Update dependencies (#1181)
This commit is contained in:
parent
69a772d1ca
commit
aa8e5f5c04
10 changed files with 1091 additions and 666 deletions
1615
Cargo.lock
generated
1615
Cargo.lock
generated
File diff suppressed because it is too large
Load diff
|
@ -32,12 +32,15 @@ interim = { version = "0.1.0", features = ["chrono"] }
|
||||||
itertools = "0.10.5"
|
itertools = "0.10.5"
|
||||||
rand = { version = "0.8.5", features = ["std"] }
|
rand = { version = "0.8.5", features = ["std"] }
|
||||||
semver = "1.0.14"
|
semver = "1.0.14"
|
||||||
serde = { version = "1.0.145", features = ["derive"] }
|
# https://github.com/serde-rs/serde/issues/2538
|
||||||
|
# I don't trust dtolnay with our user's builds. especially as we
|
||||||
|
# have things like encryption keys
|
||||||
|
serde = { version = "1.0.145, <=1.0.171", features = ["derive"] }
|
||||||
serde_json = "1.0.99"
|
serde_json = "1.0.99"
|
||||||
tokio = { version = "1", features = ["full"] }
|
tokio = { version = "1", features = ["full"] }
|
||||||
uuid = { version = "1.3", features = ["v4", "serde"] }
|
uuid = { version = "1.3", features = ["v4", "serde"] }
|
||||||
whoami = "1.1.2"
|
whoami = "1.1.2"
|
||||||
typed-builder = "0.14.0"
|
typed-builder = "0.15.0"
|
||||||
pretty_assertions = "1.3.0"
|
pretty_assertions = "1.3.0"
|
||||||
|
|
||||||
[workspace.dependencies.reqwest]
|
[workspace.dependencies.reqwest]
|
||||||
|
@ -46,5 +49,5 @@ features = ["json", "rustls-tls-native-roots"]
|
||||||
default-features = false
|
default-features = false
|
||||||
|
|
||||||
[workspace.dependencies.sqlx]
|
[workspace.dependencies.sqlx]
|
||||||
version = "0.6"
|
version = "0.7.1"
|
||||||
features = ["runtime-tokio-rustls", "chrono", "postgres", "uuid"]
|
features = ["runtime-tokio-rustls", "chrono", "postgres", "uuid"]
|
||||||
|
|
|
@ -44,11 +44,11 @@ sql-builder = "3"
|
||||||
lazy_static = "1"
|
lazy_static = "1"
|
||||||
memchr = "2.5"
|
memchr = "2.5"
|
||||||
rmp = { version = "0.8.11" }
|
rmp = { version = "0.8.11" }
|
||||||
typed-builder = "0.14.0"
|
typed-builder = { workspace = true }
|
||||||
tokio = { workspace = true }
|
tokio = { workspace = true }
|
||||||
semver = { workspace = true }
|
semver = { workspace = true }
|
||||||
futures = "0.3"
|
futures = "0.3"
|
||||||
xsalsa20poly1305 = "0.9.0"
|
crypto_secretbox = "0.1.1"
|
||||||
generic-array = { version = "0.14", features = ["serde"] }
|
generic-array = { version = "0.14", features = ["serde"] }
|
||||||
|
|
||||||
# encryption
|
# encryption
|
||||||
|
|
|
@ -166,7 +166,7 @@ impl Sqlite {
|
||||||
.bind(h.session.as_str())
|
.bind(h.session.as_str())
|
||||||
.bind(h.hostname.as_str())
|
.bind(h.hostname.as_str())
|
||||||
.bind(h.deleted_at.map(|t|t.timestamp_nanos()))
|
.bind(h.deleted_at.map(|t|t.timestamp_nanos()))
|
||||||
.execute(tx)
|
.execute(&mut **tx)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
|
@ -12,15 +12,15 @@ use std::{io::prelude::*, path::PathBuf};
|
||||||
|
|
||||||
use base64::prelude::{Engine, BASE64_STANDARD};
|
use base64::prelude::{Engine, BASE64_STANDARD};
|
||||||
use chrono::{DateTime, Utc};
|
use chrono::{DateTime, Utc};
|
||||||
|
pub use crypto_secretbox::Key;
|
||||||
|
use crypto_secretbox::{
|
||||||
|
aead::{Nonce, OsRng},
|
||||||
|
AeadCore, AeadInPlace, KeyInit, XSalsa20Poly1305,
|
||||||
|
};
|
||||||
use eyre::{bail, ensure, eyre, Context, Result};
|
use eyre::{bail, ensure, eyre, Context, Result};
|
||||||
use fs_err as fs;
|
use fs_err as fs;
|
||||||
use rmp::{decode::Bytes, Marker};
|
use rmp::{decode::Bytes, Marker};
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
pub use xsalsa20poly1305::Key;
|
|
||||||
use xsalsa20poly1305::{
|
|
||||||
aead::{Nonce, OsRng},
|
|
||||||
AeadInPlace, KeyInit, XSalsa20Poly1305,
|
|
||||||
};
|
|
||||||
|
|
||||||
use crate::{history::History, settings::Settings};
|
use crate::{history::History, settings::Settings};
|
||||||
|
|
||||||
|
@ -240,7 +240,7 @@ fn error_report<E: std::fmt::Debug>(err: E) -> eyre::Report {
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod test {
|
mod test {
|
||||||
use xsalsa20poly1305::{aead::OsRng, KeyInit, XSalsa20Poly1305};
|
use crypto_secretbox::{aead::OsRng, KeyInit, XSalsa20Poly1305};
|
||||||
|
|
||||||
use crate::history::History;
|
use crate::history::History;
|
||||||
|
|
||||||
|
|
|
@ -218,8 +218,8 @@ impl KvStore {
|
||||||
|
|
||||||
#[cfg(test)]
|
#[cfg(test)]
|
||||||
mod tests {
|
mod tests {
|
||||||
|
use crypto_secretbox::{KeyInit, XSalsa20Poly1305};
|
||||||
use rand::rngs::OsRng;
|
use rand::rngs::OsRng;
|
||||||
use xsalsa20poly1305::{KeyInit, XSalsa20Poly1305};
|
|
||||||
|
|
||||||
use crate::record::sqlite_store::SqliteStore;
|
use crate::record::sqlite_store::SqliteStore;
|
||||||
|
|
||||||
|
|
|
@ -72,7 +72,7 @@ impl SqliteStore {
|
||||||
.bind(r.version.as_str())
|
.bind(r.version.as_str())
|
||||||
.bind(r.data.data.as_str())
|
.bind(r.data.data.as_str())
|
||||||
.bind(r.data.content_encryption_key.as_str())
|
.bind(r.data.content_encryption_key.as_str())
|
||||||
.execute(tx)
|
.execute(&mut **tx)
|
||||||
.await?;
|
.await?;
|
||||||
|
|
||||||
Ok(())
|
Ok(())
|
||||||
|
|
|
@ -6,7 +6,7 @@ use chrono::prelude::*;
|
||||||
use eyre::Result;
|
use eyre::Result;
|
||||||
|
|
||||||
use atuin_common::api::AddHistoryRequest;
|
use atuin_common::api::AddHistoryRequest;
|
||||||
use xsalsa20poly1305::Key;
|
use crypto_secretbox::Key;
|
||||||
|
|
||||||
use crate::{
|
use crate::{
|
||||||
api_client,
|
api_client,
|
||||||
|
|
|
@ -247,7 +247,7 @@ impl Database for Postgres {
|
||||||
.bind(hostname)
|
.bind(hostname)
|
||||||
.bind(i.timestamp)
|
.bind(i.timestamp)
|
||||||
.bind(data)
|
.bind(data)
|
||||||
.execute(&mut tx)
|
.execute(&mut *tx)
|
||||||
.await
|
.await
|
||||||
.map_err(fix_error)?;
|
.map_err(fix_error)?;
|
||||||
}
|
}
|
||||||
|
@ -375,7 +375,7 @@ impl Database for Postgres {
|
||||||
.bind(&i.data.data)
|
.bind(&i.data.data)
|
||||||
.bind(&i.data.content_encryption_key)
|
.bind(&i.data.content_encryption_key)
|
||||||
.bind(user.id)
|
.bind(user.id)
|
||||||
.execute(&mut tx)
|
.execute(&mut *tx)
|
||||||
.await
|
.await
|
||||||
.map_err(fix_error)?;
|
.map_err(fix_error)?;
|
||||||
}
|
}
|
||||||
|
|
105
deny.toml
Normal file
105
deny.toml
Normal file
|
@ -0,0 +1,105 @@
|
||||||
|
# This template contains all of the possible sections and their default values
|
||||||
|
|
||||||
|
# Note that all fields that take a lint level have these possible values:
|
||||||
|
# * deny - An error will be produced and the check will fail
|
||||||
|
# * warn - A warning will be produced, but the check will not fail
|
||||||
|
# * allow - No warning or error will be produced, though in some cases a note
|
||||||
|
# will be
|
||||||
|
|
||||||
|
# The values provided in this template are the default values that will be used
|
||||||
|
# when any section or field is not specified in your own configuration
|
||||||
|
|
||||||
|
# Root options
|
||||||
|
|
||||||
|
targets = []
|
||||||
|
all-features = true
|
||||||
|
no-default-features = false
|
||||||
|
|
||||||
|
# This section is considered when running `cargo deny check advisories`
|
||||||
|
# More documentation for the advisories section can be found here:
|
||||||
|
# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html
|
||||||
|
[advisories]
|
||||||
|
db-path = "~/.cargo/advisory-db"
|
||||||
|
db-urls = ["https://github.com/rustsec/advisory-db"]
|
||||||
|
vulnerability = "deny"
|
||||||
|
unmaintained = "warn"
|
||||||
|
yanked = "warn"
|
||||||
|
notice = "warn"
|
||||||
|
ignore = [
|
||||||
|
# time 0.1 - code path not taken
|
||||||
|
"RUSTSEC-2020-0071",
|
||||||
|
# potential to misuse ed25519-dalek 1.0
|
||||||
|
# used by rusty-paseto. not in a vulnerable way
|
||||||
|
# and we don't even use paseto public key crypto so we don't use this
|
||||||
|
"RUSTSEC-2022-0093",
|
||||||
|
# DoS with untrusted input. Only runs on the client so not a concern
|
||||||
|
"RUSTSEC-2021-0041",
|
||||||
|
]
|
||||||
|
|
||||||
|
# This section is considered when running `cargo deny check licenses`
|
||||||
|
# More documentation for the licenses section can be found here:
|
||||||
|
# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html
|
||||||
|
[licenses]
|
||||||
|
unlicensed = "deny"
|
||||||
|
allow = [
|
||||||
|
"Apache-2.0",
|
||||||
|
"BSD-3-Clause",
|
||||||
|
"ISC",
|
||||||
|
"MIT",
|
||||||
|
"MPL-2.0",
|
||||||
|
"OpenSSL",
|
||||||
|
"Unicode-DFS-2016",
|
||||||
|
]
|
||||||
|
deny = []
|
||||||
|
copyleft = "warn"
|
||||||
|
allow-osi-fsf-free = "neither"
|
||||||
|
default = "deny"
|
||||||
|
confidence-threshold = 0.8
|
||||||
|
exceptions = []
|
||||||
|
|
||||||
|
# Some crates don't have (easily) machine readable licensing information,
|
||||||
|
# adding a clarification entry for it allows you to manually specify the
|
||||||
|
# licensing information
|
||||||
|
[[licenses.clarify]]
|
||||||
|
name = "ring"
|
||||||
|
version = "*"
|
||||||
|
expression = "MIT AND ISC AND OpenSSL"
|
||||||
|
license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }]
|
||||||
|
|
||||||
|
# This section is considered when running `cargo deny check bans`.
|
||||||
|
# More documentation about the 'bans' section can be found here:
|
||||||
|
# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html
|
||||||
|
[bans]
|
||||||
|
multiple-versions = "allow"
|
||||||
|
wildcards = "warn"
|
||||||
|
highlight = "all"
|
||||||
|
workspace-default-features = "allow"
|
||||||
|
external-default-features = "allow"
|
||||||
|
allow = []
|
||||||
|
deny = []
|
||||||
|
skip = []
|
||||||
|
skip-tree = []
|
||||||
|
|
||||||
|
# This section is considered when running `cargo deny check sources`.
|
||||||
|
# More documentation about the 'sources' section can be found here:
|
||||||
|
# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html
|
||||||
|
[sources]
|
||||||
|
# Lint level for what to happen when a crate from a crate registry that is not
|
||||||
|
# in the allow list is encountered
|
||||||
|
unknown-registry = "warn"
|
||||||
|
# Lint level for what to happen when a crate from a git repository that is not
|
||||||
|
# in the allow list is encountered
|
||||||
|
unknown-git = "warn"
|
||||||
|
# List of URLs for allowed crate registries. Defaults to the crates.io index
|
||||||
|
# if not specified. If it is specified but empty, no registries are allowed.
|
||||||
|
allow-registry = ["https://github.com/rust-lang/crates.io-index"]
|
||||||
|
# List of URLs for allowed Git repositories
|
||||||
|
allow-git = []
|
||||||
|
|
||||||
|
[sources.allow-org]
|
||||||
|
# 1 or more github.com organizations to allow git sources for
|
||||||
|
github = []
|
||||||
|
# 1 or more gitlab.com organizations to allow git sources for
|
||||||
|
gitlab = []
|
||||||
|
# 1 or more bitbucket.org organizations to allow git sources for
|
||||||
|
bitbucket = []
|
Loading…
Reference in a new issue