fix(ci): Fix docs.rs build + security workflow + standardize badges

.github/workflows/ci.yml

@@ -165,8 +165,10 @@ jobs:
           prefix-key: "v1-docs"
           cache-on-failure: true
 
+      # Use --features full to match docs.rs metadata configuration
+      # (avoids wasm feature which requires wasm32 target not in docs.rs)
       - name: Build documentation
-        run: cargo doc --no-deps --all-features
+        run: cargo doc --no-deps --features full
         env:
           RUSTDOCFLAGS: "-D warnings"
 

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "reasonkit-web"
-version = "0.1.5"
+version = "0.1.6"
 edition = "2021"
 rust-version = "1.75"
 license = "Apache-2.0"

README.md

@@ -5,13 +5,14 @@
 **High-Performance Web Sensing & Browser Automation Layer**
 **Rust-Native Implementation**
 
-[![CI](https://img.shields.io/github/actions/workflow/status/reasonkit/reasonkit-web/ci.yml?branch=main&style=flat-square&logo=github&label=CI&color=06b6d4)](https://github.com/reasonkit/reasonkit-web/actions/workflows/ci.yml)
-[![Security](https://img.shields.io/github/actions/workflow/status/reasonkit/reasonkit-web/security.yml?branch=main&style=flat-square&logo=github&label=Security&color=10b981)](https://github.com/reasonkit/reasonkit-web/actions/workflows/security.yml)
-[![Crates.io](https://img.shields.io/crates/v/reasonkit-web?style=flat-square&color=%2306b6d4)](https://crates.io/crates/reasonkit-web)
-[![docs.rs](https://img.shields.io/docsrs/reasonkit-web?style=flat-square&color=%2310b981)](https://docs.rs/reasonkit-web)
-[![License](https://img.shields.io/badge/license-Apache%202.0-blue?style=flat-square&color=%23a855f7)](LICENSE)
-[![Rust](https://img.shields.io/badge/rust-1.74%2B-orange?style=flat-square&logo=rust&color=%23f97316)](https://www.rust-lang.org/)
-[![MCP](https://img.shields.io/badge/MCP-Compatible-green?style=flat-square&color=%2310b981)](https://modelcontextprotocol.io)
+[![CI](https://img.shields.io/github/actions/workflow/status/reasonkit/reasonkit-web/ci.yml?branch=main&style=flat-square&logo=github&label=CI&color=06b6d4&logoColor=06b6d4)](https://github.com/reasonkit/reasonkit-web/actions/workflows/ci.yml)
+[![Security](https://img.shields.io/github/actions/workflow/status/reasonkit/reasonkit-web/security.yml?branch=main&style=flat-square&logo=github&label=Security&color=10b981&logoColor=10b981)](https://github.com/reasonkit/reasonkit-web/actions/workflows/security.yml)
+[![Crates.io](https://img.shields.io/crates/v/reasonkit-web?style=flat-square&logo=rust&color=10b981&logoColor=f9fafb)](https://crates.io/crates/reasonkit-web)
+[![docs.rs](https://img.shields.io/docsrs/reasonkit-web?style=flat-square&logo=docs.rs&color=06b6d4&logoColor=f9fafb)](https://docs.rs/reasonkit-web)
+[![Downloads](https://img.shields.io/crates/d/reasonkit-web?style=flat-square&color=ec4899&logo=rust&logoColor=f9fafb)](https://crates.io/crates/reasonkit-web)
+[![License](https://img.shields.io/badge/license-Apache%202.0-a855f7?style=flat-square&labelColor=030508)](LICENSE)
+[![Rust](https://img.shields.io/badge/rust-1.75+-f97316?style=flat-square&logo=rust&logoColor=f9fafb)](https://www.rust-lang.org/)
+[![MCP](https://img.shields.io/badge/MCP-Compatible-10b981?style=flat-square&logo=data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHdpZHRoPSIyNCIgaGVpZ2h0PSIyNCIgdmlld0JveD0iMCAwIDI0IDI0IiBmaWxsPSJub25lIiBzdHJva2U9IiNmOWZhZmIiIHN0cm9rZS13aWR0aD0iMiIgc3Ryb2tlLWxpbmVjYXA9InJvdW5kIiBzdHJva2UtbGluZWpvaW49InJvdW5kIj48cGF0aCBkPSJNMTIgMnYyME0yIDEyaDIwIi8+PC9zdmc+)](https://modelcontextprotocol.io)
 
 _The Eyes and Ears of AI Reasoning - Now Blazingly Fast_
 
@@ -48,6 +49,7 @@ curl -fsSL https://get.reasonkit.sh | bash -s -- --with-web
 ```
 
 **Platform & Shell Support:**
+
 - ✅ All platforms (Linux/macOS/Windows/WSL)
 - ✅ All shells (Bash/Zsh/Fish/Nu/PowerShell/Elvish)
 - ✅ Auto-detects shell and configures PATH

deny.toml

@@ -0,0 +1,115 @@
+# cargo-deny configuration for reasonkit-web
+# Security, license, and dependency validation
+# Reference: https://embarkstudios.github.io/cargo-deny/
+# Compatible with cargo-deny 0.18.x
+
+[graph]
+targets = [
+    "x86_64-unknown-linux-gnu",
+    "x86_64-apple-darwin",
+    "aarch64-apple-darwin",
+    "x86_64-pc-windows-msvc",
+]
+all-features = true
+
+[output]
+feature-depth = 1
+
+[advisories]
+# Path where advisory database is cloned
+db-path = "~/.cargo/advisory-dbs"
+# Ignore specific advisories if assessed as non-applicable
+ignore = [
+    # Unmaintained crates - tracking migration in backlog
+    { id = "RUSTSEC-2024-0384", reason = "instant crate - used by parking_lot, tracking migration to web-time" },
+    { id = "RUSTSEC-2025-0119", reason = "number_prefix - low risk, used by indicatif, tracking migration" },
+    { id = "RUSTSEC-2024-0436", reason = "paste - used by tokenizers, tracking migration to pastey" },
+    { id = "RUSTSEC-2025-0134", reason = "rustls-pemfile - used by tonic, tracking migration to rustls-pki-types" },
+]
+
+[licenses]
+# Apache 2.0 compatible licenses
+allow = [
+    "MIT",
+    "Apache-2.0",
+    "Apache-2.0 WITH LLVM-exception",
+    "BSD-2-Clause",
+    "BSD-3-Clause",
+    "ISC",
+    "Unicode-DFS-2016",
+    "Unicode-3.0",
+    "Zlib",
+    "CC0-1.0",
+    "0BSD",
+    "BSL-1.0",
+    "MPL-2.0",
+    "Unlicense",
+    "OpenSSL",  # Used by ring crate - permissive license
+]
+confidence-threshold = 0.8
+
+# Exceptions for specific crates
+exceptions = [
+    # ring uses a complex license expression
+    { allow = ["ISC", "MIT", "OpenSSL"], crate = "ring" },
+]
+
+[licenses.private]
+# Ignore unpublished workspace crates
+ignore = true
+registries = []
+
+# License clarifications for crates with non-standard license files
+[[licenses.clarify]]
+crate = "ring"
+expression = "ISC AND MIT AND OpenSSL"
+license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
+
+[[licenses.clarify]]
+crate = "webpki"
+expression = "ISC"
+license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
+
+[[licenses.clarify]]
+crate = "rustls-webpki"
+expression = "ISC"
+license-files = [{ path = "LICENSE", hash = 0x001c7e6c }]
+
+[bans]
+# Dependency banning and duplicate detection
+multiple-versions = "warn"
+wildcards = "deny"
+highlight = "all"
+workspace-default-features = "allow"
+external-default-features = "allow"
+
+# Ban certain crates we want to avoid
+deny = [
+    # Deprecated crates
+    { crate = "rustc-serialize", reason = "Use serde instead" },
+    { crate = "quickersort", reason = "Use standard library sort" },
+    { crate = "failure", reason = "Use thiserror or anyhow" },
+    { crate = "error-chain", reason = "Use thiserror or anyhow" },
+    { crate = "tempdir", reason = "Use tempfile instead" },
+    { crate = "term", reason = "Use termcolor or crossterm" },
+    { crate = "gcc", reason = "Use cc instead" },
+]
+
+# Skip checking these crates for duplicates
+skip = []
+
+# Skip trees rooted at these crates
+skip-tree = []
+
+[sources]
+# Source code origin validation
+unknown-registry = "deny"
+unknown-git = "warn"
+allow-registry = ["https://github.com/rust-lang/crates.io-index"]
+allow-git = []
+
+[sources.allow-org]
+# Allow GitHub organizations
+github = []
+gitlab = []
+bitbucket = []