Context
Dependabot opened major Rust dependency updates that should not be merged as routine maintenance:
These upgrades may change APIs, behavior, parser assumptions, cryptographic call patterns, or platform compatibility. Their automated pull requests were closed and retained here as explicit migration work rather than silently ignored.
Required work
Priority
V23.7.27 and the mandatory supply-chain gate are now established on main. Schedule these upgrades individually after the remaining patch-level Dependabot updates have been validated.
Context
Dependabot opened major Rust dependency updates that should not be merged as routine maintenance:
hmac0.12 to 0.13calamine0.26 to 0.35getrandom0.3 to 0.4sha20.10 to 0.11These upgrades may change APIs, behavior, parser assumptions, cryptographic call patterns, or platform compatibility. Their automated pull requests were closed and retained here as explicit migration work rather than silently ignored.
Required work
Priority
V23.7.27 and the mandatory supply-chain gate are now established on
main. Schedule these upgrades individually after the remaining patch-level Dependabot updates have been validated.