chore: update time dependency

[shane-moore]

Issue Addressed

Fixes RUSTSEC-2026-0009 (Denial of Service via Stack Exhaustion in time crate, severity 6.8 medium)

Proposed Changes

Update transitive dependency time from 0.3.44 to 0.3.47

Additional Info

N/A

[claude-code-actions-sigp]

Claude finished @shane-moore's task in 1m 32s —— View job

---

Code Review Complete ✓

Summary

This PR successfully addresses RUSTSEC-2026-0009 by updating the time crate from 0.3.44 to 0.3.47. The changes are minimal, focused, and appropriate for a security patch.

Review Details

Security Fix - Approved ✓

• The update addresses RUSTSEC-2026-0009 (Denial of Service via Stack Exhaustion in time crate, severity 6.8 medium)
• Updated from vulnerable version 0.3.44 to patched version 0.3.47
• This is a transitive dependency update (no direct code changes required)

Changes Reviewed
The Cargo.lock update includes:

• time: 0.3.44 → 0.3.47
• time-core: 0.1.6 → 0.1.8
• time-macros: 0.2.24 → 0.2.27
• num-conv: 0.1.0 → 0.2.0 (dependency of time)

All changes are expected and appropriate for this security update. The dependency chain is consistent.

PR Conventions - Compliant ✓

• Title follows Conventional Commits format (chore: update time dependency)
• PR description follows the template in .github/PULL_REQUEST_TEMPLATE.md
• Issue addressed is clearly stated
• Changes are concisely described
• Targets the correct base branch (unstable)

CI Status

• Pull Request checks: ✓ Passed
• Test suite: ⏳ In progress
• Local testnet: ⏳ In progress

Recommendations

Minor: Consider running make audit locally after merging to confirm no other advisories remain. According to CLAUDE.md, this should be done when dependencies change.

Conclusion

This is a straightforward security patch that correctly addresses the vulnerability. The changes are minimal and appropriate. No issues found.

Status: Approved for merge once CI completes.

---

[diegomrsantos]

Thanks!