Report vulnerabilities via GitHub Security Advisories for this repository.

• cargo audit in CI
• Dependabot updates for Cargo and GitHub Actions
• PR dependency review (actions/dependency-review-action)
• dependency graph submission workflow (cargo-lock-submission)

• no outbound telemetry
• no outbound analytics upload; local stats stay local