Update dependencies (#1181)
This commit is contained in:
parent
69a772d1ca
commit
aa8e5f5c04
10 changed files with 1091 additions and 666 deletions
1615
Cargo.lock
generated
1615
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -32,12 +32,15 @@ interim = { version = "0.1.0", features = ["chrono"] }
|
|||
itertools = "0.10.5"
|
||||
rand = { version = "0.8.5", features = ["std"] }
|
||||
semver = "1.0.14"
|
||||
serde = { version = "1.0.145", features = ["derive"] }
|
||||
# https://github.com/serde-rs/serde/issues/2538
|
||||
# I don't trust dtolnay with our user's builds. especially as we
|
||||
# have things like encryption keys
|
||||
serde = { version = "1.0.145, <=1.0.171", features = ["derive"] }
|
||||
serde_json = "1.0.99"
|
||||
tokio = { version = "1", features = ["full"] }
|
||||
uuid = { version = "1.3", features = ["v4", "serde"] }
|
||||
whoami = "1.1.2"
|
||||
typed-builder = "0.14.0"
|
||||
typed-builder = "0.15.0"
|
||||
pretty_assertions = "1.3.0"
|
||||
|
||||
[workspace.dependencies.reqwest]
|
||||
|
@ -46,5 +49,5 @@ features = ["json", "rustls-tls-native-roots"]
|
|||
default-features = false
|
||||
|
||||
[workspace.dependencies.sqlx]
|
||||
version = "0.6"
|
||||
version = "0.7.1"
|
||||
features = ["runtime-tokio-rustls", "chrono", "postgres", "uuid"]
|
||||
|
|
|
@ -44,11 +44,11 @@ sql-builder = "3"
|
|||
lazy_static = "1"
|
||||
memchr = "2.5"
|
||||
rmp = { version = "0.8.11" }
|
||||
typed-builder = "0.14.0"
|
||||
typed-builder = { workspace = true }
|
||||
tokio = { workspace = true }
|
||||
semver = { workspace = true }
|
||||
futures = "0.3"
|
||||
xsalsa20poly1305 = "0.9.0"
|
||||
crypto_secretbox = "0.1.1"
|
||||
generic-array = { version = "0.14", features = ["serde"] }
|
||||
|
||||
# encryption
|
||||
|
|
|
@ -166,7 +166,7 @@ impl Sqlite {
|
|||
.bind(h.session.as_str())
|
||||
.bind(h.hostname.as_str())
|
||||
.bind(h.deleted_at.map(|t|t.timestamp_nanos()))
|
||||
.execute(tx)
|
||||
.execute(&mut **tx)
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
|
|
|
@ -12,15 +12,15 @@ use std::{io::prelude::*, path::PathBuf};
|
|||
|
||||
use base64::prelude::{Engine, BASE64_STANDARD};
|
||||
use chrono::{DateTime, Utc};
|
||||
pub use crypto_secretbox::Key;
|
||||
use crypto_secretbox::{
|
||||
aead::{Nonce, OsRng},
|
||||
AeadCore, AeadInPlace, KeyInit, XSalsa20Poly1305,
|
||||
};
|
||||
use eyre::{bail, ensure, eyre, Context, Result};
|
||||
use fs_err as fs;
|
||||
use rmp::{decode::Bytes, Marker};
|
||||
use serde::{Deserialize, Serialize};
|
||||
pub use xsalsa20poly1305::Key;
|
||||
use xsalsa20poly1305::{
|
||||
aead::{Nonce, OsRng},
|
||||
AeadInPlace, KeyInit, XSalsa20Poly1305,
|
||||
};
|
||||
|
||||
use crate::{history::History, settings::Settings};
|
||||
|
||||
|
@ -240,7 +240,7 @@ fn error_report<E: std::fmt::Debug>(err: E) -> eyre::Report {
|
|||
|
||||
#[cfg(test)]
|
||||
mod test {
|
||||
use xsalsa20poly1305::{aead::OsRng, KeyInit, XSalsa20Poly1305};
|
||||
use crypto_secretbox::{aead::OsRng, KeyInit, XSalsa20Poly1305};
|
||||
|
||||
use crate::history::History;
|
||||
|
||||
|
|
|
@ -218,8 +218,8 @@ impl KvStore {
|
|||
|
||||
#[cfg(test)]
|
||||
mod tests {
|
||||
use crypto_secretbox::{KeyInit, XSalsa20Poly1305};
|
||||
use rand::rngs::OsRng;
|
||||
use xsalsa20poly1305::{KeyInit, XSalsa20Poly1305};
|
||||
|
||||
use crate::record::sqlite_store::SqliteStore;
|
||||
|
||||
|
|
|
@ -72,7 +72,7 @@ impl SqliteStore {
|
|||
.bind(r.version.as_str())
|
||||
.bind(r.data.data.as_str())
|
||||
.bind(r.data.content_encryption_key.as_str())
|
||||
.execute(tx)
|
||||
.execute(&mut **tx)
|
||||
.await?;
|
||||
|
||||
Ok(())
|
||||
|
|
|
@ -6,7 +6,7 @@ use chrono::prelude::*;
|
|||
use eyre::Result;
|
||||
|
||||
use atuin_common::api::AddHistoryRequest;
|
||||
use xsalsa20poly1305::Key;
|
||||
use crypto_secretbox::Key;
|
||||
|
||||
use crate::{
|
||||
api_client,
|
||||
|
|
|
@ -247,7 +247,7 @@ impl Database for Postgres {
|
|||
.bind(hostname)
|
||||
.bind(i.timestamp)
|
||||
.bind(data)
|
||||
.execute(&mut tx)
|
||||
.execute(&mut *tx)
|
||||
.await
|
||||
.map_err(fix_error)?;
|
||||
}
|
||||
|
@ -375,7 +375,7 @@ impl Database for Postgres {
|
|||
.bind(&i.data.data)
|
||||
.bind(&i.data.content_encryption_key)
|
||||
.bind(user.id)
|
||||
.execute(&mut tx)
|
||||
.execute(&mut *tx)
|
||||
.await
|
||||
.map_err(fix_error)?;
|
||||
}
|
||||
|
|
105
deny.toml
Normal file
105
deny.toml
Normal file
|
@ -0,0 +1,105 @@
|
|||
# This template contains all of the possible sections and their default values
|
||||
|
||||
# Note that all fields that take a lint level have these possible values:
|
||||
# * deny - An error will be produced and the check will fail
|
||||
# * warn - A warning will be produced, but the check will not fail
|
||||
# * allow - No warning or error will be produced, though in some cases a note
|
||||
# will be
|
||||
|
||||
# The values provided in this template are the default values that will be used
|
||||
# when any section or field is not specified in your own configuration
|
||||
|
||||
# Root options
|
||||
|
||||
targets = []
|
||||
all-features = true
|
||||
no-default-features = false
|
||||
|
||||
# This section is considered when running `cargo deny check advisories`
|
||||
# More documentation for the advisories section can be found here:
|
||||
# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
|
||||
[advisories]
|
||||
db-path = "~/.cargo/advisory-db"
|
||||
db-urls = ["https://github.com/rustsec/advisory-db"]
|
||||
vulnerability = "deny"
|
||||
unmaintained = "warn"
|
||||
yanked = "warn"
|
||||
notice = "warn"
|
||||
ignore = [
|
||||
# time 0.1 - code path not taken
|
||||
"RUSTSEC-2020-0071",
|
||||
# potential to misuse ed25519-dalek 1.0
|
||||
# used by rusty-paseto. not in a vulnerable way
|
||||
# and we don't even use paseto public key crypto so we don't use this
|
||||
"RUSTSEC-2022-0093",
|
||||
# DoS with untrusted input. Only runs on the client so not a concern
|
||||
"RUSTSEC-2021-0041",
|
||||
]
|
||||
|
||||
# This section is considered when running `cargo deny check licenses`
|
||||
# More documentation for the licenses section can be found here:
|
||||
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
|
||||
[licenses]
|
||||
unlicensed = "deny"
|
||||
allow = [
|
||||
"Apache-2.0",
|
||||
"BSD-3-Clause",
|
||||
"ISC",
|
||||
"MIT",
|
||||
"MPL-2.0",
|
||||
"OpenSSL",
|
||||
"Unicode-DFS-2016",
|
||||
]
|
||||
deny = []
|
||||
copyleft = "warn"
|
||||
allow-osi-fsf-free = "neither"
|
||||
default = "deny"
|
||||
confidence-threshold = 0.8
|
||||
exceptions = []
|
||||
|
||||
# Some crates don't have (easily) machine readable licensing information,
|
||||
# adding a clarification entry for it allows you to manually specify the
|
||||
# licensing information
|
||||
[[licenses.clarify]]
|
||||
name = "ring"
|
||||
version = "*"
|
||||
expression = "MIT AND ISC AND OpenSSL"
|
||||
license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
|
||||
|
||||
# This section is considered when running `cargo deny check bans`.
|
||||
# More documentation about the 'bans' section can be found here:
|
||||
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
|
||||
[bans]
|
||||
multiple-versions = "allow"
|
||||
wildcards = "warn"
|
||||
highlight = "all"
|
||||
workspace-default-features = "allow"
|
||||
external-default-features = "allow"
|
||||
allow = []
|
||||
deny = []
|
||||
skip = []
|
||||
skip-tree = []
|
||||
|
||||
# This section is considered when running `cargo deny check sources`.
|
||||
# More documentation about the 'sources' section can be found here:
|
||||
# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html
|
||||
[sources]
|
||||
# Lint level for what to happen when a crate from a crate registry that is not
|
||||
# in the allow list is encountered
|
||||
unknown-registry = "warn"
|
||||
# Lint level for what to happen when a crate from a git repository that is not
|
||||
# in the allow list is encountered
|
||||
unknown-git = "warn"
|
||||
# List of URLs for allowed crate registries. Defaults to the crates.io index
|
||||
# if not specified. If it is specified but empty, no registries are allowed.
|
||||
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
||||
# List of URLs for allowed Git repositories
|
||||
allow-git = []
|
||||
|
||||
[sources.allow-org]
|
||||
# 1 or more github.com organizations to allow git sources for
|
||||
github = []
|
||||
# 1 or more gitlab.com organizations to allow git sources for
|
||||
gitlab = []
|
||||
# 1 or more bitbucket.org organizations to allow git sources for
|
||||
bitbucket = []
|
Loading…
Reference in a new issue