release: v1.1.3 — security hardening, edition 2024, dependency updates · a92fb2b6ed - apunkt/vestige - bitfreedom.net: free all bits, everywhere

mirror of https://github.com/samvallad33/vestige.git synced 2026-04-25 00:36:22 +02:00

release: v1.1.3 — security hardening, edition 2024, dependency updates

Security:
- Fix RUSTSEC-2026-0007 (bytes integer overflow)
- Restrict SQLite database file permissions to 0600 on Unix
- Add 100KB size limit to intention descriptions (DoS prevention)
- Redact JSON-RPC payloads from debug logs (data leakage prevention)
- Update SECURITY.md with encryption docs and supported versions

Modernization:
- Upgrade Rust edition 2021 → 2024, MSRV 1.75 → 1.85
- Upgrade actions/checkout@v4 → v5, codecov/codecov-action@v3 → v5
- Update all dependencies to latest compatible versions
- Fix edition 2024 match ergonomics in compression.rs

Clippy fixes:
- Rename from_str → parse_name to avoid shadowing FromStr trait
- Replace .max().min() with .clamp()
- Replace sort_by with sort_by_key

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

This commit is contained in:

Sam Valladares

2026-02-12 03:19:07 -06:00

parent 6a5c3771fb

commit a92fb2b6ed

18 changed files with 332 additions and 118 deletions

									
										2

tests/e2e/Cargo.toml
									
										View file
										
				@ -1,7 +1,7 @@

				[package]

				name = "vestige-e2e-tests"

				version = "0.1.0"

				edition = "2021"

				edition = "2024"

				publish = false

				[dependencies]

Rows
Columns

release: v1.1.3 — security hardening, edition 2024, dependency updates

2 tests/e2e/Cargo.toml Unescape Escape View file

2

tests/e2e/Cargo.toml

View file