chore(deps): bump rust nightly to 2026-01-01 (#92)

storopoli · web-flow · commit 4086265c5dad · 2026-01-02T09:43:05.000-03:00
* chore(deps): bump rust nightly to 2026-01-01

* chore(deps): update ruint because of RUSTSEC

* ci: add rustsec cargo-audit workflow
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -0,0 +1,41 @@
+name: Security
+
+on:
+  pull_request:
+  merge_group:
+  push:
+    branches: [main]
+
+env:
+  CARGO_TERM_COLOR: always
+
+permissions: {}
+
+jobs:
+  supply-chain:
+    name: Run `cargo-audit`
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+        with:
+          persist-credentials: false
+
+      - name: Install Rust toolchain
+        uses: dtolnay/rust-toolchain@22a6a5b0f9f487c5f5587025ae9d4a1caf2a8a78 # clippy
+
+      - name: Rust cache
+        uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2
+        with:
+          cache-on-failure: true
+
+      - name: Install latest cargo-audit from source
+        run: cargo install cargo-audit --force --locked
+
+      - name: Check for audit warnings
+        run: cargo audit -D warnings
+        continue-on-error: true
+
+      - name: Check for vulnerabilities
+        run: cargo audit
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
@@ -1,5 +1,5 @@
 [toolchain]
-channel = "nightly-2025-12-01"
+channel = "nightly-2026-01-01"
 components = [
   "cargo",
   "clippy",
