Update coset requirement from ^0.3.5 to ^0.4.0

[dependabot]

Updates the requirements on coset to permit the latest version.

Changelog

Sourced from coset's changelog.

0.4.0 - 2025-09-22

• Breaking change: alter type of crit field in Header to support private-use labels (in accordance with 9052 §3.1).
• Deprecate CoseMac[0]::verify_tag in favour of verify_payload_tag.
• Deprecate CoseEncrypt[0]::decrypt, CoseRecipient::decrypt in favour of decrypt_ciphertext.

0.3.8 - 2024-07-24

• Make CoseSign[1]::tbs_[detached_]data methods pub.

0.3.7 - 2024-04-05

• Bump MSRV to 1.58.
• Update dependencies.
• Fix bounds bug for label sorting.

0.3.6 - 2024-01-15

• Helpers for ordering of fields in a COSE_Key:
  • Add Label::cmp_canonical() for RFC 7049 canonical ordering.
  • Add CborOrdering enum to specify ordering.
  • Add CoseKey::canonicalize() method to order fields.

0.3.5 - 2023-09-29

• Add helper methods to create and verify detached signatures:
  • Add CoseSignBuilder methods add_detached_signature and try_add_detached_signature.
  • Add CoseSign method verify_detached_signature.
  • Add CoseSign1Builder methods create_detached_signature and try_create_detached_signature.
  • Add CoseSign1 method verify_detached_signature.
• Implement CBOR conversion traits for ciborium::value::Value.
• Update ciborium dependency.

0.3.4 - 2023-01-25

• Add non-default std feature that turns on impl Error for CoseError.
• Add cwt::ClaimsSetBuilder::private_claim method.
• Update documentation for existing encryption methods to make it clear that they only support AEAD encryption.

0.3.3 - 2022-09-30

• Add CoseKeyBuilder methods kty, key_type and new_okp_key.

0.3.2 - 2022-04-02

• Add basic CWT support in cwt module, via the ClaimsSet type.

0.3.1 - 2022-02-23

... (truncated)

Commits

• 8450a00 Prep for 0.4.0 release (#117)
• 04a41ae Deprecate methods that are easy to misuse (#115)
• ebfaf53 iana: add draft-ietf-cose-dilithium values
• ab342a9 iana: update enum values
• 94069d1 iana: update enum values
• c41af0f Inline format variables for new Clippy
• f764ca3 Add From impls for label types (#111)
• 3316152 header: allow setting custom use algorithm label (#110)
• 1d619fa Allow critical labels to contain private use label range (#107)
• e6bd8d2 ci: fix mdl install (#108)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)