Fixed
- Supply-chain hygiene (closes #1144). Removed stale
cargo auditignores for advisories whose crates are no longer inCargo.lock, realigned the audit andcargo-denyadvisory policies withdocs/RUSTSEC-ADVISORIES.md, and moved agnix's direct YAML/frontmatter parser dependency to the maintainedserde_norwayfork while keeping the internalserde_yamlcrate alias stable. Added regression coverage so the advisory lists and YAML parser package cannot drift silently. - Docs website deployment payload. Reduced the GitHub Pages deploy window from six to three docs versions while keeping all versioned snapshots in the repository, so release docs publish with a smaller Pages artifact and avoid repeated
syncing_filesdeployment failures. - Security: MCP path confinement and panic hardening. The MCP
validate_fileandvalidate_projecttools now reject client-supplied paths that canonicalize outside the server working directory. Completion helpers clamp raw byte offsets to UTF-8 character boundaries before slicing, project validation converts per-file validator panics into diagnostics, and release builds keep unwinding enabled so one bad file cannot abort an entire scan. - Release download integrity and publish gating. The GitHub Action installer, VS Code extension, JetBrains plugin, and Zed extension now verify release SHA-256 sidecars before using downloaded
agnix/agnix-lspartifacts. Release tags now run fmt, clippy, and workspace tests before GitHub releases, crates.io publish, or VS Code Marketplace publish can proceed.