pub const DECOMPRESS_BOOTSTRAP_CAPACITY: usize = _; // 1_048_576usizeExpand description
v0.8.6 #89: bootstrap capacity for the decompressed-output Vec so
the Vec::with_capacity(original_size) pre-allocation can no longer
be driven into RSS-OOM by a forged manifest. Small enough (1 MiB)
that even an attacker claiming original_size = u32::MAX only
reserves 1 MiB up front; read_to_end grows the buffer as actual
decompressed bytes arrive (capped at manifest.original_size + 1024
by the existing decompression-bomb guard).
Why not Vec::new() (= 0 capacity)? read_to_end would grow the
buffer via doubling, producing ~20 reallocations + memcpys for a
typical 1 MiB chunk. 1 MiB pre-alloc skips those for the common
small-chunk case while keeping the worst-case adversarial alloc
flat at 1 MiB.