From 23c37374450a84015f34ecfd9c0251d05de82783 Mon Sep 17 00:00:00 2001
From: chengwenxi <22697326+chengwenxi@users.noreply.github.com>
Date: Mon, 16 Mar 2026 11:49:52 +0800
Subject: [PATCH 1/2] fix(deps): bump tracing-subscriber to 0.3.20 to fix ANSI
 log poisoning

Upgrades tracing-subscriber from 0.3.19 to 0.3.20 to address a
vulnerability where user input logged via tracing could poison logs
with ANSI escape sequences.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cargo.toml b/Cargo.toml
index edac750..ddd9497 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -174,7 +174,7 @@ tokio = { version = "1.45.1", features = ["full"] }
 tokio-stream = "0.1.17"
 tokio-util = "0.7.16"
 tracing = "0.1.41"
-tracing-subscriber = "0.3.19"
+tracing-subscriber = "0.3.20"
 criterion = "0.7.0"
 test-case = "3"
 pyroscope = "0.5.8"

From 7cdb6a0611409df5b145970ca0be7e5adb40c669 Mon Sep 17 00:00:00 2001
From: chengwenxi <22697326+chengwenxi@users.noreply.github.com>
Date: Mon, 16 Mar 2026 11:59:02 +0800
Subject: [PATCH 2/2] fix(deps): bump tracing-subscriber minimum to 0.3.22 to
 match lockfile

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 Cargo.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Cargo.toml b/Cargo.toml
index ddd9497..c44c5b2 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -174,7 +174,7 @@ tokio = { version = "1.45.1", features = ["full"] }
 tokio-stream = "0.1.17"
 tokio-util = "0.7.16"
 tracing = "0.1.41"
-tracing-subscriber = "0.3.20"
+tracing-subscriber = "0.3.22"
 criterion = "0.7.0"
 test-case = "3"
 pyroscope = "0.5.8"