chore: update deps and remove stale audit exceptions (#5446)

* fix: update deps and remove stale audit exceptions

* fix: update toolchain to support new dependencies + fix new clippy lints

* chore: fmt

* fix: update dylib build/download paths

* fix: imports

* fix: update debian settings

* chore: bump old engine version to 1_7_2

* chore: bump old version 1.7.1 -> 1.7.2

* fix: upload dylibs from /deps folder

* fix: add more /deps folders in CI jobs

* fix: flatten upload structure

---------

Co-authored-by: kylezs <zsembery.kyle@gmail.com>

.cargo/config.toml

@@ -32,32 +32,25 @@ tree --no-default-features --depth 1 --edges=features,normal
 # Requires `cargo-audit`. Run `cargo install cargo-audit` to install it.
 # The `cf-audit` command is configured to ignore the following advisories:
 # Vulnerabilities:
-# - RUSTSEC-2022-0093: This advisory is related to ed25519-dalek's public api design, which we don't expose.
 # - RUSTSEC-2024-0344: curve25519-dalek is a transitive dependency of `substrate`
-# Unsound:
-# - RUSTSEC-2021-0145: This advisory only affects the windows platform. It's a transitive dependency of `substrate`.
 # Unmaintained:
 # - RUSTSEC-2020-0168: This advisory comes from `mach`, which is unmaintained but not a security issue. It's a dependency of `subxt`.
 # - RUSTSEC-2021-0139: This advisory comes from `ansi_term`, which is unmaintained but not a security issue. It's a dependency of `subxt`.
 # - RUSTSEC-2022-0061: This advisory is related to the deprecated `parity-wasm`, not a security issue. It's a dependency of `substrate`.
 # - RUSTSEC-2024-0336: This adivsory comes from rustls, which is a dependency of the `try-runtime-cli` crate.
 # - RUSTSEC-2024-0320: Unmaintained transitive `yaml-rust` dependency of `insta` crate. We only use insta for testing.
 # - RUSTSEC-2024-0370: Unmaintained transitive dependency. Only affects macro generation efficiency.
-# - RUSTSEC-2024-0375: Unmaintained transitive dependency used by clap.
 # - RUSTSEC-2024-0388: Unmaintained transitive dependency `derivative` used by substrate.
 # - RUSTSEC-2024-0384: Unmaintained transitive dependency `instant` used by substrate.
 cf-audit = '''
 audit -D unmaintained -D unsound
-    --ignore RUSTSEC-2022-0093
     --ignore RUSTSEC-2021-0139
     --ignore RUSTSEC-2020-0168
     --ignore RUSTSEC-2022-0061
-    --ignore RUSTSEC-2021-0145
     --ignore RUSTSEC-2024-0320
     --ignore RUSTSEC-2024-0336
     --ignore RUSTSEC-2024-0344
     --ignore RUSTSEC-2024-0370
-    --ignore RUSTSEC-2024-0375
     --ignore RUSTSEC-2024-0388
     --ignore RUSTSEC-2024-0384
 '''

.github/workflows/_20_build.yml

@@ -64,11 +64,16 @@ jobs:
           fi
           cargo cf-build-${{ inputs.profile }} --locked
 
-
       - name: ls directory
         run: |
           ls -la ./target/${{ inputs.binary-subdir }}
 
+      # We flatten the structure so upload-artifact uploads a flattened structure
+      - name: Prepare binaries for upload
+        run: |
+          mkdir -p ./target/${{ inputs.binary-subdir }}
+          cp ./target/${{ inputs.binary-subdir }}/deps/libchainflip_engine_v*.so ./target/${{ inputs.binary-subdir }}/ || true
+        
       - name: Upload binary artifacts
         uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
         with:

.github/workflows/_21_build_m2.yml

@@ -49,6 +49,12 @@ jobs:
         run: |
           ls -la ./target/${{ inputs.binary-subdir }}
 
+      # We flatten the structure so upload-artifact uploads a flattened structure
+      - name: Prepare binaries for upload
+        run: |
+          mkdir -p ./target/${{ inputs.binary-subdir }}
+          cp ./target/${{ inputs.binary-subdir }}/deps/libchainflip_engine_v*.so ./target/${{ inputs.binary-subdir }}/ || true
+
       - name: Upload binary artifacts
         uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874
         with: