Remove unmaintained wee_alloc dependency

[konard]

Fixes #73

Summary

• Removed the optional wee_alloc dependency and conditional WebAssembly global allocator from the root wrapper crate.
• Updated Cargo.lock so Dependabot alert 1 (GHSA-rc23-xxgq-x27g / RUSTSEC-2022-0054) no longer resolves wee_alloc or its private transitive dependency chain.
• Added regression coverage that fails if Cargo.toml, Cargo.lock, or src/lib.rs reintroduces wee_alloc.
• Added the requested issue 73 case study and evidence under docs/case-studies/issue-73/.

Root Cause

The root clink-wasm crate declared optional wee_alloc and installed it as a global allocator behind the implicit wee_alloc feature. Because Cargo.lock resolved that package, Dependabot reported the unmaintained crate advisory. The advisory affects every version and has no patched release.

Verification

• cargo test --test dependabot_alert_tests failed before the fix and passes after the fix.
• cargo fmt --all -- --check
• cargo clippy --all-targets --all-features
• cargo test --all-features
• cargo test --manifest-path rust/Cargo.toml --all-features
• node scripts/check-file-size.mjs --lang rust
• npm ci
• RUST_LOG=info npm run test:wasm
• RUST_LOG=info npm run build
• RUST_LOG=info npm test
• npm audit --json

No screenshots are included because this is a non-UI dependency/security fix.

[konard]

Working session summary

Implemented and pushed the fix to PR 74: #74

Removed wee_alloc from Cargo.toml, removed the allocator hook from src/lib.rs, updated Cargo.lock, added the regression test in tests/dependabot_alert_tests.rs, and added the requested case study/evidence in docs/case-studies/issue-73/README.md.

PR 74 is ready for review, merge state is clean, and fresh WebAssembly CI passed for commit b68a6ae. Local verification passed: cargo fmt, cargo clippy, Rust tests, wasm tests/build, npm test, file-size check, and npm audit.

Sources used for the advisory research: GitHub Advisory GHSA-rc23-xxgq-x27g, RustSec RUSTSEC-2022-0054, and upstream rustwasm/wee_alloc#107.

---

This summary was automatically extracted from the AI working session output.

[konard]

🤖 Solution Draft Log

This log file contains the complete execution trace of the AI solution draft process.

💰 Cost estimation:

• Model: GPT-5.5
• Provider: OpenAI
• Public pricing estimate: $14.969263

📊 Context and tokens usage:

• 210.9K / 1.1M (20%) input tokens, 34.5K / 128K (27%) output tokens

Total: (210.9K + 11.3M cached) input tokens, 34.5K output tokens, $14.969263 cost

🤖 Models used:

• Tool: OpenAI Codex
• Requested: gpt-5.5
• Model: GPT-5.5 (gpt-5.5)

📎 Log file uploaded as Repository (33931KB)

• View complete solution draft log

---

Now working session is ended, feel free to review and add any feedback on the solution draft.

[konard]

✅ Ready to merge

This pull request is now ready to be merged:

• All CI checks have passed
• No merge conflicts
• No pending changes

---

Monitored by hive-mind with --auto-restart-until-mergeable flag