* fix(security): RUSTSEC advisories + clippy hardening in RuVector
- Replace all bare `partial_cmp().unwrap()` calls on f32/f64 with
`.unwrap_or(Ordering::Equal)` to prevent panics on NaN values in
sorting/max-by operations across ruvllm, ruvector-dag, prime-radiant,
and rvagent-wasm (12 sites in production code).
- Add input validation guards to the HTTP search endpoint: reject k=0,
k > 10_000, empty vectors, and vectors exceeding 65_536 dimensions,
preventing memory exhaustion via unbounded allocations.
- Harden LocalFsBackend::execute in rvagent-cli with env_clear() +
safe-env allowlist (SEC-005), deadline-based timeout enforcement, and
1 MB output truncation, matching the security posture of LocalShellBackend.
- Remove 129 occurrences of the deprecated `unused_unit = "allow"` lint
and 3 occurrences of the removed `clippy::match_on_vec_items` lint from
Cargo.toml files workspace-wide; both are no-ops in current Rust/Clippy.
- All 653+ tests across ruvector-core, ruvector-server, ruvector-dag,
rvagent-cli, and prime-radiant pass with zero failures.
Note: `bytes` is already at 1.11.1 (>= 1.10.0); `paste` 1.0.15 is a
transitive dependency with no semver fix available upstream; `cargo audit`
returns clean.
Co-Authored-By: claude-flow <ruv@ruv.net>
* fix(ci): cargo fmt + restore workspace unused_unit lint allow
- Run cargo fmt --all across all 9 files that drifted from rustfmt style
(prime-radiant/energy.rs, ruvector-dag/bottleneck.rs+reasoning_bank.rs,
ruvector-server/points.rs, ruvllm/pretrain_pipeline.rs+report.rs+registry.rs,
rvagent-cli/app.rs, rvagent-wasm/gallery.rs)
- Add [workspace.lints.clippy] unused_unit = "allow" to root Cargo.toml;
the per-crate entries removed in the security commit were still needed —
moving to workspace-level is cleaner and restores -D warnings CI pass
Co-Authored-By: claude-flow <ruv@ruv.net>
* fix(ci): remove unneeded unit return type in ruvix bench
Removes `-> ()` from the Fn bound in run_benchmark_with_kernel
(crates/ruvix/benches/src/ruvix.rs:50) — triggers clippy::unused_unit
under -D warnings. Clippy prefers `Fn(&mut Kernel)` without explicit
unit return.
Co-Authored-By: claude-flow <ruv@ruv.net>
* fix(ci): resolve rustfmt and clippy unused_unit failures
- Run cargo fmt --all to fix long closure formatting in 9 files
(energy.rs, bottleneck.rs, reasoning_bank.rs, points.rs,
pretrain_pipeline.rs, report.rs, registry.rs, app.rs, gallery.rs)
- Add unused_unit = "allow" to [lints.clippy] in ruvix-bench and
ruvector-mincut Cargo.toml files to suppress the unused_unit lint
that was previously suppressed globally and now fires on two
Fn(&mut T) -> () and FnMut() -> () function bounds
Co-Authored-By: claude-flow <ruv@ruv.net>
- Run cargo fmt --all to fix formatting in 362 files across the entire workspace
- Add PGDG repository for PostgreSQL 17 in CI test-all-features and benchmark jobs
- Add missing rvf dependency crates to standalone Dockerfile for domain-expansion
- Add sona-learning and domain-expansion features to standalone Dockerfile build
- Create npu.rs stub for ruvector-sparse-inference (fixes rustfmt resolution error)
Co-Authored-By: claude-flow <ruv@ruv.net>
- Remove duplicate workspace members (solver/solver-wasm/solver-node)
- Add ruvector-attn-mincut to workspace members
- Switch ruvector-solver and ruvector-solver-wasm to workspace version/metadata
- Add version pin on ruvector-solver dep for solver-wasm and solver-node
- Remove stale version pins in examples/dna and examples/prime-radiant
- Fix unused assignment and unused mut warnings in neumann.rs
- Remove publish = false from ruvector-profiler, add keywords/categories
- Bump @ruvector/rvf-solver to 0.1.4
- Add Publishing section to CLAUDE.md
Published to crates.io: ruvector-solver, ruvector-solver-wasm,
ruvector-solver-node, ruvector-coherence, ruvector-attn-mincut,
ruvector-profiler (all v2.0.3)
Published to npm: @ruvector/rvf-solver v0.1.4
Co-Authored-By: claude-flow <ruv@ruv.net>
Add ruvector-solver with 8 iterative solver algorithms:
- Jacobi-preconditioned Neumann series for diagonally dominant systems
- Conjugate Gradient (CG) for symmetric positive definite systems
- Forward/Backward Push for Personalized PageRank
- Hybrid Random Walk with Monte Carlo sampling
- TRUE solver with JL projection and spectral sparsification
- BMSSP multigrid preconditioner for ill-conditioned systems
- Jacobi and Gauss-Seidel iterative solvers
Includes intelligent algorithm router (SolverRouter/SolverOrchestrator),
WASM bindings (ruvector-solver-wasm), Node.js NAPI bindings
(ruvector-solver-node), Criterion benchmark suite, comprehensive
validation, audit logging, and 143 passing tests.
https://claude.ai/code/session_01TiqLbr2DaNAntQHaVeLfiR
