Commit eb0e5f2
fix: bump vulnerable transitive deps in Cargo.lock (#1630)
Resolves Dependabot alerts:
- actix-http 3.11.2 -> 3.12.1 (GHSA-xhj4-vrgc-hr34, CL.TE smuggling)
- rustls-webpki 0.103.10 -> 0.103.13 (GHSA-82j2-j2ch-gfr8, GHSA-xgp8-3hg3-c2mh, GHSA-965h-392x-2mh5)
- rand 0.8.5 -> 0.8.6 and rand 0.9.2 -> 0.9.4 (GHSA-cq8v-f236-94qc)
Cargo.lock-only change; no Cargo.toml edits needed since all bumps fit
existing semver caret ranges. Verified with `cargo check --release`.
Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent bd31b0d commit eb0e5f2
1 file changed
Lines changed: 299 additions & 45 deletions
0 commit comments