chore: bump EmbarkStudios/cargo-deny-action from 2 to 2.0.17

[dependabot]

Bumps EmbarkStudios/cargo-deny-action from 2 to 2.0.17.

Release notes

Sourced from EmbarkStudios/cargo-deny-action's releases.

v2.0.11

[0.18.2] - 2025-03-10

Added

• PR#753 resolved #752 by adding back the advisories.unmaintained config option. See the docs for how it can be used. The default matches the current behavior, which is to error on any unmaintained advisory, but adding unmaintained = "workspace" to the [advisories] table will mean unmaintained advisories will only error if the crate is a direct dependency of your workspace.

[0.18.1] - 2025-02-27

Fixed

• PR#749 updated krates to pull in the fix for EmbarkStudios/krates#100.

v2.0.10

• PR#96 resolved #94 by switching to the directory the manifest path is located in and doing rustup toolchain install if rustup show failed due to any reason

v2.0.8

• PR#93 pins to a hash instead of tag, avoiding future breakage from eg. rustup changes.

Commits

• d425dbf Update .gitignore
• 53bface Update image base
• 3f8dc3e Add ability to fetch git dependecies in cargo via ssh (#78)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.50%. Comparing base (4405bb2) to head (9df1dea).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #71   +/-   ##
=======================================
  Coverage   97.50%   97.50%           
=======================================
  Files           9        9           
  Lines         480      480           
=======================================
  Hits          468      468           
  Misses         12       12           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[codspeed-hq]

Merging this PR will improve performance by 21.01%

⚠️ Different runtime environments detected

Some benchmarks with significant performance changes were compared across different runtime environments,
which may affect the accuracy of the results.

Open the report in CodSpeed to investigate

⚡ 1 improved benchmark
✅ 1 untouched benchmark

Performance Changes

	Benchmark	BASE	HEAD	Efficiency
⚡	parse sample C2PA Manifest Store	339.2 ns	280.3 ns	+21.01%

Tip

Curious why this is faster? Comment @codspeedbot explain why this is faster on this PR, or directly use the CodSpeed MCP with your agent.

---

_{Comparing dependabot/github_actions/EmbarkStudios/cargo-deny-action-2.0.17 (9df1dea) with main (4405bb2)}