From 12c3a3205b1aa892f5a0ca82c6a0e01a26deb1d8 Mon Sep 17 00:00:00 2001
From: Ning Sun <sunng@protonmail.com>
Date: Thu, 19 Jun 2025 14:43:43 +0800
Subject: [PATCH] chore: security updates (#6351)

---
 Cargo.lock                          | 16 +++++++---------
 src/common/telemetry/Cargo.toml     |  1 -
 src/common/telemetry/src/logging.rs |  5 +++--
 3 files changed, 10 insertions(+), 12 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 3e76cd0a8b..3769e1913a 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1670,9 +1670,9 @@ dependencies = [
 
 [[package]]
 name = "cc"
-version = "1.1.24"
+version = "1.2.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "812acba72f0a070b003d3697490d2b55b837230ae7c6c6497f05cc2ddbb8d938"
+checksum = "d487aa071b5f64da6f19a3e848e3578944b726ee5a4854b82172f02aa876bfdc"
 dependencies = [
  "jobserver",
  "libc",
@@ -2671,7 +2671,6 @@ dependencies = [
 name = "common-telemetry"
 version = "0.15.0"
 dependencies = [
- "atty",
  "backtrace",
  "common-error",
  "console-subscriber",
@@ -3072,9 +3071,9 @@ dependencies = [
 
 [[package]]
 name = "crossbeam-channel"
-version = "0.5.13"
+version = "0.5.15"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2"
+checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2"
 dependencies = [
  "crossbeam-utils",
 ]
@@ -6696,7 +6695,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "4979f22fdb869068da03c9f7528f8297c6fd2606bc3a4affe42e6a823fdb8da4"
 dependencies = [
  "cfg-if",
- "windows-targets 0.52.6",
+ "windows-targets 0.48.5",
 ]
 
 [[package]]
@@ -10390,15 +10389,14 @@ dependencies = [
 
 [[package]]
 name = "ring"
-version = "0.17.8"
+version = "0.17.14"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d"
+checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7"
 dependencies = [
  "cc",
  "cfg-if",
  "getrandom 0.2.15",
  "libc",
- "spin",
  "untrusted",
  "windows-sys 0.52.0",
 ]
diff --git a/src/common/telemetry/Cargo.toml b/src/common/telemetry/Cargo.toml
index 0d5d188a06..1e1d2cd448 100644
--- a/src/common/telemetry/Cargo.toml
+++ b/src/common/telemetry/Cargo.toml
@@ -12,7 +12,6 @@ deadlock_detection = ["parking_lot/deadlock_detection"]
 workspace = true
 
 [dependencies]
-atty = "0.2"
 backtrace = "0.3"
 common-error.workspace = true
 console-subscriber = { version = "0.1", optional = true }
diff --git a/src/common/telemetry/src/logging.rs b/src/common/telemetry/src/logging.rs
index 0639b6786a..76d04fc418 100644
--- a/src/common/telemetry/src/logging.rs
+++ b/src/common/telemetry/src/logging.rs
@@ -14,6 +14,7 @@
 
 //! logging stuffs, inspired by databend
 use std::env;
+use std::io::IsTerminal;
 use std::sync::{Arc, Mutex, Once};
 use std::time::Duration;
 
@@ -221,14 +222,14 @@ pub fn init_global_logging(
                     Layer::new()
                         .json()
                         .with_writer(writer)
-                        .with_ansi(atty::is(atty::Stream::Stdout))
+                        .with_ansi(std::io::stdout().is_terminal())
                         .boxed(),
                 )
             } else {
                 Some(
                     Layer::new()
                         .with_writer(writer)
-                        .with_ansi(atty::is(atty::Stream::Stdout))
+                        .with_ansi(std::io::stdout().is_terminal())
                         .boxed(),
                 )
             }