Upgrade tonic TLS stack

[hbisheng]

Upgrade tonic from 0.10 to 0.12 while keeping TLS enabled.

tonic 0.10's tls feature pulls in the older rustls 0.21 / rustls-webpki 0.101 TLS stack, which is affected by RustSec advisories such as RUSTSEC-2026-0098, RUSTSEC-2026-0099, and RUSTSEC-2026-0104.

tonic 0.12 keeps the existing tls feature API but moves TLS to tokio-rustls 0.26 / rustls 0.23, which uses patched rustls-webpki versions. This keeps TLS support working while removing the vulnerable old TLS dependency path.

Summary by CodeRabbit

• Chores
  • Updated core framework dependencies to their latest stable versions. These updates deliver important bug fixes, security patches, and performance optimizations from upstream libraries. The enhancements improve application stability, ensure better compatibility with modern production environments, and strengthen overall system reliability.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: a4e5f307-1496-4136-9568-3715bdce2ad8

📥 Commits

Reviewing files that changed from the base of the PR and between 158a395 and 5479654.

📒 Files selected for processing (1)

• Cargo.toml

🚧 Files skipped from review as they are similar to previous changes (1)

• Cargo.toml

---

📝 Walkthrough

Walkthrough

Cargo.toml is updated to bump prost from 0.12 to 0.13 and tonic from 0.10 to 0.12, with the existing tls and gzip feature flags on tonic retained unchanged.

Changes

Dependency Version Bumps

Layer / File(s)	Summary
prost and tonic version updates Cargo.toml	prost bumped from 0.12 to 0.13; tonic bumped from 0.10 to 0.12 with tls and gzip features retained.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐇 Hop, hop, a version leap today,
prost jumps to thirteen on its way,
tonic follows, twelve it claims,
features kept, no breaking chains,
the bunny cheers with joyful play! 🎉

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'Upgrade tonic TLS stack' accurately reflects the main change in the PR—upgrading tonic from 0.10 to 0.12 to address TLS stack vulnerabilities.
Docstring Coverage	✅ Passed	Docstring coverage is 100.00% which is sufficient. The required threshold is 80.00%.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ti-chi-bot]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: coocood, LykxSassinator

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [LykxSassinator,coocood]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[ti-chi-bot]

[LGTM Timeline notifier]

Timeline:

• 2026-06-18 23:35:40.54373899 +0000 UTC m=+1694241.614056380: ☑️ agreed by coocood.
• 2026-06-22 02:52:14.705319003 +0000 UTC m=+1965235.775636393: ☑️ agreed by LykxSassinator.