Commit 81c81fe
committed
security: upgrade rustls-webpki to fix RUSTSEC-2026-0049 (CRL validation bypass)
Cherry-picked from PR #353. Adds rustls 0.23+ and rustls-webpki 0.103.10+
as direct workspace dependencies to force resolution, plus tokio-tungstenite
and rustls-webpki git patches for transitive dep override.
Kept serenity at crates.io version (0.12) -- the 'next' branch has breaking
API changes that need a separate migration. The serenity/tinyclaw discord.rs
fixes were deferred.
Includes security audit report (2026-04-05).
Removed RUSTSEC-2026-0049 from deny.toml ignore list.
Refs #3531 parent 7aa0c64 commit 81c81fe
4 files changed
Lines changed: 774 additions & 281 deletions
0 commit comments