From 0803cbdc5f319a1b7f7abf0de07f918153dad6ae Mon Sep 17 00:00:00 2001
From: jadamcrain <jadamcrain@gmail.com>
Date: Sat, 7 Feb 2026 08:37:39 -0800
Subject: [PATCH] update bytes to 1.11.1 and cargo-audit to 0.22.1

- bytes 1.10.1 -> 1.11.1 resolves CVE-2026-25541 (integer overflow in BytesMut::reserve)
- cargo-audit 0.22.0 -> 0.22.1 fixes CVSS v4.0 advisory parsing
---
 .github/workflows/security-audit.yml | 2 +-
 Cargo.lock                           | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
index 617626c9..3c4e5de4 100644
--- a/.github/workflows/security-audit.yml
+++ b/.github/workflows/security-audit.yml
@@ -34,7 +34,7 @@ jobs:
         uses: cargo-bins/cargo-binstall@main
 
       - name: Install cargo-audit binary (fast)
-        run: cargo binstall cargo-audit@0.22.0 --no-confirm
+        run: cargo binstall cargo-audit@0.22.1 --no-confirm
 
       - name: Run security audit
         id: audit
diff --git a/Cargo.lock b/Cargo.lock
index c2c41c9d..edf36c09 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -216,9 +216,9 @@ checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43"
 
 [[package]]
 name = "bytes"
-version = "1.10.1"
+version = "1.11.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d71b6127be86fdcfddb610f7182ac57211d4b18a3e9c82eb2d17662f2227ad6a"
+checksum = "1e748733b7cbc798e1434b6ac524f0c1ff2ab456fe201501e6497c8417a4fc33"
 
 [[package]]
 name = "cbc"