fix: update diesel to resolve GHSA-h5x4-m2qf-r4f2

[dannyneira]

Summary

• Updates the local diesel crate/package metadata and internal path dependency constraints to the patched 2.3.8 range for GHSA-h5x4-m2qf-r4f2.
• Backports the SQLite text handling safety fix by replacing unchecked UTF-8 conversion with checked str::from_utf8 propagation.
• Updates libsqlite3-sys constraints to >=0.25.1 so cargo audit no longer reports the bundled SQLite CVE.
• Adds small compatibility fixes needed to validate this older fork on the current Rust toolchain.

Vulnerability

• Advisory: GHSA-h5x4-m2qf-r4f2
• Upstream reference: Fix several UB instances and other probematic behaviour diesel-rs/diesel#5042
• Dependabot alerts:
  • https://github.com/warpdotdev/diesel/security/dependabot/1
  • https://github.com/warpdotdev/diesel/security/dependabot/2
  • https://github.com/warpdotdev/diesel/security/dependabot/3
  • https://github.com/warpdotdev/diesel/security/dependabot/4

Dependency details

• Ecosystem: Rust/Cargo
• Package: diesel
• Current vulnerable range: < 2.3.8
• Patched version: 2.3.8
• Relationship from alerts: unknown path dependency references in repo manifests
• Additional audit cleanup: libsqlite3-sys updated from the vulnerable 0.23.x range to >=0.25.1, <0.38.0

Verification

• RUSTFLAGS='--cap-lints allow' cargo check --manifest-path /workspace/diesel/Cargo.toml -p diesel --features sqlite,chrono
• RUSTFLAGS='--cap-lints allow' cargo test --manifest-path /workspace/diesel/Cargo.toml -p diesel --features sqlite,chrono
• (cd /workspace/diesel && cargo audit)

Conversation: https://staging.warp.dev/conversation/9a7fbf37-eb6b-4b99-99ec-dce397f40b98
Run: https://oz.staging.warp.dev/runs/019e3184-22d6-7cd9-a195-410d3c7d142a
This PR was generated with Oz.