chore(deps): bump libp2p-* and resolve RUSTSEC-2026-0002

[hanabi1224]

Summary of changes

Changes introduced in this pull request:

• resolves https://github.com/ChainSafe/forest/security/dependabot/138

Reference issue to close (if applicable)

Closes

Other information and links

Change checklist

• I have performed a self-review of my own code,
• I have made corresponding changes to the documentation. All new code adheres to the team's documentation standards,
• I have added tests that prove my fix is effective or that my feature works (if possible),
• I have made sure the CHANGELOG is up-to-date. All user-facing changes should be reflected in this document.

Summary by CodeRabbit

• Chores
  • Removed an exemption from the security advisory checklist, enabling enforcement of an additional security advisory that was previously ignored.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

This PR removes a single advisory ignore entry ("RUSTSEC-2026-0002") from the deny.toml configuration file. The previously ignored advisory will now be actively scanned and considered by the dependency vulnerability checker.

Changes

Cohort / File(s)	Summary
Configuration updates deny.toml	Removed RUSTSEC-2026-0002 from the [advisories] ignore list (1 line deleted)

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related PRs

• fix: a few RUSTSEC(s) #6244 — Removes entries from the deny.toml [advisories] ignore list
• fix: ignore RUSTSEC-2025-0046 #6156 — Modifies the deny.toml advisories ignore list by adding/removing entries

Suggested labels

dependencies, rust

Suggested reviewers

• sudo-shashank
• LesnyRumcajs

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title directly matches the primary change: bumping libp2p dependencies and resolving the RUSTSEC-2026-0002 security advisory, which is confirmed by removing the ignore entry from deny.toml.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[hanabi1224]

lru is gone.

[LesnyRumcajs]

libp2p bump is always welcome