chore: fix cargo audit errors and warnings, cargo clippy warnings

[duncanpharvey]

What does this PR do?

• Updates dependencies raised by cargo audit
• Fix cargo clippy warnings

Motivation

cargo audit

Crate:     rustls-webpki
Version:   0.103.10
Title:     Name constraints for URI names were incorrectly accepted
Date:      2026-04-14
ID:        RUSTSEC-2026-0098
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0098
Solution:  Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6
Dependency tree:
rustls-webpki 0.103.10
└── rustls 0.23.37
    ├── tokio-rustls 0.26.4
    │   ├── reqwest 0.12.28
    │   │   ├── dogstatsd 0.1.0
    │   │   │   ├── datadog-serverless-compat 0.1.0
    │   │   │   └── datadog-agent-config 0.1.0
    │   │   ├── datadog-trace-agent 0.1.0
    │   │   │   └── datadog-serverless-compat 0.1.0
    │   │   ├── datadog-serverless-compat 0.1.0
    │   │   ├── datadog-logs-agent 0.1.0
    │   │   │   └── datadog-serverless-compat 0.1.0
    │   │   └── datadog-fips 0.1.0
    │   │       ├── datadog-trace-agent 0.1.0
    │   │       ├── datadog-serverless-compat 0.1.0
    │   │       └── datadog-logs-agent 0.1.0
    │   ├── libdd-common 3.0.1
    │   │   ├── libdd-trace-utils 3.0.0
    │   │   │   ├── libdd-trace-obfuscation 1.0.1
    │   │   │   │   ├── datadog-trace-agent 0.1.0
    │   │   │   │   └── datadog-agent-config 0.1.0
    │   │   │   ├── datadog-trace-agent 0.1.0
    │   │   │   ├── datadog-serverless-compat 0.1.0
    │   │   │   └── datadog-agent-config 0.1.0
    │   │   ├── libdd-trace-obfuscation 1.0.1
    │   │   └── datadog-trace-agent 0.1.0
    │   ├── hyper-rustls 0.27.7
    │   │   ├── reqwest 0.12.28
    │   │   ├── libdd-common 3.0.1
    │   │   └── hyper-http-proxy 1.1.0
    │   │       └── datadog-trace-agent 0.1.0
    │   └── hyper-http-proxy 1.1.0
    ├── reqwest 0.12.28
    ├── quinn-proto 0.11.14
    │   └── quinn 0.11.9
    │       └── reqwest 0.12.28
    ├── quinn 0.11.9
    ├── libdd-common 3.0.1
    ├── hyper-rustls 0.27.7
    └── datadog-fips 0.1.0

Crate:     rustls-webpki
Version:   0.103.10
Title:     Name constraints were accepted for certificates asserting a wildcard name
Date:      2026-04-14
ID:        RUSTSEC-2026-0099
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0099
Solution:  Upgrade to >=0.103.12, <0.104.0-alpha.1 OR >=0.104.0-alpha.6

Crate:     proc-macro-error
Version:   1.0.4
Warning:   unmaintained
Title:     proc-macro-error is unmaintained
Date:      2024-09-01
ID:        RUSTSEC-2024-0370
URL:       https://rustsec.org/advisories/RUSTSEC-2024-0370
Dependency tree:
proc-macro-error 1.0.4
└── duplicate 0.4.1
    └── datadog-trace-agent 0.1.0
        └── datadog-serverless-compat 0.1.0

Crate:     rand
Version:   0.8.5
Warning:   unsound
Title:     Rand is unsound with a custom logger using `rand::rng()`
Date:      2026-04-09
ID:        RUSTSEC-2026-0097
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0097
Dependency tree:
rand 0.8.5
├── libdd-trace-utils 3.0.0
│   ├── libdd-trace-obfuscation 1.0.1
│   │   ├── datadog-trace-agent 0.1.0
│   │   │   └── datadog-serverless-compat 0.1.0
│   │   └── datadog-agent-config 0.1.0
│   ├── datadog-trace-agent 0.1.0
│   ├── datadog-serverless-compat 0.1.0
│   └── datadog-agent-config 0.1.0
├── libdd-trace-utils 2.0.2
│   ├── libdd-trace-stats 1.0.3
│   │   └── libdd-data-pipeline 2.0.1
│   │       └── datadog-opentelemetry 0.3.0
│   │           └── datadog-agent-config 0.1.0
│   ├── libdd-data-pipeline 2.0.1
│   └── datadog-opentelemetry 0.3.0
└── datadog-opentelemetry 0.3.0

Crate:     rand
Version:   0.9.2
Warning:   unsound
Title:     Rand is unsound with a custom logger using `rand::rng()`
Date:      2026-04-09
ID:        RUSTSEC-2026-0097
URL:       https://rustsec.org/advisories/RUSTSEC-2026-0097
Dependency tree:
rand 0.9.2
├── quinn-proto 0.11.14
│   └── quinn 0.11.9
│       └── reqwest 0.12.28
│           ├── dogstatsd 0.1.0
│           │   ├── datadog-serverless-compat 0.1.0
│           │   └── datadog-agent-config 0.1.0
│           ├── datadog-trace-agent 0.1.0
│           │   └── datadog-serverless-compat 0.1.0
│           ├── datadog-serverless-compat 0.1.0
│           ├── datadog-logs-agent 0.1.0
│           │   └── datadog-serverless-compat 0.1.0
│           └── datadog-fips 0.1.0
│               ├── datadog-trace-agent 0.1.0
│               ├── datadog-serverless-compat 0.1.0
│               └── datadog-logs-agent 0.1.0
├── proptest 1.11.0
│   └── dogstatsd 0.1.0
├── opentelemetry_sdk 0.31.0
│   └── datadog-opentelemetry 0.3.0
│       └── datadog-agent-config 0.1.0
└── mockito 1.7.2
    ├── dogstatsd 0.1.0
    └── datadog-logs-agent 0.1.0

error: 2 vulnerabilities found!
warning: 3 allowed warnings found

cargo clippy

warning: unused import: `warn`
  --> crates/datadog-trace-agent/src/mini_agent.rs:14:29
   |
14 | use tracing::{debug, error, warn};
   |                             ^^^^
   |
   = note: `#[warn(unused_imports)]` (part of `#[warn(unused)]`) on by default

warning: this `if` statement can be collapsed
   --> crates/datadog-trace-agent/src/mini_agent.rs:194:17
    |
194 | /                 if let Some(parent) = sentinel.parent() {
195 | |                     if let Err(e) = tokio::fs::create_dir_all(parent).await {
196 | |                         error!(
197 | |                             "Could not create parent directory for Lambda Lite sentinel \
...   |
202 | |                 }
    | |_________________^
    |
    = help: for further information visit https://rust-lang.github.io/rust-clippy/rust-1.91.0/index.html#collapsible_if
    = note: `#[warn(clippy::collapsible_if)]` on by default
help: collapse nested if block
    |
194 ~                 if let Some(parent) = sentinel.parent()
195 ~                     && let Err(e) = tokio::fs::create_dir_all(parent).await {
196 |                         error!(
...
200 |                         );
201 ~                     }
    |

warning: `datadog-trace-agent` (lib) generated 2 warnings (run `cargo clippy --fix --lib -p datadog-trace-agent` to apply 2 suggestions)

Additional Notes

Describe how to test/QA your changes

Unit and integration tests

[Copilot]

Pull request overview

Updates Rust dependencies and applies small code cleanups to address cargo audit findings and cargo clippy warnings in the datadog-trace-agent crate.

Changes:

• Bumped rustls-webpki (via lockfile) to a patched version and refreshed the lockfile.
• Updated the duplicate dev-dependency to avoid proc-macro-error and refreshed 3rd-party license entries.
• Fixed clippy warnings in mini_agent.rs (unused import, collapsible if).

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.

File	Description
crates/datadog-trace-agent/src/mini_agent.rs	Removes unused warn import and collapses nested if when creating the Lambda Lite sentinel directory.
crates/datadog-trace-agent/Cargo.toml	Updates duplicate dev-dependency version.
LICENSE-3rdparty.csv	Removes obsolete/duplicate license entries aligned with the updated dependency set.
Cargo.lock	Updates locked dependency graph to pull in patched/unmaintained replacements (incl. rustls-webpki), and removes proc-macro-error.

[Copilot]

The // SAFETY: note here is misleading: this block contains no unsafe, and the code now explicitly handles the None case via if let Some(parent) = .... Consider changing the comment to a non-"SAFETY" phrasing (e.g., // NOTE:) and/or making the code match the claim by using expect/unwrap with a clear message if .parent() is ever None.

Suggested change

	// SAFETY: LAMBDA_LITE_SENTINEL_PATH is a hard-coded absolute path,
	// so .parent() always returns Some.
	// NOTE: LAMBDA_LITE_SENTINEL_PATH is expected to be a hard-coded
	// absolute path; use `if let Some(...)` here to handle the parent
	// directory defensively.