fix: rustsec-2023-0089 atomic polyfill is unmaintained

.gitignore

@@ -127,3 +127,7 @@ megalinter-reports/
 !bin/
 # Added by goreleaser init:
 .intentionally-empty-file.o
+
+# Local Claude configuration
+.claude.local.md
+.claude/*.local.md

AGENTS.md

@@ -31,6 +31,11 @@ cargo clippy --workspace -- -D warnings
 NO_COLOR=1 TERM=dumb cargo test --workspace  # Stable output
 cargo bench                                   # Criterion benchmarks
 cargo llvm-cov --all-features --workspace --lcov --output-path lcov.info
+
+# GitHub CI monitoring
+gh run list --branch <branch> --limit 5       # Check CI status
+gh run view <run-id> --log-failed             # View failed job logs
+gh run view <run-id> --json status,jobs       # JSON status check
 ```
 
 Commit style: [.github/commit-instructions.md](.github/commit-instructions.md)
@@ -154,6 +159,7 @@ flowchart LR
 - **Linting**: `cargo clippy -- -D warnings` (zero warnings)
 - **Safety**: `unsafe_code = "forbid"` at workspace level
 - **Formatting**: `rustfmt` with 119 char line length
+- **Rustdoc**: Escape brackets in paths like `/proc/\[pid\]/stat` to avoid broken link warnings
 - **Errors**: `thiserror` for structured errors, `anyhow` for context
 - **Async**: Async-first with Tokio
 - **Logging**: Structured with `tracing`

deny.toml

@@ -96,6 +96,13 @@ ignore = [
     # This is an unmaintained advisory, not a security vulnerability.
     # TODO: Consider migrating to postcard or bitcode when time permits.
     "RUSTSEC-2025-0141",
+
+    # atomic-polyfill: Unmaintained but pulled in by postcard 1.1.3 → heapless 0.7.17.
+    # Not a security vulnerability, just unmaintained. Upstream postcard has merged
+    # heapless 0.9 support (PR #269) but no 1.x release yet.
+    # TODO: Remove when postcard 1.2+ releases with heapless 0.9 (uses portable-atomic).
+    # Tracking: https://github.com/jamesmunns/postcard/issues/223
+    "RUSTSEC-2023-0089",
 ]
 
 [sources]