Skip to content

fix(compliance): bump deps with security advisories and backport entitlement fix#8980

Merged
abernix merged 2 commits intodev-v2.10.xfrom
fix/dev-v2.10.x-compliance
Mar 6, 2026
Merged

fix(compliance): bump deps with security advisories and backport entitlement fix#8980
abernix merged 2 commits intodev-v2.10.xfrom
fix/dev-v2.10.x-compliance

Conversation

@abernix
Copy link
Member

@abernix abernix commented Mar 6, 2026

  • bytes 1.11.0 -> 1.11.1 (RUSTSEC-2026-0007: integer overflow in BytesMut::reserve)
  • lru 0.16.2 -> 0.16.3 (RUSTSEC-2026-0002: IterMut soundness issue)
  • time 0.3.44 -> 0.3.47 (RUSTSEC-2026-0009: DoS via stack exhaustion in RFC 2822 parser)
  • Remove obsolete advisory exemptions (RUSTSEC-2024-0376, RUSTSEC-2024-0421) from deny.toml
  • Bump cargo-deny to 0.19.0, cargo-binstall to 1.16.3, helm to 3.19.4

Also includes #8768

abernix and others added 2 commits March 6, 2026 11:54
@abernix
fix(compliance): bump bytes, lru, and time to address security adviso…
37538cd 
…ries

- bytes 1.11.0 -> 1.11.1 (RUSTSEC-2026-0007: integer overflow in BytesMut::reserve)
- lru 0.16.2 -> 0.16.3 (RUSTSEC-2026-0002: IterMut soundness issue)
- time 0.3.44 -> 0.3.47 (RUSTSEC-2026-0009: DoS via stack exhaustion in RFC 2822 parser)
- Remove obsolete advisory exemptions (RUSTSEC-2024-0376, RUSTSEC-2024-0421) from deny.toml
- Bump cargo-deny to 0.19.0, cargo-binstall to 1.16.3, helm to 3.19.4
@aaronArinder @abernix
[THIS UNBLOCKS DEV] fix(allowed features): int test, log, erroring (#…
af30b0a 
…8768)
@abernix abernix requested a review from a team as a code owner March 6, 2026 15:59
@apollo-librarian
Copy link

apollo-librarian bot commented Mar 6, 2026
edited
Loading

✅ Docs preview ready

The preview is ready to be viewed. View the preview

File Changes

1 new, 55 changed, 5 removed 
+ graphos/routing/(latest)/customization/coprocessor.mdx
* graphos/routing/(latest)/about-v2.mdx
* graphos/routing/(latest)/errors.mdx
* graphos/routing/(latest)/license.mdx
* graphos/routing/(latest)/uplink.mdx
* graphos/routing/(latest)/cloud/aws-migration.mdx
* graphos/routing/(latest)/cloud/configuration.mdx
* graphos/routing/(latest)/cloud/custom-domains.mdx
* graphos/routing/(latest)/cloud/dedicated-quickstart.mdx
* graphos/routing/(latest)/cloud/dedicated.mdx
* graphos/routing/(latest)/cloud/index.mdx
* graphos/routing/(latest)/cloud/lattice-configuration.mdx
* graphos/routing/(latest)/cloud/lattice-management.mdx
* graphos/routing/(latest)/cloud/lattice-troubleshooting.mdx
* graphos/routing/(latest)/cloud/migrate-to-dedicated.mdx
* graphos/routing/(latest)/cloud/secure-subgraphs.mdx
* graphos/routing/(latest)/cloud/serverless.mdx
* graphos/routing/(latest)/cloud/subscriptions.mdx
* graphos/routing/(latest)/cloud/throughput-guide.mdx
* graphos/routing/(latest)/configuration/cli.mdx
* graphos/routing/(latest)/configuration/envvars.mdx
* graphos/routing/(latest)/configuration/overview.mdx
* graphos/routing/(latest)/configuration/yaml.mdx
* graphos/routing/(latest)/customization/native-plugins.mdx
* graphos/routing/(latest)/customization/coprocessor/index.mdx
* graphos/routing/(latest)/customization/coprocessor/reference.mdx
* graphos/routing/(latest)/customization/rhai/reference.mdx
* graphos/routing/(latest)/observability/router-telemetry-otel/apm-guides/datadog/router-instrumentation.mdx
* graphos/routing/(latest)/observability/router-telemetry-otel/enabling-telemetry/selectors.mdx
* graphos/routing/(latest)/observability/router-telemetry-otel/enabling-telemetry/spans.mdx
* graphos/routing/(latest)/observability/router-telemetry-otel/enabling-telemetry/standard-instruments.mdx
* graphos/routing/(latest)/observability/router-telemetry-otel/telemetry-pipelines/metrics-exporters/overview.mdx
* graphos/routing/(latest)/operations/subscriptions/api-gateway.mdx
* graphos/routing/(latest)/operations/subscriptions/configuration.mdx
* graphos/routing/(latest)/operations/subscriptions/overview.mdx
* graphos/routing/(latest)/performance/traffic-shaping.mdx
* graphos/routing/(latest)/performance/caching/response-caching/faq.mdx
* graphos/routing/(latest)/performance/caching/response-caching/invalidation.mdx
* graphos/routing/(latest)/performance/caching/response-caching/observability.mdx
* graphos/routing/(latest)/performance/caching/response-caching/quickstart.mdx
* graphos/routing/(latest)/query-planning/caching.mdx
* graphos/routing/(latest)/security/demand-control.mdx
* graphos/routing/(latest)/security/index.mdx
* graphos/routing/(latest)/security/jwt.mdx
* graphos/routing/(latest)/security/persisted-queries.mdx
* graphos/routing/(latest)/security/router-authentication.mdx
* graphos/routing/(latest)/self-hosted/index.mdx
* graphos/routing/(latest)/self-hosted/containerization/aws.mdx
* graphos/routing/(latest)/self-hosted/containerization/azure.mdx
* graphos/routing/(latest)/self-hosted/containerization/docker-router-only.mdx
* graphos/routing/(latest)/self-hosted/containerization/docker.mdx
* graphos/routing/(latest)/self-hosted/containerization/gcp.mdx
* graphos/routing/(latest)/self-hosted/containerization/index.mdx
* graphos/routing/(latest)/self-hosted/containerization/kubernetes/quickstart.mdx
* graphos/routing/(latest)/upgrade/from-router-v1.mdx
* graphos/routing/(latest)/_sidebar.yaml
- graphos/routing/(latest)/cloud/migrate-to-self-hosted.mdx
- graphos/routing/(latest)/configuration/hot-reload-schema.mdx
- graphos/routing/(latest)/configuration/schema-file.mdx
- graphos/routing/(latest)/performance/circuit-breaking.mdx
- graphos/routing/(latest)/self-hosted/containerization/proxy-certificates.mdx

Build ID: 513d01ee1c43d206feeb0166
Build Logs: View logs

URL: https://www.apollographql.com/docs/deploy-preview/513d01ee1c43d206feeb0166

✅ AI Style Review — No Changes Detected

No MDX files were changed in this pull request.

Review Log: View detailed log

This review is AI-generated. Please use common sense when accepting these suggestions, as they may not always be accurate or appropriate for your specific context.

@abernix abernix requested a review from aaronArinder March 6, 2026 15:59
@abernix abernix enabled auto-merge March 6, 2026 16:00
@abernix abernix disabled auto-merge March 6, 2026 18:34
@abernix abernix merged commit c7928a2 into dev-v2.10.x Mar 6, 2026
14 checks passed
@abernix abernix deleted the fix/dev-v2.10.x-compliance branch March 6, 2026 18:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aaronArinder aaronArinder aaronArinder approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@abernix @aaronArinder