chore: disable default features in Cargo.toml

[nikhilsinhaparseable]

disable default features for prometheus and actix-web-prometheus in Cargo.toml
this is to remove the indirect dependency of protobuf crate
to address the dependabot alert raised in enterprise -
https://github.com/parseablehq/enterprise/security/dependabot/2

Summary by CodeRabbit

• Chores
  • Updated Prometheus client to 0.13.4.
  • Disabled default features for Prometheus integrations and enabled the process feature to improve compatibility.
  • Disabled default features for the Actix Prometheus integration.
  • No public API or exported interface changes.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

Walkthrough

Cargo.toml dependency specs updated: actix-web-prometheus added default-features = false; prometheus bumped from 0.13 to 0.13.4 and added default-features = false while keeping features = ["process"]. No public API signatures changed.

Changes

Cohort / File(s)	Summary
Dependency version and feature updates Cargo.toml	prometheus: 0.13 → 0.13.4, default-features = false added, features = ["process"] retained; actix-web-prometheus: default-features = false added. No code/API changes.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~8 minutes

Poem

🐰 I brushed my paws and tapped the crate,

A tiny tweak to keep things straight,
Versions nudged and defaults shorn,
I hop away at break of morn,
Inventory neat, the build moves on. 🥕

Pre-merge checks

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title 'chore: disable default features in Cargo.toml' is directly related to the main change: disabling default features in Cargo.toml for prometheus and actix-web-prometheus dependencies.
Description check	✅ Passed	The description clearly explains the purpose and rationale (removing protobuf dependency and addressing a security alert), but omits the required template sections like 'Fixes #XXXX' and testing/documentation checklists.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

---

📜 Recent review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 589ce6e and eea3923.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml

🚧 Files skipped from review as they are similar to previous changes (1)

• Cargo.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: coverage
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Build Default aarch64-apple-darwin

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 1f2d3b4 and 589ce6e.

⛔ Files ignored due to path filters (1)

• Cargo.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• Cargo.toml

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Build Default aarch64-apple-darwin
• GitHub Check: Build Default x86_64-unknown-linux-gnu
• GitHub Check: Build Default x86_64-pc-windows-msvc
• GitHub Check: Build Kafka aarch64-apple-darwin
• GitHub Check: Build Default aarch64-unknown-linux-gnu
• GitHub Check: Build Kafka x86_64-unknown-linux-gnu
• GitHub Check: coverage
• GitHub Check: Quest Smoke and Load Tests for Distributed deployments
• GitHub Check: Quest Smoke and Load Tests for Standalone deployments

🔇 Additional comments (1)

Cargo.toml (1)

36-36: No action needed. The disabling of default features is correct and safe.

Line 36 default-features = false for actix-web-prometheus has no functional impact—the crate has no default features. Line 107's default-features = false, features = ["process"] for prometheus correctly removes only the "protobuf" default feature (addressing the security alert) while preserving the "process" feature needed for ProcessCollector usage on Linux. The codebase uses only stable prometheus APIs (counters, gauges, histograms) and does not directly depend on protobuf types, so metrics functionality is unaffected.

Likely an incorrect or invalid review comment.