release: fix rustls-webpki audit blocker#81
Conversation
Resolves RUSTSEC-2026-0098 and RUSTSEC-2026-0099 flagged against the reqwest / rustls-platform-verifier / rustls chain. Lockfile-only change; cargo audit now exits clean.
|
Important Review skippedReview was skipped due to path filters ⛔ Files ignored due to path filters (1)
CodeRabbit blocks several paths by default. You can override this behavior by explicitly including those paths in the path filters. For example, including ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Summary
rustls-webpkifrom 0.103.11 to 0.103.12 viacargo update -p rustls-webpki.reqwest/rustls-platform-verifier/rustlschain.Verification
cargo tree -i rustls-webpki— confirmed single path throughrustls v0.23.38.cargo audit— exit 0 (previously red on the two advisories above).cargo check --workspace— clean, 12 crates compiled.Test plan
cargo check --workspacegreen in CIThis is PR 1 in the release-hardening sprint (audit → nextest → fuzz → package-truth → rehearsal → publish).