Bump roaring from 0.10.3 to 0.10.4 (#3142)

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [roaring](https://github.com/RoaringBitmap/roaring-rs) from 0.10.3
to 0.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/RoaringBitmap/roaring-rs/releases">roaring's
releases</a>.</em></p>
<blockquote>
<h2>v0.10.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix potential overflow in deserialization of Bitmap by <a
href="https://github.com/kirk-baird"><code>@​kirk-baird</code></a> in <a
href="https://redirect.github.com/RoaringBitmap/roaring-rs/pull/271">RoaringBitmap/roaring-rs#271</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/kirk-baird"><code>@​kirk-baird</code></a> made
their first contribution in <a
href="https://redirect.github.com/RoaringBitmap/roaring-rs/pull/271">RoaringBitmap/roaring-rs#271</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/RoaringBitmap/roaring-rs/compare/v0.10.3...v0.10.4">https://github.com/RoaringBitmap/roaring-rs/compare/v0.10.3...v0.10.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/3fa2e731dc773b6ce92968f50ee75cad80f546e5"><code>3fa2e73</code></a>
Merge pull request <a
href="https://redirect.github.com/RoaringBitmap/roaring-rs/issues/272">#272</a>
from RoaringBitmap/bump-version</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/706e2752a4aa0ce320dfd3297296e04dfd7adef1"><code>706e275</code></a>
Bump roaring to v0.10.4</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/79c031d66352df95a952e190dcbd0b9715a2c3e0"><code>79c031d</code></a>
Merge pull request <a
href="https://redirect.github.com/RoaringBitmap/roaring-rs/issues/271">#271</a>
from kirk-baird/bitmap-deser-overflow</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/bf0cb5a4de146faf9ea6914fcbddd83bc5234b6a"><code>bf0cb5a</code></a>
Resolve nightly clippy lints</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/49f0e9d144cd68610ae80c44a24dd55edc2bd553"><code>49f0e9d</code></a>
Resolve clippy lints</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/0454dbb5f58578eb991a40e7d52d702d4a9b8c60"><code>0454dbb</code></a>
Remove one more unused import</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/e9e066ae3cda09f11dbd5c021746921b3525d731"><code>e9e066a</code></a>
Fix compiler warnings on beta</li>
<li><a
href="https://github.com/RoaringBitmap/roaring-rs/commit/47eba81232cb9bf9289ce632a36d013cd41bc3f6"><code>47eba81</code></a>
Fix potential overflow in deserialization of Bitmap</li>
<li>See full diff in <a
href="https://github.com/RoaringBitmap/roaring-rs/compare/v0.10.3...v0.10.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=roaring&package-manager=cargo&previous-version=0.10.3&new-version=0.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

src/core/Cargo.toml

@@ -53,7 +53,7 @@ piz = "0.5.0"
 primal-check = "0.3.1"
 rayon = { version = "1.10.0", optional = true }
 rkyv = { version = "0.7.44", optional = true }
-roaring = "0.10.3"
+roaring = "0.10.4"
 roots = "0.0.8"
 serde = { version = "1.0.200", features = ["derive"] }
 serde_json = "1.0.116"