chore(deps): bump rustls from 0.23.40 to 0.23.41#19
Open
dependabot[bot] wants to merge 5 commits into
Open
Conversation
added 2 commits
June 28, 2026 12:54
- Shared: RunCommandResponse fields for truncated/timed_out/duration_ms - Agent: bounded capture with PGID tracking and output limit - Server: RunCommand-based API exec with output collection
bump server: sanitize command string before writing to audit log. Strip control characters, truncate to 512 chars to prevent log injection.
Require explicit trusted-proxy configuration, remove the example administrator login, and build the Kubernetes agent from the committed workspace lock. Helm now refuses implicit default service accounts and drops unused ConfigMap privileges. Update component pointers and prune vulnerable or unmaintained dependency paths.
fd868fd to
ee4d55e
Compare
Use the default GitHub token for public recursive submodules so Dependabot pull requests can run without repository secrets. Include the server workspace member in the Kubernetes agent image checkout and trigger paths because its manifest is required by the hardened Docker build.
Bumps [rustls](https://github.com/rustls/rustls) from 0.23.40 to 0.23.41. - [Release notes](https://github.com/rustls/rustls/releases) - [Changelog](https://github.com/rustls/rustls/blob/main/CHANGELOG.md) - [Commits](rustls/rustls@v/0.23.40...v/0.23.41) --- updated-dependencies: - dependency-name: rustls dependency-version: 0.23.41 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
ee4d55e to
b268964
Compare
5c59612 to
ef35864
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps rustls from 0.23.40 to 0.23.41.
Commits
642a103ci: drop Taplo job752c144Drop nightly clippy tests8d8611aFix newclippy::useless-borrows-in-formattingebf3297Fix newclippy::manual_clear46808e7ci: sync cargo-check-external-types nightly041a8d2Cargo deny: allow RUSTSEC-2026-017362e220eTake semver-compatible dependency updates3c14696Upgrade to hickory-resolver 0.26848a2ccconnect-tests: delete ech.rs5ce9cacBump version to 0.23.41