Bump wasmtime-wasi-http from 35.0.0 to 38.0.3 in /native/wasmex

[dependabot]

Bumps wasmtime-wasi-http from 35.0.0 to 38.0.3.

Release notes

Sourced from wasmtime-wasi-http's releases.

v38.0.3

38.0.3

Released 2025-10-24.

Fixed

• Fix possible host crash with host-to-wasm component intrinsics CVE-2025-62711

v38.0.1

38.0.1

Released 2025-10-20.

Fixed

• Fixed some automation that went wrong with the 38.0.0 release.

v37.0.2

37.0.2

Released 2025-10-07.

Fixed

• Fix a memory leak in the C API when using anyref or externref. CVE-2025-61670.

v37.0.1

37.0.1

Released 2025-09-23.

Fixed

• Cranelift's cranelift-jit crate now properly applies relocations to ADRP instructions on aarch64; a zero-extension on the offset was fixed to properly sign-extend instead. #11734

v37.0.0

37.0.0

Released 2025-09-20.

Added

• Wasmtime now fully implements the WebAssembly exception-handling proposal. Support is still disabled by default but is ready for testing. The proposal

... (truncated)

Changelog

Sourced from wasmtime-wasi-http's changelog.

38.0.3

Released 2025-10-24.

Fixed

• Fix possible host crash with host-to-wasm component intrinsics CVE-2025-62711

---

38.0.2

Released 2025-10-21.

Changed

• This repository is attempting to start out using GitHub's "Immutable Releases" feature with this release, and this'll be the first release, assuming all goes well, that has this enabled. #11901

Fixed

• Fix compatibility with the Go runtime on Windows for exceptions. #11892

---

38.0.1

Released 2025-10-20.

Fixed

• Fixed some automation that went wrong with the 38.0.0 release.

---

38.0.0

Released 2025-10-20.

Added

• A number of new Cranelift peephole ISLE optimizations have been added. #11637 #11638 #11640 #11641

... (truncated)

Commits

• d9dc16b Release Wasmtime 38.0.3 (#11934)
• c3d448c Use generic array-to-wasm trampolines for components (#11933)
• e8b8a72 Fix release script (#11906) (#11914)
• b27d62c Release Wasmtime 38.0.2 (#11903)
• 7c142a6 Attempt to use github immutable releases (#11902)
• aba7144 Fix compatibility with the Go runtime on Windows for exceptions (#11892) (#11...
• f2140f6 Release Wasmtime 38.0.1 (#11888)
• 399f857 Release Wasmtime 38.0.0 (#11886)
• 8dd2c75 Add release notes (#11819)
• 2d9bd17 Fix externref/anyref ownership in C/C++ API (#11799) (#11803)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)