From 7698ee23bc32030a00779f491685d6d7fc3aa96b Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Thu, 16 Apr 2026 13:04:27 +0000
Subject: [PATCH 1/2] chore(deps): switch seccompiler to upstream
 rust-vmm/seccompiler

Replace the personal fork (branchseer/seccompiler, branch seccomp-action-raw)
with the upstream repo which now natively supports SECCOMP_RET_USER_NOTIF via
SeccompAction::UserNotif.

https://claude.ai/code/session_01GhffM3Grv8vjp7oDZDtv7C
---
 Cargo.lock                                        | 2 +-
 Cargo.toml                                        | 2 +-
 crates/fspy_seccomp_unotify/src/supervisor/mod.rs | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index 1c948d5c..fc3de25e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -3005,7 +3005,7 @@ checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
 [[package]]
 name = "seccompiler"
 version = "0.5.0"
-source = "git+https://github.com/branchseer/seccompiler?branch=seccomp-action-raw#dbccf624efc19685e8b85beb7b0a9fdda0678da2"
+source = "git+https://github.com/rust-vmm/seccompiler?rev=08587106340b8e3cb361c7561411510039436857#08587106340b8e3cb361c7561411510039436857"
 dependencies = [
  "libc",
 ]
diff --git a/Cargo.toml b/Cargo.toml
index ea50514b..eec1701a 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -109,7 +109,7 @@ ref-cast = "1.0.24"
 regex = "1.11.3"
 rusqlite = "0.37.0"
 rustc-hash = "2.1.1"
-seccompiler = { git = "https://github.com/branchseer/seccompiler", branch = "seccomp-action-raw" }
+seccompiler = { git = "https://github.com/rust-vmm/seccompiler", rev = "08587106340b8e3cb361c7561411510039436857" }
 serde = "1.0.219"
 serde_json = "1.0.140"
 serde_yml = "0.0.12"
diff --git a/crates/fspy_seccomp_unotify/src/supervisor/mod.rs b/crates/fspy_seccomp_unotify/src/supervisor/mod.rs
index f6e9c7e7..b1aa0eb6 100644
--- a/crates/fspy_seccomp_unotify/src/supervisor/mod.rs
+++ b/crates/fspy_seccomp_unotify/src/supervisor/mod.rs
@@ -71,7 +71,7 @@ pub fn supervise<H: SeccompNotifyHandler + Default + Send + 'static>() -> io::Re
     let seccomp_filter = SeccompFilter::new(
         H::syscalls().iter().map(|sysno| (sysno.id().into(), vec![])).collect(),
         SeccompAction::Allow,
-        SeccompAction::Raw(libc::SECCOMP_RET_USER_NOTIF),
+        SeccompAction::UserNotif,
         std::env::consts::ARCH.try_into().unwrap(),
     )
     .unwrap();

From e72eaf55193ab397244806f51e6373fe671b1ea6 Mon Sep 17 00:00:00 2001
From: Claude <noreply@anthropic.com>
Date: Thu, 16 Apr 2026 13:06:12 +0000
Subject: [PATCH 2/2] chore: add comment explaining why seccompiler uses git
 dependency

SeccompAction::UserNotif was added after the latest published release
(v0.5.0), so we need to pin to a specific upstream commit.

https://claude.ai/code/session_01GhffM3Grv8vjp7oDZDtv7C
---
 Cargo.toml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Cargo.toml b/Cargo.toml
index eec1701a..e235e198 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -109,6 +109,7 @@ ref-cast = "1.0.24"
 regex = "1.11.3"
 rusqlite = "0.37.0"
 rustc-hash = "2.1.1"
+# SeccompAction::UserNotif (SECCOMP_RET_USER_NOTIF) was added after the latest published release (v0.5.0)
 seccompiler = { git = "https://github.com/rust-vmm/seccompiler", rev = "08587106340b8e3cb361c7561411510039436857" }
 serde = "1.0.219"
 serde_json = "1.0.140"