.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.63%. Comparing base (ef221f6) to head (fb19366).

Additional details and impacted files

@@            Coverage Diff             @@
##           master   #15982      +/-   ##
==========================================
+ Coverage   72.61%   72.63%   +0.01%     
==========================================
  Files         952      952              
  Lines      205126   205126              
  Branches   205126   205126              
==========================================
+ Hits       148961   148985      +24     
+ Misses      51185    51167      -18     
+ Partials     4980     4974       -6     

Flag	Coverage Δ
pytests-nightly	1.10% <ø> (ø)
unittests	69.57% <ø> (+0.01%)	⬆️
unittests-nightly	69.56% <ø> (+0.02%)	⬆️
unittests-spice	66.98% <ø> (-0.02%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.