chore(deps): drop stale pyo3 advisory ignores resolved by 0.29

[chaliy]

What

Remove two now-stale advisory ignores from deny.toml:

• RUSTSEC-2026-0176 — pyo3 OOB read in PyList/PyTuple nth/nth_back
• RUSTSEC-2026-0177 — pyo3 missing Sync bound on PyCFunction::new_closure

Why

Both advisories were patched in pyo3 >= 0.29. The workspace now resolves
pyo3 0.29.0 and pyo3-async-runtimes 0.29.0 (after #2122), so these ignores
no longer match any advisory in the graph. Their own comments flagged them for
removal "on the pyo3 0.29 bump" — this is that follow-up.

The remaining ignores (RUSTSEC-2023-0089 atomic-polyfill, RUSTSEC-2026-0173
proc-macro-error2) are unmaintained-transitive notices we can't control and are
kept.

How / Safety

• deny.toml [advisories].ignore is consulted only by the manual
  cargo deny check advisories (per AGENTS.md). CI's cargo-deny step runs
  check licenses sources and cargo-audit carries its own ignore list, so this
  change does not alter any CI gate — it removes config that no longer applies.
• Verified deny.toml remains valid TOML and pyo3 resolves to 0.29.0 in
  Cargo.lock.

No code paths changed; config/hygiene only.

---

Generated by Claude Code

[cloudflare-workers-and-pages]

Deploying with    Cloudflare Workers

The latest updates on your project. Learn more about integrating Git with Workers.

Status	Name	Latest Commit	Preview URL	Updated (UTC)
✅ Deployment successful! View logs	bashkit	d46f18f	Commit Preview URL Branch Preview URL	Jun 26 2026, 09:15 AM

[chaliy]

Closing as superseded. #2130 (merged to main) already removed both RUSTSEC-2026-0176 and RUSTSEC-2026-0177 from deny.toml's [advisories].ignore, which is exactly this PR's change — deny.toml on main no longer contains those entries, so this is now a no-op. The parallel .cargo/audit.toml cleanup (still pending on main) is carried by #2131.

---

Generated by Claude Code