sharang/compliance-scanner-agent
1
0
Fork 0
Code Issues 51 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

fix: resolve cargo audit failures by updating tantivy, scraper, quinn-proto #9

Merged
sharang merged 1 commits from fix/cargo-audit-deps into main 2026-03-10 14:05:25 +00:00
Conversation 0 Commits 1 Files Changed 3 +140 -136
sharang commented 2026-03-10 13:09:25 +00:00
Owner
Copy Link

Summary

  • Bump tantivy 0.22 → 0.25 (removes instant RUSTSEC-2024-0384)
  • Bump scraper 0.22 → 0.25 (resolves scraper advisory)
  • Update quinn-proto 0.11.13 → 0.11.14 (fixes RUSTSEC-2026-0037 DoS)
  • Remaining warning: lru 0.12.5 (RUSTSEC-2026-0002) pinned by tantivy, not blocking

Test plan

  • CI cargo audit passes
  • Clippy passes
  • All existing functionality unchanged (no API changes)

🤖 Generated with Claude Code

## Summary - Bump `tantivy` 0.22 → 0.25 (removes `instant` RUSTSEC-2024-0384) - Bump `scraper` 0.22 → 0.25 (resolves scraper advisory) - Update `quinn-proto` 0.11.13 → 0.11.14 (fixes RUSTSEC-2026-0037 DoS) - Remaining warning: `lru 0.12.5` (RUSTSEC-2026-0002) pinned by tantivy, not blocking ## Test plan - [ ] CI cargo audit passes - [ ] Clippy passes - [ ] All existing functionality unchanged (no API changes) 🤖 Generated with [Claude Code](https://claude.com/claude-code)
sharang added 1 commit 2026-03-10 13:09:25 +00:00
fix: update tantivy 0.22→0.25, scraper 0.22→0.25, quinn-proto→0.11.14
All checks were successful
CI / Format (push) Successful in 4s
Details
CI / Clippy (push) Successful in 4m26s
Details
CI / Tests (push) Has been skipped
Details
CI / Security Audit (push) Has been skipped
Details
CI / Format (pull_request) Successful in 3s
Details
CI / Clippy (pull_request) Successful in 4m33s
Details
CI / Security Audit (pull_request) Has been skipped
Details
CI / Tests (pull_request) Has been skipped
Details
CI / Detect Changes (push) Has been skipped
Details
CI / Detect Changes (pull_request) Has been skipped
Details
CI / Deploy Agent (push) Has been skipped
Details
CI / Deploy Dashboard (push) Has been skipped
Details
CI / Deploy Docs (push) Has been skipped
Details
CI / Deploy MCP (push) Has been skipped
Details
CI / Deploy Agent (pull_request) Has been skipped
Details
CI / Deploy Dashboard (pull_request) Has been skipped
Details
CI / Deploy Docs (pull_request) Has been skipped
Details
CI / Deploy MCP (pull_request) Has been skipped
Details
5a47dd588d 
Resolves cargo audit failures:
- RUSTSEC-2024-0384 (instant, unmaintained) — removed by tantivy upgrade
- RUSTSEC-2026-0037 (quinn-proto, DoS) — fixed by cargo update
- scraper advisory — resolved by version bump

Remaining warning: lru 0.12.5 (RUSTSEC-2026-0002) pinned by tantivy,
not a blocking error.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
sharang merged commit 4361e67703 into main 2026-03-10 14:05:25 +00:00
sharang deleted branch fix/cargo-audit-deps 2026-03-10 14:05:25 +00:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
Clear labels
bug
critical
enhancement
high
infrastructure
performance
security
v0.3.0
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
sharang
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: sharang/compliance-scanner-agent#9
Delete Branch "fix/cargo-audit-deps"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?