diff --git a/Cargo.lock b/Cargo.lock index 2f76061..0d12639 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4,9 +4,9 @@ version = 3 [[package]] name = "addr2line" -version = "0.19.0" +version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a76fd60b23679b7d19bd066031410fb7e458ccc5e958eb5c325888ce4baedc97" +checksum = "f4fa78e18c64fce05e902adecd7a5eed15a5e0a3439f7b0e169f0252214865e3" dependencies = [ "gimli", ] @@ -29,9 +29,9 @@ dependencies = [ [[package]] name = "aes" -version = "0.8.2" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "433cfd6710c9986c576a25ca913c39d66a6474107b406f34f91d4a8923395241" +checksum = "ac1f845298e95f983ff1944b728ae08b8cebab80d684f0a832ed0fc74dfa27e2" dependencies = [ "cfg-if", "cipher", @@ -75,7 +75,6 @@ dependencies = [ "futures", "futures-test", "hex", - "hkdf", "hmac", "i18n-embed", "i18n-embed-fl", @@ -134,9 +133,9 @@ dependencies = [ [[package]] name = "ahash" -version = "0.8.0" +version = "0.8.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "57e6e951cfbb2db8de1828d49073a113a29fd7117b1596caa781a258c7e38d72" +checksum = "2c99f64d1e06488f620f932677e24bc6e2897582980441ae90a671415bd7ec2f" dependencies = [ "cfg-if", "getrandom 0.2.10", @@ -146,9 +145,9 @@ dependencies = [ [[package]] name = "aho-corasick" -version = "0.7.20" +version = "1.0.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cc936419f96fa211c1b9166887b38e5e40b19958e5b895be7c1f93adec7071ac" +checksum = "43f6cb1bf222025340178f382c426f13757b2960e89779dfcb319c32542a5a41" dependencies = [ "memchr", ] @@ -168,6 +167,18 @@ dependencies = [ "libc", ] +[[package]] +name = "anes" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4b46cbb362ab8752921c97e041f5e366ee6297bd428a31275b9fcf1e380f7299" + +[[package]] +name = "anstyle" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3a30da5c5f2d5e72842e00bcb57657162cdabef0931f40e2deb9b4140440cecd" + [[package]] name = "arc-swap" version = "1.6.0" @@ -176,9 +187,9 @@ checksum = "bddcadddf5e9015d310179a59bb28c4d4b9920ad0f11e8e14dbadf654890c9a6" [[package]] name = "arrayvec" -version = "0.7.2" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8da52d66c7071e2e3fa2a1e5c6d088fec47b593032b254f5e980de8ea54454d6" +checksum = "96d30a06541fbafbc7f82ed10c06164cfbd2c401138f6addd8404629c4b16711" [[package]] name = "atty" @@ -199,39 +210,39 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "backtrace" -version = "0.3.67" +version = "0.3.68" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "233d376d6d185f2a3093e58f283f60f880315b6c60075b01f36b3b85154564ca" +checksum = "4319208da049c43661739c5fade2ba182f09d1dc2299b32298d3a31692b17e12" dependencies = [ "addr2line", "cc", "cfg-if", "libc", - "miniz_oxide 0.6.2", + "miniz_oxide", "object", "rustc-demangle", ] [[package]] name = "base64" -version = "0.13.1" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" [[package]] name = "base64ct" -version = "1.5.3" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b645a089122eccb6111b4f81cbc1a49f5900ac4666bb93ac027feaecf15607bf" +checksum = "8c3c1a368f70d6cf7302d78f8f7093da241fb8e8807c05cc9e51a125895a6d5b" [[package]] name = "bcrypt-pbkdf" -version = "0.9.0" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3806a8db60cf56efee531616a34a6aaa9a114d6da2add861b0fa4a188881b2c7" +checksum = "6aeac2e1fe888769f34f05ac343bbef98b14d1ffb292ab69d4608b3abc86f2a2" dependencies = [ "blowfish", - "pbkdf2", + "pbkdf2 0.12.2", "sha2", ] @@ -247,6 +258,12 @@ version = "1.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" +[[package]] +name = "bitflags" +version = "2.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "630be753d4e58660abd17930c71b647fe46c27ea6b63cc59e1e3851406972e42" + [[package]] name = "block" version = "0.1.6" @@ -281,23 +298,11 @@ dependencies = [ "cipher", ] -[[package]] -name = "bstr" -version = "0.2.17" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba3569f383e8f1598449f1a423e72e99569137b47740b1da11ef19af3d5c3223" -dependencies = [ - "lazy_static", - "memchr", - "regex-automata", - "serde", -] - [[package]] name = "bumpalo" -version = "3.12.0" +version = "3.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d261e256854913907f67ed06efbc3338dfe6179796deefc1ff763fc1aee5535" +checksum = "a3e2c3daef883ecc1b5d58c15adae93470a91d425f3532ba1695849656af3fc1" [[package]] name = "bytemuck" @@ -349,11 +354,12 @@ dependencies = [ [[package]] name = "cc" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +checksum = "6c6b2562119bf28c3439f7f02db99faf0aa1a8cdfe5772a2ee155d32227239f0" dependencies = [ "jobserver", + "libc", ] [[package]] @@ -401,6 +407,33 @@ dependencies = [ "winapi", ] +[[package]] +name = "ciborium" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "effd91f6c78e5a4ace8a5d3c0b6bfaec9e2baaef55f3efc00e45fb2e477ee926" +dependencies = [ + "ciborium-io", + "ciborium-ll", + "serde", +] + +[[package]] +name = "ciborium-io" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cdf919175532b369853f5d5e20b26b43112613fd6fe7aee757e35f7a44642656" + +[[package]] +name = "ciborium-ll" +version = "0.2.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "defaa24ecc093c77630e6c15e17c51f5e187bf35ee514f4e2d67baaa96dae22b" +dependencies = [ + "ciborium-io", + "half", +] + [[package]] name = "cipher" version = "0.4.4" @@ -414,47 +447,37 @@ dependencies = [ [[package]] name = "clap" -version = "2.34.0" +version = "4.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a0610544180c38b88101fecf2dd634b174a62eef6946f84dfc6a7127512b381c" +checksum = "5fd304a20bff958a57f04c4e96a2e7594cc4490a0e809cbd48bb6437edaa452d" dependencies = [ - "bitflags", - "textwrap 0.11.0", - "unicode-width", + "clap_builder", ] [[package]] -name = "clap" -version = "3.2.25" +name = "clap_builder" +version = "4.3.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4ea181bf566f71cb9a5d17a59e1871af638180a18fb0035c92ae62b705207123" +checksum = "01c6a3f08f1fe5662a35cfe393aec09c4df95f60ee93b7556505260f75eee9e1" dependencies = [ - "atty", - "bitflags", + "anstyle", "clap_lex", - "indexmap", - "strsim", - "termcolor", - "textwrap 0.16.0", ] [[package]] name = "clap_complete" -version = "3.2.5" +version = "4.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f7a2e0a962c45ce25afce14220bc24f9dade0a1787f185cecf96bfba7847cd8" +checksum = "5fc443334c81a804575546c5a8a79b4913b50e28d69232903604cada1de817ce" dependencies = [ - "clap 3.2.25", + "clap", ] [[package]] name = "clap_lex" -version = "0.2.4" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" -dependencies = [ - "os_str_bytes", -] +checksum = "2da6da31387c7e4ef160ffab6d5e7f00c42626fe39aea70a7b0f1773f7dd6c1b" [[package]] name = "console" @@ -470,9 +493,9 @@ dependencies = [ [[package]] name = "const-oid" -version = "0.9.2" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "520fbf3c07483f94e3e3ca9d0cfd913d7718ef2483d2cfd91c0d9e91474ab913" +checksum = "795bc6e66a8e340f075fcf6227e417a2dc976b92b91f3cdc778bb858778b6747" [[package]] name = "constant_time_eq" @@ -494,18 +517,18 @@ checksum = "e496a50fda8aacccc86d7529e2c1e0892dbd0f898a6b5645b5561b89c3210efa" [[package]] name = "cpp_demangle" -version = "0.3.5" +version = "0.4.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eeaa953eaad386a53111e47172c2fedba671e5684c8dd601a5f474f4f118710f" +checksum = "ee34052ee3d93d6d8f3e6f81d85c47921f6653a19a7b70e939e3e602d893a674" dependencies = [ "cfg-if", ] [[package]] name = "cpufeatures" -version = "0.2.7" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +checksum = "a17b76ff3a4162b0b27f354a0c87015ddad39d35f9c0c36607a3bdd175dde1f1" dependencies = [ "libc", ] @@ -521,24 +544,24 @@ dependencies = [ [[package]] name = "criterion" -version = "0.3.6" +version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b01d6de93b2b6c65e17c634a26653a29d107b3c98c607c765bf38d041531cd8f" +checksum = "f2b12d017a929603d80db1831cd3a24082f8137ce19c69e6447f54f5fc8d692f" dependencies = [ - "atty", + "anes", "cast", - "clap 2.34.0", + "ciborium", + "clap", "criterion-plot", - "csv", + "is-terminal", "itertools", - "lazy_static", "num-traits", + "once_cell", "oorandom", "plotters", "rayon", "regex", "serde", - "serde_cbor", "serde_derive", "serde_json", "tinytemplate", @@ -547,18 +570,18 @@ dependencies = [ [[package]] name = "criterion-cycles-per-byte" -version = "0.1.3" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07175eab62c9054f8828955f9a84ddd3f732f796ee99fb4898453d60be4bcbdc" +checksum = "13929cb9262ca80bcd63a664f74e9ca958bef631c3e50a3117c4069119fd9628" dependencies = [ "criterion", ] [[package]] name = "criterion-plot" -version = "0.4.5" +version = "0.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2673cc8207403546f45f5fd319a974b1e6983ad1a3ee7e6041650013be041876" +checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1" dependencies = [ "cast", "itertools", @@ -587,9 +610,9 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.14" +version = "0.9.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "46bd5f3f85273295a9d14aedfb86f6aadbff6d8f5295c4a9edb08e819dcf5695" +checksum = "ae211234986c545741a7dc064309f67ee1e5ad243d0e48335adc0484d960bcc7" dependencies = [ "autocfg", "cfg-if", @@ -600,9 +623,9 @@ dependencies = [ [[package]] name = "crossbeam-utils" -version = "0.8.15" +version = "0.8.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3c063cd8cc95f5c377ed0d4b49a4b21f632396ff690e8470c29b3359b346984b" +checksum = "5a22b2d63d4d1dc0b7f1b6b2747dd0088008a9be28b6ddf0b1e7d335e3037294" dependencies = [ "cfg-if", ] @@ -618,28 +641,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "csv" -version = "1.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22813a6dc45b335f9bade10bf7271dc477e81113e89eb251a0bc2a8a81c536e1" -dependencies = [ - "bstr", - "csv-core", - "itoa 0.4.8", - "ryu", - "serde", -] - -[[package]] -name = "csv-core" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b2466559f260f48ad25fe6317b3c8dac77b5bdb5763ac7d9d6103530663bc90" -dependencies = [ - "memchr", -] - [[package]] name = "ctr" version = "0.9.2" @@ -651,11 +652,11 @@ dependencies = [ [[package]] name = "ctrlc" -version = "3.3.1" +version = "3.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7394a21d012ce5c850497fb774b167d81b99f060025fbf06ee92b9848bd97eb2" +checksum = "2a011bbe2c35ce9c1f143b7af6f94f29a167beb4cd1d29e6740ce836f723120e" dependencies = [ - "nix 0.26.2", + "nix", "windows-sys 0.48.0", ] @@ -674,12 +675,12 @@ dependencies = [ [[package]] name = "dashmap" -version = "5.4.0" +version = "5.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "907076dfda823b0b36d2a1bb5f90c96660a5bbcd7729e10727f07858f22c4edc" +checksum = "6943ae99c34386c84a470c499d3414f66502a41340aa895406e0d2e4a207b91d" dependencies = [ "cfg-if", - "hashbrown", + "hashbrown 0.14.0", "lock_api", "once_cell", "parking_lot_core", @@ -696,9 +697,9 @@ dependencies = [ [[package]] name = "der" -version = "0.6.1" +version = "0.7.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de" +checksum = "0c7ed52955ce76b1554f509074bb357d3fb8ac9b51288a65a3fd480d1dfba946" dependencies = [ "const-oid", "zeroize", @@ -733,14 +734,14 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] name = "either" -version = "1.8.1" +version = "1.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7fcaabb2fef8c910e7f4c7ce9f67a1283a1715879a7c230ca9d6d1ae31f16d91" +checksum = "a26ae43d7bcc3b814de94796a5e736d4029efb0ee900c12e2d54c993ad1a1e07" [[package]] name = "encode_unicode" @@ -760,22 +761,28 @@ dependencies = [ [[package]] name = "env_logger" -version = "0.9.3" +version = "0.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a12e6657c4c97ebab115a42dcee77225f7f482cdd841cf7088c657a42e9e00e7" +checksum = "85cdab6a89accf66733ad5a1693a4dcced6aeff64602b634530dd73c1f3ee9f0" dependencies = [ - "atty", "humantime", + "is-terminal", "log", "regex", "termcolor", ] [[package]] -name = "errno" -version = "0.3.1" +name = "equivalent" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4bcfec3a70f97c962c307b2d2c56e358cf1d00b558d74262b5f929ee8cc7e73a" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + +[[package]] +name = "errno" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "6b30f669a7961ef1631673d2766cc92f52d64f7ef354d4fe0ddfd30ed52f0f4f" dependencies = [ "errno-dragonfly", "libc", @@ -794,22 +801,19 @@ dependencies = [ [[package]] name = "fastrand" -version = "1.9.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e51093e27b0797c359783294ca4f0a911c270184cb10f85783b118614a1501be" -dependencies = [ - "instant", -] +checksum = "6999dc1837253364c2ebb0704ba97994bd874e8f195d665c50b7548f6ea92764" [[package]] name = "filetime" -version = "0.2.21" +version = "0.2.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5cbc844cecaee9d4443931972e1289c8ff485cb4cc2767cb03ca139ed6885153" +checksum = "d4029edd3e734da6fe05b6cd7bd2960760a616bd2ddd0d59a0124746d6272af0" dependencies = [ "cfg-if", "libc", - "redox_syscall 0.2.16", + "redox_syscall", "windows-sys 0.48.0", ] @@ -819,7 +823,7 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -841,7 +845,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3b9429470923de8e8cbd4d2dc513535400b4b3fef0319fb5c4e1f520a7bef743" dependencies = [ "crc32fast", - "miniz_oxide 0.7.1", + "miniz_oxide", ] [[package]] @@ -972,7 +976,7 @@ checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -1066,9 +1070,9 @@ dependencies = [ [[package]] name = "gimli" -version = "0.27.2" +version = "0.27.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ad0a93d233ebf96623465aad4046a8d3aa4da22d4f4beba5388838c8a434bbb4" +checksum = "b6c80984affa11d98d1b88b66ac8853f143217b399d3c74116778ff8fdb4ed2e" [[package]] name = "gumdrop" @@ -1102,6 +1106,12 @@ version = "0.12.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +[[package]] +name = "hashbrown" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" + [[package]] name = "hermit-abi" version = "0.1.19" @@ -1113,18 +1123,9 @@ dependencies = [ [[package]] name = "hermit-abi" -version = "0.2.6" +version = "0.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ee512640fe35acbfb4bb779db6f0d80704c2cacfa2e39b601ef3e3f47d1ae4c7" -dependencies = [ - "libc", -] - -[[package]] -name = "hermit-abi" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fed44880c466736ef9a5c5b5facefb5ed0785676d0c02d612db14e54f0d84286" +checksum = "443144c8cdadd93ebf52ddb4056d257f5b52c04d3c804e657d19eb73fc33668b" [[package]] name = "hex" @@ -1158,23 +1159,23 @@ checksum = "9a3a5bfb195931eeb336b2a7b4d761daec841b97f947d34394601737a7bba5e4" [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.6", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -1209,15 +1210,15 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.18", + "syn 2.0.28", "unic-langid", ] [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -1256,19 +1257,29 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg", - "hashbrown", + "hashbrown 0.12.3", +] + +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown 0.14.0", ] [[package]] name = "inferno" -version = "0.11.14" +version = "0.11.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6e66fa9bb3c52f40d05c11b78919ff2f18993c2305bd8a62556d20cb3e9606f" +checksum = "2fb7c1b80a1dfa604bb4a649a5c5aeef3d913f7c520cb42b40e534e8a61bcdfc" dependencies = [ "ahash", - "atty", - "indexmap", - "itoa 1.0.6", + "indexmap 1.9.3", + "is-terminal", + "itoa", "log", "num-format", "once_cell", @@ -1287,15 +1298,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "instant" -version = "0.1.12" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a5bbe824c507c5da5956355e86a746d82e0e1464f65d862cc5e71da70e94b2c" -dependencies = [ - "cfg-if", -] - [[package]] name = "intl-memoizer" version = "0.5.1" @@ -1315,23 +1317,23 @@ dependencies = [ "unic-langid", ] -[[package]] -name = "io-lifetimes" -version = "1.0.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eae7b9aee968036d54dce06cebaefd919e4472e753296daccd6d344e3e2df0c2" -dependencies = [ - "hermit-abi 0.3.1", - "libc", - "windows-sys 0.48.0", -] - [[package]] name = "io_tee" version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4b3f7cef34251886990511df1c61443aa928499d598a9473929ab5a90a527304" +[[package]] +name = "is-terminal" +version = "0.4.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "cb0889898416213fab133e1d33a0e5858a48177452750691bde3666d0fdbaf8b" +dependencies = [ + "hermit-abi 0.3.2", + "rustix", + "windows-sys 0.48.0", +] + [[package]] name = "itertools" version = "0.10.5" @@ -1343,15 +1345,9 @@ dependencies = [ [[package]] name = "itoa" -version = "0.4.8" +version = "1.0.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b71991ff56294aa922b450139ee08b3bfc70982c6b2c7562771375cf73542dd4" - -[[package]] -name = "itoa" -version = "1.0.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "453ad9f582a441959e5f0d088b02ce04cfe8d51a8eaf077f12ac6d3e94164ca6" +checksum = "af150ab688ff2122fcef229be89cb50dd66af9e01a4ff320cc137eecc9bacc38" [[package]] name = "jobserver" @@ -1364,9 +1360,9 @@ dependencies = [ [[package]] name = "js-sys" -version = "0.3.63" +version = "0.3.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2f37a4a5928311ac501dee68b3c7613a1037d0edb30c8e5427bd832d55d1b790" +checksum = "c5f195fe497f702db0f318b07fdd68edb16955aed830df8363d837542f8f935a" dependencies = [ "wasm-bindgen", ] @@ -1382,9 +1378,9 @@ dependencies = [ [[package]] name = "libc" -version = "0.2.146" +version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f92be4933c13fd498862a9e02a3055f8a8d9c039ce33db97306fd5a6caa7f29b" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" [[package]] name = "libm" @@ -1394,9 +1390,9 @@ checksum = "f7012b1bbb0719e1097c47611d3898568c546d597c2e74d66f6087edd5233ff4" [[package]] name = "linux-raw-sys" -version = "0.3.8" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ef53942eb7bf7ff43a617b3e2c1c4a5ecf5944a7c1bc12d7ee39bbb15e5c1519" +checksum = "57bcfdad1b858c2db7c38303a6d2ad4dfaf5eb53dfeb0910128b2c26d6158503" [[package]] name = "locale_config" @@ -1423,12 +1419,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "malloc_buf" @@ -1465,9 +1458,9 @@ dependencies = [ [[package]] name = "memoffset" -version = "0.8.0" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d61c719bcfbcf5d62b3a09efa6088de8c54bc0bfcd3ea7ae39fcc186108b8de1" +checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c" dependencies = [ "autocfg", ] @@ -1478,15 +1471,6 @@ version = "0.2.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" -[[package]] -name = "miniz_oxide" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b275950c28b37e794e8c55d88aeb5e139d0ce23fdbbeda68f8d7174abdf9e8fa" -dependencies = [ - "adler", -] - [[package]] name = "miniz_oxide" version = "0.7.1" @@ -1496,24 +1480,13 @@ dependencies = [ "adler", ] -[[package]] -name = "nix" -version = "0.24.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa52e972a9a719cecb6864fb88568781eb706bac2cd1d4f04a648542dbf78069" -dependencies = [ - "bitflags", - "cfg-if", - "libc", -] - [[package]] name = "nix" version = "0.26.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bfdda3d196821d6af13126e40375cdf7da646a96114af134d5f417a9a1dc8e1a" dependencies = [ - "bitflags", + "bitflags 1.3.2", "cfg-if", "libc", "static_assertions", @@ -1531,9 +1504,9 @@ dependencies = [ [[package]] name = "num-bigint-dig" -version = "0.8.2" +version = "0.8.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2399c9463abc5f909349d8aa9ba080e0b88b3ce2885389b60b993f39b1a56905" +checksum = "dc84195820f291c7697304f3cbdadd1cb7199c0efc917ff5eafd71225c136151" dependencies = [ "byteorder", "lazy_static", @@ -1553,7 +1526,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a652d9771a63711fd3c3deb670acfbe5c30a4072e664d7a3bf5a9e1056ac72c3" dependencies = [ "arrayvec", - "itoa 1.0.6", + "itoa", ] [[package]] @@ -1579,9 +1552,9 @@ dependencies = [ [[package]] name = "num-traits" -version = "0.2.15" +version = "0.2.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "578ede34cf02f8924ab9447f50c28075b4d3e5b269972345e7e0372b38c6cdcd" +checksum = "f30b0abd723be7e2ffca1272140fac1a2f084c77ec3e123c192b66af1ee9e6c2" dependencies = [ "autocfg", "libm", @@ -1589,20 +1562,11 @@ dependencies = [ [[package]] name = "num_cpus" -version = "1.15.0" +version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0fac9e2da13b5eb447a6ce3d392f23a29d8694bff781bf03a16cd9ac8697593b" -dependencies = [ - "hermit-abi 0.2.6", - "libc", -] - -[[package]] -name = "num_threads" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2819ce041d2ee131036f4fc9d6ae7ae125a3a40e97ba64d04fe799ad9dabbb44" +checksum = "4161fcb6d602d4d2081af7c3a45852d875a03dd337a6bfdd6e06407b61342a43" dependencies = [ + "hermit-abi 0.3.2", "libc", ] @@ -1637,18 +1601,18 @@ dependencies = [ [[package]] name = "object" -version = "0.30.4" +version = "0.31.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03b4680b86d9cfafba8fc491dc9b6df26b68cf40e9e6cd73909194759a63c385" +checksum = "8bda667d9f2b5051b8833f59f3bf748b28ef54f850f4fcb389a252aa383866d1" dependencies = [ "memchr", ] [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "oorandom" @@ -1662,12 +1626,6 @@ version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" -[[package]] -name = "os_str_bytes" -version = "6.5.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d5d9eb14b174ee9aa2ef96dc2b94637a2d4b6e7cb873c7e171f0c20c6cf3eac" - [[package]] name = "page_size" version = "0.4.2" @@ -1696,9 +1654,9 @@ checksum = "93f00c865fe7cabf650081affecd3871070f26767e7b2070a3ffae14c654b447" dependencies = [ "cfg-if", "libc", - "redox_syscall 0.3.5", + "redox_syscall", "smallvec", - "windows-targets 0.48.0", + "windows-targets 0.48.1", ] [[package]] @@ -1724,6 +1682,16 @@ dependencies = [ "sha2", ] +[[package]] +name = "pbkdf2" +version = "0.12.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" +dependencies = [ + "digest 0.10.7", + "hmac", +] + [[package]] name = "percent-encoding" version = "2.3.0" @@ -1732,29 +1700,29 @@ checksum = "9b2a4787296e9989611394c33f193f676704af1686e70b8f8033ab5ba9a35a94" [[package]] name = "pin-project" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c95a7476719eab1e366eaf73d0260af3021184f18177925b07f54b30089ceead" +checksum = "030ad2bc4db10a8944cb0d837f158bdfec4d4a4873ab701a95046770d11f8842" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39407670928234ebc5e6e580247dd567ad73a3578460c5990f9503df207e8f07" +checksum = "ec2e072ecce94ec471b13398d5402c188e76ac03cf74dd1a975161b23a3f6d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] name = "pin-project-lite" -version = "0.2.9" +version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e0a7ae3ac2f1173085d398531c705756c94a4c56843785df85a60c1a0afac116" +checksum = "4c40d25201921e5ff0c862a505c6557ea88568a4e3ace775ab55e93f2f4f9d57" [[package]] name = "pin-utils" @@ -1778,21 +1746,20 @@ dependencies = [ [[package]] name = "pkcs1" -version = "0.4.1" +version = "0.7.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "eff33bdbdfc54cc98a2eca766ebdec3e1b8fb7387523d5c9c9a2891da856f719" +checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f" dependencies = [ "der", "pkcs8", "spki", - "zeroize", ] [[package]] name = "pkcs8" -version = "0.9.0" +version = "0.10.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9eca2c590a5f85da82668fa685c09ce2888b9430e83299debf1f34b65fd4a4ba" +checksum = "f950b2377845cebe5cf8b5165cb3cc1a5e0fa5cfa3e1f7f55707d8fd82e0a7b7" dependencies = [ "der", "spki", @@ -1806,9 +1773,9 @@ checksum = "26072860ba924cbfa98ea39c8c19b4dd6a4a25423dbdf219c1eca91aa0cf6964" [[package]] name = "plotters" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2538b639e642295546c50fcd545198c9d64ee2a38620a628724a3b266d5fbf97" +checksum = "d2c224ba00d7cadd4d5c660deaf2098e5e80e07846537c51f9cfa4be50c1fd45" dependencies = [ "num-traits", "plotters-backend", @@ -1819,15 +1786,15 @@ dependencies = [ [[package]] name = "plotters-backend" -version = "0.3.4" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "193228616381fecdc1224c62e96946dfbc73ff4384fba576e052ff8c1bea8142" +checksum = "9e76628b4d3a7581389a35d5b6e2139607ad7c75b17aed325f210aa91f4a9609" [[package]] name = "plotters-svg" -version = "0.3.3" +version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9a81d2759aae1dae668f783c308bc5c8ebd191ff4184aaa1b37f65a6ae5a56f" +checksum = "38f6d39893cca0701371e3c27294f09797214b86f1fb951b89ade8ec04e2abab" dependencies = [ "plotters-backend", ] @@ -1845,9 +1812,9 @@ dependencies = [ [[package]] name = "polyval" -version = "0.6.0" +version = "0.6.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7ef234e08c11dfcb2e56f79fd70f6f2eb7f025c0ce2333e82f4f0518ecad30c6" +checksum = "d52cff9d1d4dee5fe6d03729099f4a310a41179e0a10dbf542039873f2e826fb" dependencies = [ "cfg-if", "cpufeatures", @@ -1857,9 +1824,9 @@ dependencies = [ [[package]] name = "pprof" -version = "0.10.1" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d6472bfed9475542ac46c518734a8d06d71b0f6cb2c17f904aa301711a57786f" +checksum = "978385d59daf9269189d052ca8a84c1acfd0715c0599a5d5188d4acc078ca46a" dependencies = [ "backtrace", "cfg-if", @@ -1868,7 +1835,7 @@ dependencies = [ "inferno", "libc", "log", - "nix 0.24.3", + "nix", "once_cell", "parking_lot", "smallvec", @@ -1909,9 +1876,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.60" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" dependencies = [ "unicode-ident", ] @@ -1949,9 +1916,9 @@ dependencies = [ [[package]] name = "quote" -version = "1.0.28" +version = "1.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" dependencies = [ "proc-macro2", ] @@ -1962,11 +1929,11 @@ version = "0.9.2" dependencies = [ "age", "chrono", - "clap 3.2.25", + "clap", "clap_complete", "console", "ctrlc", - "env_logger 0.9.3", + "env_logger 0.10.0", "flate2", "fuse_mt", "fuser", @@ -1980,7 +1947,7 @@ dependencies = [ "pinentry", "rust-embed", "tar", - "time 0.3.15", + "time 0.3.23", "zip", ] @@ -2077,46 +2044,43 @@ dependencies = [ "num_cpus", ] -[[package]] -name = "redox_syscall" -version = "0.2.16" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a" -dependencies = [ - "bitflags", -] - [[package]] name = "redox_syscall" version = "0.3.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" dependencies = [ - "bitflags", + "bitflags 1.3.2", ] [[package]] name = "regex" -version = "1.7.3" +version = "1.9.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b1f693b24f6ac912f4893ef08244d70b6067480d2f1a46e950c9691e6749d1d" +checksum = "b2eae68fc220f7cf2532e4494aded17545fce192d59cd996e0fe7887f4ceb575" +dependencies = [ + "aho-corasick", + "memchr", + "regex-automata", + "regex-syntax", +] + +[[package]] +name = "regex-automata" +version = "0.3.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b7b6d6190b7594385f61bd3911cd1be99dfddcfc365a4160cc2ab5bff4aed294" dependencies = [ "aho-corasick", "memchr", "regex-syntax", ] -[[package]] -name = "regex-automata" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132" - [[package]] name = "regex-syntax" -version = "0.6.29" +version = "0.7.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" +checksum = "e5ea92a5b6195c6ef2a0295ea818b312502c6fc94dde986c5553242e18fd4ce2" [[package]] name = "rgb" @@ -2135,23 +2099,23 @@ checksum = "e33e4fb37ba46888052c763e4ec2acfedd8f00f62897b630cadb6298b833675e" [[package]] name = "rpassword" -version = "6.0.1" +version = "7.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2bf099a1888612545b683d2661a1940089f6c2e5a8e38979b2159da876bfd956" +checksum = "6678cf63ab3491898c0d021b493c94c9b221d91295294a2a5746eacbe5928322" dependencies = [ "libc", - "serde", - "serde_json", + "rtoolbox", "winapi", ] [[package]] name = "rsa" -version = "0.7.2" +version = "0.9.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "094052d5470cbcef561cb848a7209968c9f12dfa6d668f4bca048ac5de51099c" +checksum = "6ab43bb47d23c1a631b4b680199a45255dce26fa9ab2fa902581f624ff13e6a8" dependencies = [ "byteorder", + "const-oid", "digest 0.10.7", "num-bigint-dig", "num-integer", @@ -2161,16 +2125,26 @@ dependencies = [ "pkcs8", "rand_core 0.6.4", "signature", - "smallvec", + "spki", "subtle", "zeroize", ] [[package]] -name = "rust-embed" -version = "6.7.0" +name = "rtoolbox" +version = "0.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b73e721f488c353141288f223b599b4ae9303ecf3e62923f40a492f0634a4dc3" +checksum = "034e22c514f5c0cb8a10ff341b9b048b5ceb21591f31c8f44c43b960f9b3524a" +dependencies = [ + "libc", + "winapi", +] + +[[package]] +name = "rust-embed" +version = "6.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a36224c3276f8c4ebc8c20f158eca7ca4359c8db89991c4925132aaaf6702661" dependencies = [ "rust-embed-impl", "rust-embed-utils", @@ -2179,22 +2153,22 @@ dependencies = [ [[package]] name = "rust-embed-impl" -version = "6.6.0" +version = "6.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e22ce362f5561923889196595504317a4372b84210e6e335da529a65ea5452b5" +checksum = "49b94b81e5b2c284684141a2fb9e2a31be90638caf040bf9afbc5a0416afe1ac" dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.18", + "syn 2.0.28", "walkdir", ] [[package]] name = "rust-embed-utils" -version = "7.5.0" +version = "7.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "512b0ab6853f7e14e3c8754acb43d6f748bb9ced66aa5915a6553ac8213f7731" +checksum = "9d38ff6bf570dc3bb7100fce9f7b60c33fa71d80e88da3f2580df4ff2bdded74" dependencies = [ "sha2", "walkdir", @@ -2214,13 +2188,12 @@ checksum = "08d43f7aa6b08d49f382cde6a7982047c3426db949b1424bc4b7ec9ae12c6ce2" [[package]] name = "rustix" -version = "0.37.20" +version = "0.38.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b96e891d04aa506a6d1f318d2771bcb1c7dfda84e126660ace067c9b474bb2c0" +checksum = "1ee020b1716f0a80e2ace9b03441a749e402e86712f15f16fe8a8f75afac732f" dependencies = [ - "bitflags", + "bitflags 2.3.3", "errno", - "io-lifetimes", "libc", "linux-raw-sys", "windows-sys 0.48.0", @@ -2228,9 +2201,9 @@ dependencies = [ [[package]] name = "ryu" -version = "1.0.13" +version = "1.0.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f91339c0467de62360649f8d3e185ca8de4224ff281f66000de5eb2a77a79041" +checksum = "1ad4cc8da4ef723ed60bced201181d83791ad433213d8c24efffda1eec85d741" [[package]] name = "salsa20" @@ -2252,18 +2225,17 @@ dependencies = [ [[package]] name = "scopeguard" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "scrypt" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f9e24d2b632954ded8ab2ef9fea0a0c769ea56ea98bddbafbad22caeeadf45d" +checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" dependencies = [ - "hmac", - "pbkdf2", + "pbkdf2 0.12.2", "salsa20", "sha2", ] @@ -2285,45 +2257,44 @@ checksum = "1ef965a420fe14fdac7dd018862966a4c14094f900e1650bbc71ddd7d580c8af" [[package]] name = "serde" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8c8cf938e98f769bc164923b06dce91cea1751522f46f8466461af04c9027d" +checksum = "6d3e73c93c3240c0bda063c239298e633114c69a888c3e37ca8bb33f343e9890" dependencies = [ "serde_derive", ] -[[package]] -name = "serde_cbor" -version = "0.11.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2bef2ebfde456fb76bbcf9f59315333decc4fda0b2b44b420243c11e0f5ec1f5" -dependencies = [ - "half", - "serde", -] - [[package]] name = "serde_derive" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" +checksum = "be02f6cb0cd3a5ec20bbcfbcbd749f57daddb1a0882dc2e46a6c236c90b977ed" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] name = "serde_json" -version = "1.0.96" +version = "1.0.104" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "057d394a50403bcac12672b2b18fb387ab6d289d957dab67dd201875391e52f1" +checksum = "076066c5f1078eac5b722a31827a8832fe108bed65dfa75e233c89f8206e976c" dependencies = [ - "itoa 1.0.6", + "itoa", "ryu", "serde", ] +[[package]] +name = "serde_spanned" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96426c9936fd7a0124915f9185ea1d20aa9445cc9821142f0a73bc9207a2e186" +dependencies = [ + "serde", +] + [[package]] name = "sha1" version = "0.10.5" @@ -2337,9 +2308,9 @@ dependencies = [ [[package]] name = "sha2" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8" dependencies = [ "cfg-if", "cpufeatures", @@ -2348,9 +2319,9 @@ dependencies = [ [[package]] name = "signature" -version = "1.6.4" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "74233d3b3b2f6d4b006dc19dee745e73e2a6bfb6f93607cd3b02bd5b00797d7c" +checksum = "5e1788eed21689f9cf370582dfc467ef36ed9c707f073528ddafa8d83e3b8500" dependencies = [ "digest 0.10.7", "rand_core 0.6.4", @@ -2367,9 +2338,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" [[package]] name = "spin" @@ -2379,9 +2350,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spki" -version = "0.6.0" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67cf02bbac7a337dc36e4f5a693db6c21e7863f45070f7064577eb4367a3212b" +checksum = "9d1e996ef02c474957d681f1b05213dfb0abab947b446a62d37770b23500184a" dependencies = [ "base64ct", "der", @@ -2419,9 +2390,9 @@ checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc" [[package]] name = "symbolic-common" -version = "9.2.1" +version = "12.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "800963ba330b09a2ae4a4f7c6392b81fbc2784099a98c1eac68c3437aa9382b2" +checksum = "167a4ffd7c35c143fd1030aa3c2caf76ba42220bd5a6b5f4781896434723b8c3" dependencies = [ "debugid", "memmap2", @@ -2431,9 +2402,9 @@ dependencies = [ [[package]] name = "symbolic-demangle" -version = "9.2.1" +version = "12.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2b940a1fdbc72bb3369e38714efe6cd332dbbe46d093cf03d668b9ac390d1ad0" +checksum = "e378c50e80686c1c5c205674e1f86a2858bec3d2a7dfdd690331a8a19330f293" dependencies = [ "cpp_demangle", "rustc-demangle", @@ -2453,9 +2424,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.18" +version = "2.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e" +checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" dependencies = [ "proc-macro2", "quote", @@ -2464,9 +2435,9 @@ dependencies = [ [[package]] name = "tar" -version = "0.4.38" +version = "0.4.39" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b55807c0344e1e6c04d7c965f5289c39a8d94ae23ed5c0b57aabac549f871c6" +checksum = "ec96d2ffad078296368d46ff1cb309be1c23c513b4ab0e22a45de0185275ac96" dependencies = [ "filetime", "libc", @@ -2475,14 +2446,13 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.6.0" +version = "3.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31c0432476357e58790aaa47a8efb0c5138f137343f3b5f23bd36a27e3b0a6d6" +checksum = "5486094ee78b2e5038a6382ed7645bc084dc2ec433426ca4c3cb61e2007b8998" dependencies = [ - "autocfg", "cfg-if", "fastrand", - "redox_syscall 0.3.5", + "redox_syscall", "rustix", "windows-sys 0.48.0", ] @@ -2498,18 +2468,18 @@ dependencies = [ [[package]] name = "test-case" -version = "2.2.2" +version = "3.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "21d6cf5a7dffb3f9dceec8e6b8ca528d9bd71d36c9f074defb548ce161f598c0" +checksum = "2a1d6e7bde536b0412f20765b76e921028059adfd1b90d8974d33fd3c91b25df" dependencies = [ "test-case-macros", ] [[package]] -name = "test-case-macros" -version = "2.2.2" +name = "test-case-core" +version = "3.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e45b7bf6e19353ddd832745c8fcf77a17a93171df7151187f26623f2b75b5b26" +checksum = "d10394d5d1e27794f772b6fc854c7e91a2dc26e2cbf807ad523370c2a59c0cee" dependencies = [ "cfg-if", "proc-macro-error", @@ -2519,38 +2489,36 @@ dependencies = [ ] [[package]] -name = "textwrap" -version = "0.11.0" +name = "test-case-macros" +version = "3.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d326610f408c7a4eb6f51c37c330e496b08506c9457c9d34287ecc38809fb060" +checksum = "eeb9a44b1c6a54c1ba58b152797739dba2a83ca74e18168a68c980eb142f9404" dependencies = [ - "unicode-width", + "proc-macro-error", + "proc-macro2", + "quote", + "syn 1.0.109", + "test-case-core", ] -[[package]] -name = "textwrap" -version = "0.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" - [[package]] name = "thiserror" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" +checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" +checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -2575,14 +2543,20 @@ dependencies = [ [[package]] name = "time" -version = "0.3.15" +version = "0.3.23" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" +checksum = "59e399c068f43a5d116fedaf73b203fa4f9c519f17e2b34f63221d3792f81446" dependencies = [ - "libc", - "num_threads", + "serde", + "time-core", ] +[[package]] +name = "time-core" +version = "0.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7300fbefb4dadc1af235a9cef3737cea692a9d97e1b9cbcd4ebdae6f8868e6fb" + [[package]] name = "tinystr" version = "0.7.1" @@ -2604,15 +2578,15 @@ dependencies = [ [[package]] name = "tokio" -version = "1.28.2" +version = "1.29.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "94d7b1cfd2aa4011f2de74c2c4c63665e27a71006b0a192dcd2710272e73dfa2" +checksum = "532826ff75199d5833b9d2c5fe410f29235e25704ee5f0ef599fb51c21f4a4da" dependencies = [ "autocfg", + "backtrace", "num_cpus", "pin-project-lite", "tokio-macros", - "windows-sys 0.48.0", ] [[package]] @@ -2623,7 +2597,7 @@ checksum = "630bdcf245f78637c13ec01ffae6187cca34625e8c63150d424b59e55af2675e" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -2635,6 +2609,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17e963a819c331dcacd7ab957d80bc2b9a9c1e71c804826d2f283dd65306542" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8123f27e969974a3dfba720fdb560be359f57b44302d280ba72e76a74480e8a" +dependencies = [ + "indexmap 2.0.0", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -2671,15 +2679,9 @@ dependencies = [ [[package]] name = "unicode-ident" -version = "1.0.9" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" - -[[package]] -name = "unicode-width" -version = "0.1.10" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0edd1e5b14653f783770bce4a4dabb4a5108a5370a5f5d8cfe8710c361f6c8b" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" [[package]] name = "universal-hash" @@ -2703,9 +2705,9 @@ dependencies = [ [[package]] name = "uuid" -version = "1.3.3" +version = "1.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "345444e32442451b267fc254ae85a209c64be56d2890e601a0c37ff0c3c5ecd2" +checksum = "79daa5ed5740825c40b389c5e50312b9c86df53fccd33f281df655642b43869d" [[package]] name = "version_check" @@ -2743,9 +2745,9 @@ checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" [[package]] name = "wasm-bindgen" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5bba0e8cb82ba49ff4e229459ff22a191bbe9a1cb3a341610c9c33efc27ddf73" +checksum = "7706a72ab36d8cb1f80ffbf0e071533974a60d0a308d01a5d0375bf60499a342" dependencies = [ "cfg-if", "wasm-bindgen-macro", @@ -2753,24 +2755,24 @@ dependencies = [ [[package]] name = "wasm-bindgen-backend" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "19b04bc93f9d6bdee709f6bd2118f57dd6679cf1176a1af464fca3ab0d66d8fb" +checksum = "5ef2b6d3c510e9625e5fe6f509ab07d66a760f0885d858736483c32ed7809abd" dependencies = [ "bumpalo", "log", "once_cell", "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-macro" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "14d6b024f1a526bb0234f52840389927257beb670610081360e5a03c5df9c258" +checksum = "dee495e55982a3bd48105a7b947fd2a9b4a8ae3010041b9e0faab3f9cd028f1d" dependencies = [ "quote", "wasm-bindgen-macro-support", @@ -2778,28 +2780,28 @@ dependencies = [ [[package]] name = "wasm-bindgen-macro-support" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e128beba882dd1eb6200e1dc92ae6c5dbaa4311aa7bb211ca035779e5efc39f8" +checksum = "54681b18a46765f095758388f2d0cf16eb8d4169b639ab575a8f5693af210c7b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", "wasm-bindgen-backend", "wasm-bindgen-shared", ] [[package]] name = "wasm-bindgen-shared" -version = "0.2.86" +version = "0.2.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ed9d5b4305409d1fc9482fee2d7f9bcbf24b3972bf59817ef757e23982242a93" +checksum = "ca6ad05a4870b2bf5fe995117d3728437bd27d7cd5f06f13c17443ef369775a1" [[package]] name = "web-sys" -version = "0.3.63" +version = "0.3.64" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3bdd9ef4e984da1187bf8110c5cf5b845fbc87a23602cdf912386a76fcd3a7c2" +checksum = "9b85cbef8c220a6abc02aefd892dfc0fc23afb1c6a426316ec33253a3877249b" dependencies = [ "js-sys", "wasm-bindgen", @@ -2853,7 +2855,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e686886bc078bc1b0b600cac0147aadb815089b6e4da64016cbd754b6342700f" dependencies = [ - "windows-targets 0.48.0", + "windows-targets 0.48.1", ] [[package]] @@ -2871,7 +2873,7 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" dependencies = [ - "windows-targets 0.48.0", + "windows-targets 0.48.1", ] [[package]] @@ -2891,9 +2893,9 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.48.0" +version = "0.48.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b1eb6f0cd7c80c79759c929114ef071b87354ce476d9d94271031c0497adfd5" +checksum = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" dependencies = [ "windows_aarch64_gnullvm 0.48.0", "windows_aarch64_msvc 0.48.0", @@ -2988,6 +2990,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acaaa1190073b2b101e15083c38ee8ec891b5e05cbee516521e94ec008f61e64" +dependencies = [ + "memchr", +] + [[package]] name = "wsl" version = "0.1.0" @@ -3052,7 +3063,7 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -3069,9 +3080,9 @@ dependencies = [ "crossbeam-utils", "flate2", "hmac", - "pbkdf2", + "pbkdf2 0.11.0", "sha1", - "time 0.3.15", + "time 0.3.23", "zstd", ] @@ -3096,10 +3107,11 @@ dependencies = [ [[package]] name = "zstd-sys" -version = "2.0.4+zstd.1.5.2" +version = "2.0.8+zstd.1.5.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4fa202f2ef00074143e219d15b62ffc317d17cc33909feac471c044087cad7b0" +checksum = "5556e6ee25d32df2586c098bbfa278803692a20d0ab9565e049480d52707ec8c" dependencies = [ "cc", "libc", + "pkg-config", ] diff --git a/Cargo.toml b/Cargo.toml index 667ef59..92c40f9 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -6,3 +6,63 @@ members = [ "rage", ] resolver = "2" + +[workspace.package] +authors = ["Jack Grigg "] +edition = "2021" +rust-version = "1.65" +repository = "https://github.com/str4d/rage" +license = "MIT OR Apache-2.0" + +[workspace.dependencies] +age = { version = "0.9.2", path = "age" } +age-core = { version = "0.9.0", path = "age-core" } + +# Dependencies required by the age specification: +# - Base64 from RFC 4648 +base64 = "0.21" + +# - ChaCha20-Poly1305 from RFC 7539 +chacha20poly1305 = { version = "0.10", default-features = false, features = ["alloc"] } + +# - X25519 from RFC 7748 +x25519-dalek = "1" + +# - HKDF from RFC 5869 with SHA-256 +# - HMAC from RFC 2104 with SHA-256 +hkdf = "0.12" +hmac = "0.12" +sha2 = "0.10" + +# - scrypt from RFC 7914 +scrypt = { version = "0.11", default-features = false } + +# - CSPRNG +rand = "0.8" +rand_7 = { package = "rand", version = "0.7" } + +# - Key encoding +bech32 = "0.9" + +# Parsing +cookie-factory = "0.3.1" +nom = { version = "7", default-features = false, features = ["alloc"] } + +# Secret management +pinentry = "0.5" +secrecy = "0.8" +subtle = "2" +zeroize = "1" + +# Localization +i18n-embed = { version = "0.13", features = ["fluent-system"] } +i18n-embed-fl = "0.6" +lazy_static = "1" +rust-embed = "6" + +# CLI +chrono = "0.4" +console = { version = "0.15", default-features = false } +env_logger = "0.10" +gumdrop = "0.8" +log = "0.4" diff --git a/age-core/CHANGELOG.md b/age-core/CHANGELOG.md index 6085e26..5d2b9d8 100644 --- a/age-core/CHANGELOG.md +++ b/age-core/CHANGELOG.md @@ -7,6 +7,11 @@ and this project adheres to Rust's notion of to 1.0.0 are beta releases. ## [Unreleased] +### Added +- `impl Eq for age_core::format::Stanza` + +### Changed +- MSRV is now 1.65.0. ## [0.9.0] - 2022-10-27 ### Changed diff --git a/age-core/Cargo.toml b/age-core/Cargo.toml index 3a06067..6b82a93 100644 --- a/age-core/Cargo.toml +++ b/age-core/Cargo.toml @@ -2,12 +2,12 @@ name = "age-core" description = "[BETA] Common functions used across the age crates" version = "0.9.0" -authors = ["Jack Grigg "] -repository = "https://github.com/str4d/rage" +authors.workspace = true +repository.workspace = true readme = "README.md" -license = "MIT OR Apache-2.0" -edition = "2021" -rust-version = "1.59" +license.workspace = true +edition.workspace = true +rust-version.workspace = true [package.metadata.docs.rs] all-features = true @@ -17,29 +17,20 @@ rustdoc-args = ["--cfg", "docsrs"] maintenance = { status = "experimental" } [dependencies] -# Dependencies required by the age specification: -# - Base64 from RFC 4648 -base64 = "0.13" - -# - ChaCha20-Poly1305 from RFC 7539 -chacha20poly1305 = { version = "0.10", default-features = false, features = ["alloc"] } - -# - HKDF from RFC 5869 with SHA-256 -hkdf = "0.12" -sha2 = "0.10" - -# - CSPRNG -rand = "0.8" - -# Parsing -cookie-factory = "0.3.1" -nom = { version = "7", default-features = false, features = ["alloc"] } - -# Secret management -secrecy = "0.8" - -# Plugin backend +# Dependencies exposed in a public API: +# (Breaking upgrades to these require a breaking upgrade to this crate.) +chacha20poly1305.workspace = true +cookie-factory.workspace = true io_tee = "0.1.1" +nom.workspace = true +secrecy.workspace = true + +# Dependencies used internally: +# (Breaking upgrades to these are usually backwards-compatible, but check MSRVs.) +base64.workspace = true +hkdf.workspace = true +rand.workspace = true +sha2.workspace = true tempfile = { version = "3.2.0", optional = true } [features] diff --git a/age-core/src/format.rs b/age-core/src/format.rs index cf16d90..b374dfe 100644 --- a/age-core/src/format.rs +++ b/age-core/src/format.rs @@ -1,5 +1,6 @@ //! Core types and encoding operations used by the age file format. +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use rand::{ distributions::{Distribution, Uniform}, thread_rng, RngCore, @@ -60,7 +61,7 @@ impl<'a> AgeStanza<'a> { data[full_chunks.len() * 64..].copy_from_slice(partial_chunk); // The chunks are guaranteed to contain Base64 characters by construction. - base64::decode_config(&data, base64::STANDARD_NO_PAD).unwrap() + BASE64_STANDARD_NO_PAD.decode(&data).unwrap() } } @@ -68,7 +69,7 @@ impl<'a> AgeStanza<'a> { /// recipient. /// /// This is the owned type; see [`AgeStanza`] for the reference type. -#[derive(Debug, PartialEq)] +#[derive(Debug, PartialEq, Eq)] pub struct Stanza { /// A tag identifying this stanza type. pub tag: String, @@ -324,6 +325,7 @@ pub mod read { /// Encoding operations for age types. pub mod write { + use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use cookie_factory::{ combinator::string, multi::separated_list, @@ -336,7 +338,7 @@ pub mod write { use super::STANZA_TAG; fn wrapped_encoded_data<'a, W: 'a + Write>(data: &[u8]) -> impl SerializeFn + 'a { - let encoded = base64::encode_config(data, base64::STANDARD_NO_PAD); + let encoded = BASE64_STANDARD_NO_PAD.encode(data); move |mut w: WriteContext| { let mut s = encoded.as_str(); @@ -377,6 +379,7 @@ pub mod write { #[cfg(test)] mod tests { + use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use nom::error::ErrorKind; use super::{read, write}; @@ -385,11 +388,9 @@ mod tests { fn parse_age_stanza() { let test_tag = "X25519"; let test_args = &["CJM36AHmTbdHSuOQL+NESqyVQE75f2e610iRdLPEN20"]; - let test_body = base64::decode_config( - "C3ZAeY64NXS4QFrksLm3EGz+uPRyI0eQsWw7LWbbYig", - base64::STANDARD_NO_PAD, - ) - .unwrap(); + let test_body = BASE64_STANDARD_NO_PAD + .decode("C3ZAeY64NXS4QFrksLm3EGz+uPRyI0eQsWw7LWbbYig") + .unwrap(); // The only body line is short, so we don't need a trailing empty line. let test_stanza = "-> X25519 CJM36AHmTbdHSuOQL+NESqyVQE75f2e610iRdLPEN20 @@ -433,11 +434,9 @@ C3ZAeY64NXS4QFrksLm3EGz+uPRyI0eQsWw7LWbbYig fn age_stanza_with_full_body() { let test_tag = "full-body"; let test_args = &["some", "arguments"]; - let test_body = base64::decode_config( - "xD7o4VEOu1t7KZQ1gDgq2FPzBEeSRqbnqvQEXdLRYy143BxR6oFxsUUJCRB0ErXA", - base64::STANDARD_NO_PAD, - ) - .unwrap(); + let test_body = BASE64_STANDARD_NO_PAD + .decode("xD7o4VEOu1t7KZQ1gDgq2FPzBEeSRqbnqvQEXdLRYy143BxR6oFxsUUJCRB0ErXA") + .unwrap(); // The body fills a complete line, so it requires a trailing empty line. let test_stanza = "-> full-body some arguments @@ -460,11 +459,9 @@ xD7o4VEOu1t7KZQ1gDgq2FPzBEeSRqbnqvQEXdLRYy143BxR6oFxsUUJCRB0ErXA fn age_stanza_with_legacy_full_body() { let test_tag = "full-body"; let test_args = &["some", "arguments"]; - let test_body = base64::decode_config( - "xD7o4VEOu1t7KZQ1gDgq2FPzBEeSRqbnqvQEXdLRYy143BxR6oFxsUUJCRB0ErXA", - base64::STANDARD_NO_PAD, - ) - .unwrap(); + let test_body = BASE64_STANDARD_NO_PAD + .decode("xD7o4VEOu1t7KZQ1gDgq2FPzBEeSRqbnqvQEXdLRYy143BxR6oFxsUUJCRB0ErXA") + .unwrap(); // The body fills a complete line, but lacks a trailing empty line. let test_stanza = "-> full-body some arguments diff --git a/age-core/src/plugin.rs b/age-core/src/plugin.rs index 7dc0063..0c68c31 100644 --- a/age-core/src/plugin.rs +++ b/age-core/src/plugin.rs @@ -430,7 +430,7 @@ mod tests { pipe.0 = pipe.0.split_off(n_out); Ok(n_out) } else { - (&mut buf[..n_in]).copy_from_slice(&pipe.0); + buf[..n_in].copy_from_slice(&pipe.0); pipe.0.clear(); Ok(n_in) } diff --git a/age-plugin/CHANGELOG.md b/age-plugin/CHANGELOG.md index 80aff0a..2ca0860 100644 --- a/age-plugin/CHANGELOG.md +++ b/age-plugin/CHANGELOG.md @@ -9,6 +9,8 @@ and this project adheres to Rust's notion of to 1.0.0 are beta releases. ## [Unreleased] +### Changed +- MSRV is now 1.65.0. ## [0.4.0] - 2022-10-27 ### Changed diff --git a/age-plugin/Cargo.toml b/age-plugin/Cargo.toml index 31643ff..4a97278 100644 --- a/age-plugin/Cargo.toml +++ b/age-plugin/Cargo.toml @@ -2,21 +2,26 @@ name = "age-plugin" description = "[BETA] API for writing age plugins." version = "0.4.0" -authors = ["Jack Grigg "] -repository = "https://github.com/str4d/rage" +authors.workspace = true +repository.workspace = true readme = "README.md" -license = "MIT OR Apache-2.0" -edition = "2021" -rust-version = "1.59" +license.workspace = true +edition.workspace = true +rust-version.workspace = true [dependencies] -age-core = { version = "0.9.0", path = "../age-core", features = ["plugin"] } -base64 = "0.13" -bech32 = "0.9" -chrono = "0.4" +# Dependencies exposed in a public API: +# (Breaking upgrades to these require a breaking upgrade to this crate.) +age-core = { workspace = true, features = ["plugin"] } + +# Dependencies used internally: +# (Breaking upgrades to these are usually backwards-compatible, but check MSRVs.) +base64.workspace = true +bech32.workspace = true +chrono.workspace = true [dev-dependencies] -gumdrop = "0.8" +gumdrop.workspace = true [lib] bench = false diff --git a/age-plugin/src/identity.rs b/age-plugin/src/identity.rs index 2e206d5..314e8a2 100644 --- a/age-plugin/src/identity.rs +++ b/age-plugin/src/identity.rs @@ -5,6 +5,7 @@ use age_core::{ plugin::{self, BidirSend, Connection}, secrecy::{ExposeSecret, SecretString}, }; +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use bech32::FromBase32; use std::collections::HashMap; use std::io; @@ -71,7 +72,7 @@ impl<'a, 'b, R: io::Read, W: io::Write> Callbacks for BidirCallbacks<'a, let metadata: Vec<_> = Some(yes_string) .into_iter() .chain(no_string) - .map(|s| base64::encode_config(s, base64::STANDARD_NO_PAD)) + .map(|s| BASE64_STANDARD_NO_PAD.encode(s)) .collect(); let metadata: Vec<_> = metadata.iter().map(|s| s.as_str()).collect(); diff --git a/age-plugin/src/recipient.rs b/age-plugin/src/recipient.rs index 0a7bbee..6f55704 100644 --- a/age-plugin/src/recipient.rs +++ b/age-plugin/src/recipient.rs @@ -5,6 +5,7 @@ use age_core::{ plugin::{self, BidirSend, Connection}, secrecy::SecretString, }; +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use bech32::FromBase32; use std::io; @@ -70,7 +71,7 @@ impl<'a, 'b, R: io::Read, W: io::Write> Callbacks for BidirCallbacks<'a, let metadata: Vec<_> = Some(yes_string) .into_iter() .chain(no_string) - .map(|s| base64::encode_config(s, base64::STANDARD_NO_PAD)) + .map(|s| BASE64_STANDARD_NO_PAD.encode(s)) .collect(); let metadata: Vec<_> = metadata.iter().map(|s| s.as_str()).collect(); diff --git a/age/CHANGELOG.md b/age/CHANGELOG.md index c390d37..91b60b3 100644 --- a/age/CHANGELOG.md +++ b/age/CHANGELOG.md @@ -9,6 +9,12 @@ and this project adheres to Rust's notion of to 1.0.0 are beta releases. ## [Unreleased] +### Added +- `impl Eq for age::ssh::{ParseRecipientKeyError, UnsupportedKey}` + +### Changed +- MSRV is now 1.65.0. +- Migrated to `base64 0.21`, `rsa 0.9`. ## [0.9.2] - 2023-06-12 ### Added diff --git a/age/Cargo.toml b/age/Cargo.toml index 63ec0a5..7d2a4bb 100644 --- a/age/Cargo.toml +++ b/age/Cargo.toml @@ -2,89 +2,80 @@ name = "age" description = "[BETA] A simple, secure, and modern encryption library." version = "0.9.2" -authors = ["Jack Grigg "] -repository = "https://github.com/str4d/rage" +authors.workspace = true +repository.workspace = true readme = "README.md" keywords = ["rage", "encryption"] categories = ["cryptography"] -license = "MIT OR Apache-2.0" -edition = "2021" -rust-version = "1.59" +license.workspace = true +edition.workspace = true +rust-version.workspace = true [badges] maintenance = { status = "experimental" } [dependencies] -age-core = { version = "0.9.0", path = "../age-core" } +age-core.workspace = true -# Dependencies required by the age specification: -# - Base64 from RFC 4648 -base64 = "0.13" - -# - ChaCha20-Poly1305 from RFC 7539 -chacha20poly1305 = { version = "0.10", default-features = false, features = ["alloc"] } - -# - X25519 from RFC 7748 -x25519-dalek = "1" - -# - HKDF from RFC 5869 with SHA-256 -# - HMAC from RFC 2104 with SHA-256 -hkdf = "0.12" -hmac = "0.12" -sha2 = "0.10" - -# - scrypt from RFC 7914 -scrypt = { version = "0.10", default-features = false } - -# - CSPRNG -rand = "0.8" -rand_7 = { package = "rand", version = "0.7" } - -# - Key encoding -bech32 = "0.9" +# Dependencies exposed in a public API: +# (Breaking upgrades to these require a breaking upgrade to this crate.) +base64.workspace = true +chacha20poly1305.workspace = true +hmac.workspace = true +i18n-embed.workspace = true +rand.workspace = true # OpenSSH-specific dependencies: # - RSAES-OAEP from RFC 8017 with SHA-256 and MGF1 -num-traits = { version = "0.2", optional = true } -rsa = { version = "0.7", default-features = false, optional = true } +rsa = { version = "0.9", default-features = false, optional = true } # - Conversion of public keys from Ed25519 to X25519 curve25519-dalek = { version = "3", optional = true } +# Async I/O +futures = { version = "0.3", optional = true } +pin-project = "1" + +# Common CLI dependencies +pinentry = { version = "0.5", optional = true } + +# Dependencies used internally: +# (Breaking upgrades to these are usually backwards-compatible, but check MSRVs.) +bech32.workspace = true +cookie-factory.workspace = true +i18n-embed-fl.workspace = true +lazy_static.workspace = true +nom.workspace = true +rand_7.workspace = true +rust-embed.workspace = true +scrypt.workspace = true +sha2.workspace = true +subtle.workspace = true +x25519-dalek.workspace = true +zeroize.workspace = true + +# OpenSSH-specific dependencies: +# - RSAES-OAEP from RFC 8017 with SHA-256 and MGF1 +num-traits = { version = "0.2", optional = true } + # - Encrypted keys aes = { version = "0.8", optional = true } aes-gcm = { version = "0.10", optional = true } -bcrypt-pbkdf = { version = "0.9", optional = true } +bcrypt-pbkdf = { version = "0.10", optional = true } cbc = { version = "0.1", optional = true } cipher = { version = "0.4.3", features = ["alloc"], optional = true } ctr = { version = "0.9", optional = true } -# Parsing -cookie-factory = "0.3.1" -nom = { version = "7", default-features = false, features = ["alloc"] } - -# Secret management -subtle = "2" -zeroize = "1" +# scrypt Performance timer +web-sys = { version = "0.3", optional = true, features = ["Window", "Performance"]} # Async I/O -futures = { version = "0.3", optional = true } memchr = { version = "2.5", optional = true } -pin-project = "1" - -# Localization -i18n-embed = { version = "0.13", features = ["fluent-system"] } -i18n-embed-fl = "0.6" -lazy_static = "1" -rust-embed = "6" # Common CLI dependencies atty = { version = "0.2", optional = true } console = { version = "0.15", optional = true, default-features = false } -pinentry = { version = "0.5", optional = true } -rpassword = { version = "6", optional = true } - -web-sys = { version = "0.3", optional = true, features = ["Window", "Performance"]} +rpassword = { version = "7", optional = true } [target.'cfg(any(unix, windows))'.dependencies] # Plugin management @@ -92,20 +83,20 @@ which = { version = "4", optional = true } wsl = { version = "0.1", optional = true } [dev-dependencies] -criterion = "0.3" +criterion = "0.5" futures-test = "0.3" hex = "0.4" i18n-embed = { version = "0.13", features = ["desktop-requester", "fluent-system"] } quickcheck = "1" quickcheck_macros = "1" -test-case = "2" +test-case = "3" tokio = { version = "1", features = ["macros", "rt-multi-thread"] } [target.'cfg(unix)'.dev-dependencies] -pprof = { version = "0.10", features = ["criterion", "flamegraph"] } +pprof = { version = "0.12", features = ["criterion", "flamegraph"] } [target.'cfg(any(target_arch = "x86", target_arch = "x86_64"))'.dev-dependencies] -criterion-cycles-per-byte = "0.1" +criterion-cycles-per-byte = "0.5" [features] default = [] diff --git a/age/src/format.rs b/age/src/format.rs index 404b4d7..43064f3 100644 --- a/age/src/format.rs +++ b/age/src/format.rs @@ -238,7 +238,9 @@ mod read { preceded( pair(tag(MAC_TAG), tag(b" ")), terminated( - map_opt(take(ENCODED_MAC_LENGTH), |tag| base64_arg(&tag, [0; 32])), + map_opt(take(ENCODED_MAC_LENGTH), |tag| { + base64_arg::<_, 32, 33>(&tag) + }), newline, ), ), diff --git a/age/src/plugin.rs b/age/src/plugin.rs index b712616..0f8ca37 100644 --- a/age/src/plugin.rs +++ b/age/src/plugin.rs @@ -6,6 +6,7 @@ use age_core::{ plugin::{Connection, Reply, Response, IDENTITY_V1, RECIPIENT_V1}, secrecy::ExposeSecret, }; +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use bech32::Variant; use i18n_embed_fl::fl; @@ -172,7 +173,7 @@ impl Identity { pub fn default_for_plugin(plugin_name: &str) -> Self { bech32::encode( &format!("{}{}-", PLUGIN_IDENTITY_PREFIX, plugin_name), - &[], + [], Variant::Bech32, ) .expect("HRP is valid") @@ -233,7 +234,7 @@ fn handle_confirm( .args .iter() .take(2) - .map(|s| base64::decode_config(s, base64::STANDARD_NO_PAD)); + .map(|s| BASE64_STANDARD_NO_PAD.decode(s)); let (yes_string, no_string) = match (strings.next(), strings.next()) { (None, _) => { errors.push(PluginError::Other { diff --git a/age/src/primitives.rs b/age/src/primitives.rs index b72dd67..32b6654 100644 --- a/age/src/primitives.rs +++ b/age/src/primitives.rs @@ -62,7 +62,7 @@ impl Write for HmacWriter { /// /// [RFC 7914]: https://tools.ietf.org/html/rfc7914 pub(crate) fn scrypt(salt: &[u8], log_n: u8, password: &str) -> Result<[u8; 32], InvalidParams> { - let params = ScryptParams::new(log_n, 8, 1)?; + let params = ScryptParams::new(log_n, 8, 1, 32)?; let mut output = [0; 32]; scrypt_inner(password.as_bytes(), salt, ¶ms, &mut output) diff --git a/age/src/primitives/armor.rs b/age/src/primitives/armor.rs index 2f61467..b3a3852 100644 --- a/age/src/primitives/armor.rs +++ b/age/src/primitives/armor.rs @@ -1,5 +1,6 @@ //! I/O helper structs for the age ASCII armor format. +use base64::{prelude::BASE64_STANDARD, Engine}; use pin_project::pin_project; use std::cmp; use std::error; @@ -318,8 +319,9 @@ impl ArmoredWriter { .. } => { let byte_buf = byte_buf.unwrap(); - let encoded = - base64::encode_config_slice(&byte_buf, base64::STANDARD, &mut encoded_buf[..]); + let encoded = BASE64_STANDARD + .encode_slice(&byte_buf, &mut encoded_buf[..]) + .expect("byte_buf.len() <= BASE64_CHUNK_SIZE_BYTES"); inner.write_all(&encoded_buf[..encoded])?; inner.finish() } @@ -361,11 +363,9 @@ impl Write for ArmoredWriter { break; } else { assert_eq!( - base64::encode_config_slice( - &byte_buf, - base64::STANDARD, - &mut encoded_buf[..], - ), + BASE64_STANDARD + .encode_slice(&byte_buf, &mut encoded_buf[..]) + .expect("byte_buf.len() <= BASE64_CHUNK_SIZE_BYTES"), BASE64_CHUNK_SIZE_COLUMNS ); inner.write_all(&encoded_buf[..])?; @@ -461,11 +461,9 @@ impl AsyncWrite for ArmoredWriter { // line must be written in poll_close(). if !buf.is_empty() { assert_eq!( - base64::encode_config_slice( - &byte_buf, - base64::STANDARD, - &mut encoded_buf[..], - ), + BASE64_STANDARD + .encode_slice(&byte_buf, &mut encoded_buf[..],) + .expect("byte_buf.len() <= BASE64_CHUNK_SIZE_BYTES"), ARMORED_COLUMNS_PER_LINE ); *encoded_line = Some(EncodedBytes { @@ -509,8 +507,9 @@ impl AsyncWrite for ArmoredWriter { if let Some(byte_buf) = byte_buf { // Finish the armored format with a partial line (if necessary) and the end // marker. - let encoded = - base64::encode_config_slice(&byte_buf, base64::STANDARD, &mut encoded_buf[..]); + let encoded = BASE64_STANDARD + .encode_slice(&byte_buf, &mut encoded_buf[..]) + .expect("byte_buf.len() <= BASE64_CHUNK_SIZE_BYTES"); *encoded_line = Some(EncodedBytes { offset: 0, end: encoded, @@ -533,7 +532,7 @@ impl AsyncWrite for ArmoredWriter { #[derive(Debug)] pub enum ArmoredReadError { /// An error occurred while parsing Base64. - Base64(base64::DecodeError), + Base64(base64::DecodeSliceError), /// The begin marker for the armor is invalid. InvalidBeginMarker, /// Invalid UTF-8 characters were encountered between the begin and end marker. @@ -787,11 +786,9 @@ impl ArmoredReader { // Decode the line self.byte_start = 0; - self.byte_end = - base64::decode_config_slice(line.as_bytes(), base64::STANDARD, self.byte_buf.as_mut()) - .map_err(|e| { - io::Error::new(io::ErrorKind::InvalidData, ArmoredReadError::Base64(e)) - })?; + self.byte_end = BASE64_STANDARD + .decode_slice(line.as_bytes(), self.byte_buf.as_mut()) + .map_err(|e| io::Error::new(io::ErrorKind::InvalidData, ArmoredReadError::Base64(e)))?; // Finished with this buffered line! self.line_buf.clear(); diff --git a/age/src/primitives/stream.rs b/age/src/primitives/stream.rs index a3a84f6..adb5ced 100644 --- a/age/src/primitives/stream.rs +++ b/age/src/primitives/stream.rs @@ -60,7 +60,7 @@ impl Nonce { fn set_last(&mut self, last: bool) -> Result<(), ()> { if !self.is_last() { - self.0 |= if last { 1 } else { 0 }; + self.0 |= u128::from(last); Ok(()) } else { Err(()) diff --git a/age/src/protocol.rs b/age/src/protocol.rs index 9d81f0b..fe0ff46 100644 --- a/age/src/protocol.rs +++ b/age/src/protocol.rs @@ -64,7 +64,7 @@ impl Encryptor { /// /// Returns `None` if no recipients were provided. pub fn with_recipients(recipients: Vec>) -> Option { - (!recipients.is_empty()).then(|| Encryptor(EncryptorType::Keys(recipients))) + (!recipients.is_empty()).then_some(Encryptor(EncryptorType::Keys(recipients))) } /// Returns an `Encryptor` that will create an age file encrypted with a passphrase. diff --git a/age/src/scrypt.rs b/age/src/scrypt.rs index 1a510f0..f2416ee 100644 --- a/age/src/scrypt.rs +++ b/age/src/scrypt.rs @@ -3,6 +3,7 @@ use age_core::{ primitives::{aead_decrypt, aead_encrypt}, secrecy::{ExposeSecret, SecretString}, }; +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use rand::{rngs::OsRng, RngCore}; use std::time::Duration; use zeroize::Zeroize; @@ -94,7 +95,7 @@ impl crate::Recipient for Recipient { scrypt(&inner_salt, log_n, self.passphrase.expose_secret()).expect("log_n < 64"); let encrypted_file_key = aead_encrypt(&enc_key, file_key.expose_secret()); - let encoded_salt = base64::encode_config(&salt, base64::STANDARD_NO_PAD); + let encoded_salt = BASE64_STANDARD_NO_PAD.encode(salt); Ok(vec![Stanza { tag: SCRYPT_RECIPIENT_TAG.to_owned(), @@ -118,7 +119,10 @@ impl<'a> crate::Identity for Identity<'a> { // Enforce valid and canonical stanza format. // https://c2sp.org/age#scrypt-recipient-stanza let (salt, log_n) = match &stanza.args[..] { - [salt, log_n] => match (base64_arg(salt, [0; SALT_LEN]), decimal_digit_arg(log_n)) { + [salt, log_n] => match ( + base64_arg::<_, SALT_LEN, 18>(salt), + decimal_digit_arg(log_n), + ) { (Some(salt), Some(log_n)) => (salt, log_n), _ => return Some(Err(DecryptError::InvalidHeader)), }, diff --git a/age/src/ssh.rs b/age/src/ssh.rs index 8553636..a816c59 100644 --- a/age/src/ssh.rs +++ b/age/src/ssh.rs @@ -522,7 +522,7 @@ mod read_ssh { mod write_ssh { use cookie_factory::{bytes::be_u32, combinator::slice, sequence::tuple, SerializeFn}; use num_traits::identities::Zero; - use rsa::{BigUint, PublicKeyParts}; + use rsa::{traits::PublicKeyParts, BigUint}; use std::io::Write; use super::SSH_RSA_KEY_PREFIX; diff --git a/age/src/ssh/identity.rs b/age/src/ssh/identity.rs index ee4e4e0..16dc1ec 100644 --- a/age/src/ssh/identity.rs +++ b/age/src/ssh/identity.rs @@ -3,6 +3,7 @@ use age_core::{ primitives::{aead_decrypt, hkdf}, secrecy::{ExposeSecret, Secret}, }; +use base64::prelude::BASE64_STANDARD; use i18n_embed_fl::fl; use nom::{ branch::alt, @@ -13,7 +14,7 @@ use nom::{ IResult, }; use rand::rngs::OsRng; -use rsa::{padding::PaddingScheme, pkcs1::DecodeRsaPrivateKey}; +use rsa::{pkcs1::DecodeRsaPrivateKey, Oaep}; use sha2::{Digest, Sha256, Sha512}; use std::fmt; use std::io; @@ -47,7 +48,7 @@ impl UnencryptedKey { pub(crate) fn unwrap_stanza(&self, stanza: &Stanza) -> Option> { match (self, stanza.tag.as_str()) { (UnencryptedKey::SshRsa(ssh_key, sk), SSH_RSA_RECIPIENT_TAG) => { - let tag = base64_arg(stanza.args.get(0)?, [0; TAG_LEN_BYTES])?; + let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.get(0)?)?; if ssh_tag(ssh_key) != tag { return None; } @@ -59,7 +60,7 @@ impl UnencryptedKey { Some( sk.decrypt_blinded( &mut rng, - PaddingScheme::new_oaep_with_label::(SSH_RSA_OAEP_LABEL), + Oaep::new_with_label::(SSH_RSA_OAEP_LABEL), &stanza.body, ) .map_err(DecryptError::from) @@ -72,7 +73,7 @@ impl UnencryptedKey { ) } (UnencryptedKey::SshEd25519(ssh_key, privkey), SSH_ED25519_RECIPIENT_TAG) => { - let tag = base64_arg(stanza.args.get(0)?, [0; TAG_LEN_BYTES])?; + let tag = base64_arg::<_, TAG_LEN_BYTES, 6>(stanza.args.get(0)?)?; if ssh_tag(ssh_key) != tag { return None; } @@ -81,7 +82,8 @@ impl UnencryptedKey { } let epk = - base64_arg(stanza.args.get(1)?, [0; crate::x25519::EPK_LEN_BYTES])?.into(); + base64_arg::<_, { crate::x25519::EPK_LEN_BYTES }, 33>(stanza.args.get(1)?)? + .into(); let sk: StaticSecret = { let mut sk = [0; 32]; @@ -128,7 +130,7 @@ impl UnencryptedKey { /// /// The Display impl provides details for each unsupported key as to why we don't support /// it, and how a user can migrate to a supported key. -#[derive(Clone, Debug, PartialEq)] +#[derive(Clone, Debug, PartialEq, Eq)] pub enum UnsupportedKey { /// An encrypted `PEM` key. EncryptedPem, @@ -316,7 +318,7 @@ fn rsa_privkey(input: &str) -> IResult<&str, Identity> { map_opt( pair( opt(terminated(rsa_pem_encryption_header, line_ending)), - wrapped_str_while_encoded(base64::STANDARD), + wrapped_str_while_encoded(BASE64_STANDARD), ), |(enc_header, privkey)| { if enc_header.is_some() { @@ -345,7 +347,7 @@ fn openssh_privkey(input: &str) -> IResult<&str, Identity> { preceded( pair(tag("-----BEGIN OPENSSH PRIVATE KEY-----"), line_ending), terminated( - map_opt(wrapped_str_while_encoded(base64::STANDARD), |privkey| { + map_opt(wrapped_str_while_encoded(BASE64_STANDARD), |privkey| { read_ssh::openssh_privkey(&privkey).ok().map(|(_, key)| key) }), pair(line_ending, tag("-----END OPENSSH PRIVATE KEY-----")), diff --git a/age/src/ssh/recipient.rs b/age/src/ssh/recipient.rs index 7ac020c..fe2bd5e 100644 --- a/age/src/ssh/recipient.rs +++ b/age/src/ssh/recipient.rs @@ -3,6 +3,10 @@ use age_core::{ primitives::{aead_encrypt, hkdf}, secrecy::ExposeSecret, }; +use base64::{ + prelude::{BASE64_STANDARD, BASE64_STANDARD_NO_PAD}, + Engine, +}; use curve25519_dalek::edwards::EdwardsPoint; use nom::{ branch::alt, @@ -12,7 +16,7 @@ use nom::{ IResult, }; use rand::rngs::OsRng; -use rsa::{padding::PaddingScheme, PublicKey}; +use rsa::Oaep; use sha2::Sha256; use std::fmt; use x25519_dalek::{EphemeralSecret, PublicKey as X25519PublicKey, StaticSecret}; @@ -43,7 +47,7 @@ pub(crate) enum ParsedRecipient { } /// Error conditions when parsing an SSH recipient. -#[derive(Debug, PartialEq)] +#[derive(Debug, PartialEq, Eq)] pub enum ParseRecipientKeyError { /// The string is a parseable value that should be ignored. This case is for handling /// SSH recipient types that may occur in files we want to be able to parse, but that @@ -74,10 +78,20 @@ impl fmt::Display for Recipient { fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result { match self { Recipient::SshRsa(ssh_key, _) => { - write!(f, "{} {}", SSH_RSA_KEY_PREFIX, base64::encode(&ssh_key)) + write!( + f, + "{} {}", + SSH_RSA_KEY_PREFIX, + BASE64_STANDARD.encode(ssh_key) + ) } Recipient::SshEd25519(ssh_key, _) => { - write!(f, "{} {}", SSH_ED25519_KEY_PREFIX, base64::encode(&ssh_key)) + write!( + f, + "{} {}", + SSH_ED25519_KEY_PREFIX, + BASE64_STANDARD.encode(ssh_key) + ) } } } @@ -122,12 +136,12 @@ impl crate::Recipient for Recipient { let encrypted_file_key = pk .encrypt( &mut rng, - PaddingScheme::new_oaep_with_label::(SSH_RSA_OAEP_LABEL), + Oaep::new_with_label::(SSH_RSA_OAEP_LABEL), file_key.expose_secret(), ) .expect("pubkey is valid and file key is not too long"); - let encoded_tag = base64::encode_config(&ssh_tag(ssh_key), base64::STANDARD_NO_PAD); + let encoded_tag = BASE64_STANDARD_NO_PAD.encode(ssh_tag(ssh_key)); Ok(vec![Stanza { tag: SSH_RSA_RECIPIENT_TAG.to_owned(), @@ -138,8 +152,8 @@ impl crate::Recipient for Recipient { Recipient::SshEd25519(ssh_key, ed25519_pk) => { let pk: X25519PublicKey = ed25519_pk.to_montgomery().to_bytes().into(); - let mut rng = rand_7::rngs::OsRng; - let esk = EphemeralSecret::new(&mut rng); + let rng = rand_7::rngs::OsRng; + let esk = EphemeralSecret::new(rng); let epk: X25519PublicKey = (&esk).into(); let tweak: StaticSecret = @@ -158,8 +172,8 @@ impl crate::Recipient for Recipient { ); let encrypted_file_key = aead_encrypt(&enc_key, file_key.expose_secret()); - let encoded_tag = base64::encode_config(&ssh_tag(ssh_key), base64::STANDARD_NO_PAD); - let encoded_epk = base64::encode_config(epk.as_bytes(), base64::STANDARD_NO_PAD); + let encoded_tag = BASE64_STANDARD_NO_PAD.encode(ssh_tag(ssh_key)); + let encoded_epk = BASE64_STANDARD_NO_PAD.encode(epk.as_bytes()); Ok(vec![Stanza { tag: SSH_ED25519_RECIPIENT_TAG.to_owned(), @@ -175,7 +189,7 @@ fn ssh_rsa_pubkey(input: &str) -> IResult<&str, ParsedRecipient> { preceded( pair(tag(SSH_RSA_KEY_PREFIX), tag(" ")), map_opt( - str_while_encoded(base64::STANDARD_NO_PAD), + str_while_encoded(BASE64_STANDARD_NO_PAD), |ssh_key| match read_ssh::rsa_pubkey(&ssh_key) { Ok((_, pk)) => Some(ParsedRecipient::Supported(Recipient::SshRsa(ssh_key, pk))), Err(_) => None, @@ -188,7 +202,7 @@ fn ssh_ed25519_pubkey(input: &str) -> IResult<&str, ParsedRecipient> { preceded( pair(tag(SSH_ED25519_KEY_PREFIX), tag(" ")), map_opt( - encoded_str(51, base64::STANDARD_NO_PAD), + encoded_str(51, BASE64_STANDARD_NO_PAD), |ssh_key| match read_ssh::ed25519_pubkey(&ssh_key) { Ok((_, pk)) => Some(ParsedRecipient::Supported(Recipient::SshEd25519( ssh_key, pk, @@ -206,7 +220,7 @@ fn ssh_ignore_pubkey(input: &str) -> IResult<&str, ParsedRecipient> { separated_pair( is_not(" "), tag(" "), - str_while_encoded(base64::STANDARD_NO_PAD), + str_while_encoded(BASE64_STANDARD_NO_PAD), ), |(key_type, ssh_key)| { read_ssh::string_tag(key_type)(&ssh_key) diff --git a/age/src/util.rs b/age/src/util.rs index 2844c9e..ed8ec28 100644 --- a/age/src/util.rs +++ b/age/src/util.rs @@ -18,6 +18,7 @@ pub(crate) fn parse_bech32(s: &str) -> Option<(String, Vec)> { pub(crate) mod read { use std::str::FromStr; + use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use nom::{character::complete::digit1, combinator::verify, ParseTo}; #[cfg(feature = "ssh")] @@ -32,7 +33,7 @@ pub(crate) mod read { #[cfg_attr(docsrs, doc(cfg(feature = "ssh")))] pub(crate) fn encoded_str( count: usize, - config: base64::Config, + engine: impl base64::Engine, ) -> impl Fn(&str) -> IResult<&str, Vec> { use nom::bytes::streaming::take; @@ -41,7 +42,7 @@ pub(crate) mod read { move |input: &str| { let (i, data) = take(encoded_count)(input)?; - match base64::decode_config(data, config) { + match engine.decode(data) { Ok(decoded) => Ok((i, decoded)), Err(_) => Err(nom::Err::Failure(make_error(input, ErrorKind::Eof))), } @@ -51,7 +52,7 @@ pub(crate) mod read { #[cfg(feature = "ssh")] #[cfg_attr(docsrs, doc(cfg(feature = "ssh")))] pub(crate) fn str_while_encoded( - config: base64::Config, + engine: impl base64::Engine, ) -> impl Fn(&str) -> IResult<&str, Vec> { use nom::bytes::complete::take_while1; @@ -61,9 +62,9 @@ pub(crate) mod read { let c = c as u8; // Substitute the character in twice after AA, so that padding // characters will also be detected as a valid if allowed. - base64::decode_config_slice(&[65, 65, c, c], config, &mut [0, 0, 0]).is_ok() + engine.decode_slice([65, 65, c, c], &mut [0, 0, 0]).is_ok() }), - |data| base64::decode_config(data, config), + |data| engine.decode(data), )(input) } } @@ -71,7 +72,7 @@ pub(crate) mod read { #[cfg(feature = "ssh")] #[cfg_attr(docsrs, doc(cfg(feature = "ssh")))] pub(crate) fn wrapped_str_while_encoded( - config: base64::Config, + engine: impl Engine, ) -> impl Fn(&str) -> IResult<&str, Vec> { use nom::{bytes::streaming::take_while1, character::streaming::line_ending}; @@ -83,25 +84,28 @@ pub(crate) mod read { let c = c as u8; // Substitute the character in twice after AA, so that padding // characters will also be detected as a valid if allowed. - base64::decode_config_slice(&[65, 65, c, c], config, &mut [0, 0, 0]).is_ok() + engine.decode_slice([65, 65, c, c], &mut [0, 0, 0]).is_ok() }), ), |chunks| { let data = chunks.join(""); - base64::decode_config(&data, config) + engine.decode(&data) }, )(input) } } - pub(crate) fn base64_arg, B: AsMut<[u8]>>(arg: &A, mut buf: B) -> Option { - if arg.as_ref().len() != ((4 * buf.as_mut().len()) + 2) / 3 { + pub(crate) fn base64_arg, const N: usize, const B: usize>( + arg: &A, + ) -> Option<[u8; N]> { + if N > B { return None; } - match base64::decode_config_slice(arg, base64::STANDARD_NO_PAD, buf.as_mut()) { - Ok(_) => Some(buf), - Err(_) => None, + let mut buf = [0; B]; + match BASE64_STANDARD_NO_PAD.decode_slice(arg, buf.as_mut()) { + Ok(n) if n == N => Some(buf[..N].try_into().unwrap()), + _ => None, } } @@ -114,11 +118,12 @@ pub(crate) mod read { } pub(crate) mod write { + use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use cookie_factory::{combinator::string, SerializeFn}; use std::io::Write; pub(crate) fn encoded_data(data: &[u8]) -> impl SerializeFn { - let encoded = base64::encode_config(data, base64::STANDARD_NO_PAD); + let encoded = BASE64_STANDARD_NO_PAD.encode(data); string(encoded) } } diff --git a/age/src/x25519.rs b/age/src/x25519.rs index 21d3fe8..8333206 100644 --- a/age/src/x25519.rs +++ b/age/src/x25519.rs @@ -5,6 +5,7 @@ use age_core::{ primitives::{aead_decrypt, aead_encrypt, hkdf}, secrecy::{ExposeSecret, SecretString}, }; +use base64::{prelude::BASE64_STANDARD_NO_PAD, Engine}; use bech32::{ToBase32, Variant}; use rand_7::rngs::OsRng; use std::fmt; @@ -55,8 +56,8 @@ impl std::str::FromStr for Identity { impl Identity { /// Generates a new secret key. pub fn generate() -> Self { - let mut rng = OsRng; - Identity(StaticSecret::new(&mut rng)) + let rng = OsRng; + Identity(StaticSecret::new(rng)) } /// Serializes this secret key as a string. @@ -91,7 +92,7 @@ impl crate::Identity for Identity { // Enforce valid and canonical stanza format. // https://c2sp.org/age#x25519-recipient-stanza let ephemeral_share = match &stanza.args[..] { - [arg] => match base64_arg(arg, [0; EPK_LEN_BYTES]) { + [arg] => match base64_arg::<_, EPK_LEN_BYTES, 33>(arg) { Some(ephemeral_share) => ephemeral_share, None => return Some(Err(DecryptError::InvalidHeader)), }, @@ -185,8 +186,8 @@ impl fmt::Display for Recipient { impl crate::Recipient for Recipient { fn wrap_file_key(&self, file_key: &FileKey) -> Result, EncryptError> { - let mut rng = OsRng; - let esk = EphemeralSecret::new(&mut rng); + let rng = OsRng; + let esk = EphemeralSecret::new(rng); let epk: PublicKey = (&esk).into(); let shared_secret = esk.diffie_hellman(&self.0); @@ -211,7 +212,7 @@ impl crate::Recipient for Recipient { let enc_key = hkdf(&salt, X25519_RECIPIENT_KEY_LABEL, shared_secret.as_bytes()); let encrypted_file_key = aead_encrypt(&enc_key, file_key.expose_secret()); - let encoded_epk = base64::encode_config(epk.as_bytes(), base64::STANDARD_NO_PAD); + let encoded_epk = BASE64_STANDARD_NO_PAD.encode(epk.as_bytes()); Ok(vec![Stanza { tag: X25519_RECIPIENT_TAG.to_owned(), diff --git a/age/tests/testkit.rs b/age/tests/testkit.rs index 760e424..8d8762e 100644 --- a/age/tests/testkit.rs +++ b/age/tests/testkit.rs @@ -583,7 +583,7 @@ fn get_testkit_identities(filename: &str, testfile: &TestFile) -> Vec { - assert_eq!(Sha256::digest(&payload)[..], payload_sha256); + assert_eq!(Sha256::digest(payload)[..], payload_sha256); } // These testfile failures are expected, because we maintains support for // parsing legacy age stanzas without an explicit short final line. @@ -642,7 +642,7 @@ fn check_decrypt_success( ); // The tests with this expectation are checking that no partial STREAM // blocks are written to the payload. - assert_eq!(Sha256::digest(&payload)[..], payload_sha256); + assert_eq!(Sha256::digest(payload)[..], payload_sha256); } (actual, expected) => panic!( "Expected {:?}, got {}{}", diff --git a/fuzz-afl/Cargo.lock b/fuzz-afl/Cargo.lock index 057bd68..3adf8a1 100644 --- a/fuzz-afl/Cargo.lock +++ b/fuzz-afl/Cargo.lock @@ -34,7 +34,6 @@ dependencies = [ "bech32", "chacha20poly1305", "cookie-factory", - "hkdf", "hmac", "i18n-embed", "i18n-embed-fl", @@ -108,9 +107,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "base64" -version = "0.13.1" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" [[package]] name = "bech32" @@ -141,9 +140,12 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "cc" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +checksum = "6c6b2562119bf28c3439f7f02db99faf0aa1a8cdfe5772a2ee155d32227239f0" +dependencies = [ + "libc", +] [[package]] name = "cfg-if" @@ -209,9 +211,9 @@ checksum = "396de984970346b0d9e93d1415082923c679e5ae5c3ee3dcbd104f5610af126b" [[package]] name = "cpufeatures" -version = "0.2.7" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +checksum = "a17b76ff3a4162b0b27f354a0c87015ddad39d35f9c0c36607a3bdd175dde1f1" dependencies = [ "libc", ] @@ -241,9 +243,9 @@ dependencies = [ [[package]] name = "dashmap" -version = "5.4.0" +version = "5.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "907076dfda823b0b36d2a1bb5f90c96660a5bbcd7729e10727f07858f22c4edc" +checksum = "6943ae99c34386c84a470c499d3414f66502a41340aa895406e0d2e4a207b91d" dependencies = [ "cfg-if", "hashbrown", @@ -280,16 +282,22 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + [[package]] name = "find-crate" version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -370,9 +378,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.12.3" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" [[package]] name = "hermit-abi" @@ -401,34 +409,25 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "home" -version = "0.5.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5444c27eef6923071f7ebcc33e3444508466a76f7a2b93da00ed6e19f30c1ddb" -dependencies = [ - "windows-sys", -] - [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.6", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -462,15 +461,15 @@ dependencies = [ "proc-macro2", "quote", "strsim 0.10.0", - "syn 2.0.18", + "syn 2.0.28", "unic-langid", ] [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -479,6 +478,16 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown", +] + [[package]] name = "inout" version = "0.1.3" @@ -521,9 +530,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.146" +version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f92be4933c13fd498862a9e02a3055f8a8d9c039ce33db97306fd5a6caa7f29b" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" [[package]] name = "lock_api" @@ -537,12 +546,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "memchr" @@ -568,9 +574,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "opaque-debug" @@ -603,31 +609,32 @@ dependencies = [ [[package]] name = "pbkdf2" -version = "0.11.0" +version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83a0692ec44e4cf1ef28ca317f14f8f07da2d95ec3fa01f86e4467b725e60917" +checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" dependencies = [ "digest 0.10.7", + "hmac", ] [[package]] name = "pin-project" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c95a7476719eab1e366eaf73d0260af3021184f18177925b07f54b30089ceead" +checksum = "030ad2bc4db10a8944cb0d837f158bdfec4d4a4873ab701a95046770d11f8842" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39407670928234ebc5e6e580247dd567ad73a3578460c5990f9503df207e8f07" +checksum = "ec2e072ecce94ec471b13398d5402c188e76ac03cf74dd1a975161b23a3f6d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -673,18 +680,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.60" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.28" +version = "1.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" dependencies = [ "proc-macro2", ] @@ -771,9 +778,9 @@ dependencies = [ [[package]] name = "rust-embed" -version = "6.7.0" +version = "6.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b73e721f488c353141288f223b599b4ae9303ecf3e62923f40a492f0634a4dc3" +checksum = "a36224c3276f8c4ebc8c20f158eca7ca4359c8db89991c4925132aaaf6702661" dependencies = [ "rust-embed-impl", "rust-embed-utils", @@ -782,22 +789,22 @@ dependencies = [ [[package]] name = "rust-embed-impl" -version = "6.6.0" +version = "6.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e22ce362f5561923889196595504317a4372b84210e6e335da529a65ea5452b5" +checksum = "49b94b81e5b2c284684141a2fb9e2a31be90638caf040bf9afbc5a0416afe1ac" dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.18", + "syn 2.0.28", "walkdir", ] [[package]] name = "rust-embed-utils" -version = "7.5.0" +version = "7.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "512b0ab6853f7e14e3c8754acb43d6f748bb9ced66aa5915a6553ac8213f7731" +checksum = "9d38ff6bf570dc3bb7100fce9f7b60c33fa71d80e88da3f2580df4ff2bdded74" dependencies = [ "sha2", "walkdir", @@ -838,17 +845,16 @@ dependencies = [ [[package]] name = "scopeguard" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "scrypt" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f9e24d2b632954ded8ab2ef9fea0a0c769ea56ea98bddbafbad22caeeadf45d" +checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" dependencies = [ - "hmac", "pbkdf2", "salsa20", "sha2", @@ -886,29 +892,38 @@ checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" [[package]] name = "serde" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8c8cf938e98f769bc164923b06dce91cea1751522f46f8466461af04c9027d" +checksum = "6d3e73c93c3240c0bda063c239298e633114c69a888c3e37ca8bb33f343e9890" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" +checksum = "be02f6cb0cd3a5ec20bbcfbcbd749f57daddb1a0882dc2e46a6c236c90b977ed" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", +] + +[[package]] +name = "serde_spanned" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96426c9936fd7a0124915f9185ea1d20aa9445cc9821142f0a73bc9207a2e186" +dependencies = [ + "serde", ] [[package]] name = "sha2" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8" dependencies = [ "cfg-if", "cpufeatures", @@ -917,9 +932,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" [[package]] name = "strsim" @@ -952,9 +967,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.18" +version = "2.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e" +checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" dependencies = [ "proc-macro2", "quote", @@ -972,22 +987,22 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" +checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" +checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -1008,6 +1023,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17e963a819c331dcacd7ab957d80bc2b9a9c1e71c804826d2f283dd65306542" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8123f27e969974a3dfba720fdb560be359f57b44302d280ba72e76a74480e8a" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -1044,9 +1093,9 @@ dependencies = [ [[package]] name = "unicode-ident" -version = "1.0.9" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" [[package]] name = "unicode-width" @@ -1129,20 +1178,11 @@ version = "0.4.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" -[[package]] -name = "windows-sys" -version = "0.48.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "677d2418bec65e3338edb076e806bc1ec15693c5d0104683f2efe857f61056a9" -dependencies = [ - "windows-targets", -] - [[package]] name = "windows-targets" -version = "0.48.0" +version = "0.48.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b1eb6f0cd7c80c79759c929114ef071b87354ce476d9d94271031c0497adfd5" +checksum = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" dependencies = [ "windows_aarch64_gnullvm", "windows_aarch64_msvc", @@ -1195,6 +1235,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acaaa1190073b2b101e15083c38ee8ec891b5e05cbee516521e94ec008f61e64" +dependencies = [ + "memchr", +] + [[package]] name = "x25519-dalek" version = "1.1.1" @@ -1208,12 +1257,9 @@ dependencies = [ [[package]] name = "xdg" -version = "2.5.0" +version = "2.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "688597db5a750e9cad4511cb94729a078e274308099a0382b5b8203bbc767fee" -dependencies = [ - "home", -] +checksum = "213b7324336b53d2414b2db8537e56544d981803139155afa84f76eeebb7a546" [[package]] name = "zeroize" @@ -1232,5 +1278,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] diff --git a/fuzz/Cargo.lock b/fuzz/Cargo.lock index 0c57316..ab034f7 100644 --- a/fuzz/Cargo.lock +++ b/fuzz/Cargo.lock @@ -21,7 +21,6 @@ dependencies = [ "bech32", "chacha20poly1305", "cookie-factory", - "hkdf", "hmac", "i18n-embed", "i18n-embed-fl", @@ -83,9 +82,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa" [[package]] name = "base64" -version = "0.13.1" +version = "0.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" +checksum = "604178f6c5c21f02dc555784810edfb88d34ac2c73b2eae109655649ee73ce3d" [[package]] name = "bech32" @@ -116,9 +115,12 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "cc" -version = "1.0.79" +version = "1.0.81" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "50d30906286121d95be3d479533b458f87493b30a4b5f79a607db8f5d11aa91f" +checksum = "6c6b2562119bf28c3439f7f02db99faf0aa1a8cdfe5772a2ee155d32227239f0" +dependencies = [ + "libc", +] [[package]] name = "cfg-if" @@ -169,9 +171,9 @@ checksum = "396de984970346b0d9e93d1415082923c679e5ae5c3ee3dcbd104f5610af126b" [[package]] name = "cpufeatures" -version = "0.2.7" +version = "0.2.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3e4c1eaa2012c47becbbad2ab175484c2a84d1185b566fb2cc5b8707343dfe58" +checksum = "a17b76ff3a4162b0b27f354a0c87015ddad39d35f9c0c36607a3bdd175dde1f1" dependencies = [ "libc", ] @@ -201,9 +203,9 @@ dependencies = [ [[package]] name = "dashmap" -version = "5.4.0" +version = "5.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "907076dfda823b0b36d2a1bb5f90c96660a5bbcd7729e10727f07858f22c4edc" +checksum = "6943ae99c34386c84a470c499d3414f66502a41340aa895406e0d2e4a207b91d" dependencies = [ "cfg-if", "hashbrown", @@ -240,16 +242,22 @@ checksum = "487585f4d0c6655fe74905e2504d8ad6908e4db67f744eb140876906c2f3175d" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] +[[package]] +name = "equivalent" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5443807d6dff69373d433ab9ef5378ad8df50ca6298caf15de6e52e24aaf54d5" + [[package]] name = "find-crate" version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "59a98bbaacea1c0eb6a0876280051b892eb73594fd90cf3b20e9c817029c57d2" dependencies = [ - "toml", + "toml 0.5.11", ] [[package]] @@ -330,9 +338,9 @@ dependencies = [ [[package]] name = "hashbrown" -version = "0.12.3" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888" +checksum = "2c6201b9ff9fd90a5a3bac2e56a830d0caa509576f0e503818ee82c181b3437a" [[package]] name = "hkdf" @@ -354,23 +362,23 @@ dependencies = [ [[package]] name = "i18n-config" -version = "0.4.3" +version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3d9f93ceee6543011739bc81699b5e0cf1f23f3a80364649b6d80de8636bc8df" +checksum = "b987084cadad6e2f2b1e6ea62c44123591a3c044793a1beabf71a8356ea768d5" dependencies = [ "log", "serde", "serde_derive", "thiserror", - "toml", + "toml 0.7.6", "unic-langid", ] [[package]] name = "i18n-embed" -version = "0.13.8" +version = "0.13.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2653dd1a8be0726315603f1c180b29f90e5b2a58f8b943d949d5170d9ad81101" +checksum = "92a86226a7a16632de6723449ee5fe70bac5af718bc642ee9ca2f0f6e14fa1fa" dependencies = [ "arc-swap", "fluent", @@ -404,15 +412,15 @@ dependencies = [ "proc-macro2", "quote", "strsim", - "syn 2.0.18", + "syn 2.0.28", "unic-langid", ] [[package]] name = "i18n-embed-impl" -version = "0.8.0" +version = "0.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0db2330e035808eb064afb67e6743ddce353763af3e0f2bdfc2476e00ce76136" +checksum = "e9a95d065e6be4499e50159172395559a388d20cf13c84c77e4a1e341786f219" dependencies = [ "find-crate", "i18n-config", @@ -421,6 +429,16 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "indexmap" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d5477fe2230a79769d8dc68e0eabf5437907c0457a5614a9e8dddb67f65eb65d" +dependencies = [ + "equivalent", + "hashbrown", +] + [[package]] name = "inout" version = "0.1.3" @@ -463,9 +481,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.146" +version = "0.2.147" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f92be4933c13fd498862a9e02a3055f8a8d9c039ce33db97306fd5a6caa7f29b" +checksum = "b4668fb0ea861c1df094127ac5f1da3409a82116a4ba74fca2e58ef927159bb3" [[package]] name = "libfuzzer-sys" @@ -488,12 +506,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.17" +version = "0.4.19" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "abb12e687cfb44aa40f41fc3978ef76448f9b6038cad6aef4259d3c095a2382e" -dependencies = [ - "cfg-if", -] +checksum = "b06a4cde4c0f271a446782e3eff8de789548ce57dbc8eca9292c27f4a42004b4" [[package]] name = "memchr" @@ -519,9 +534,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.17.2" +version = "1.18.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9670a07f94779e00908f3e686eab508878ebb390ba6e604d3a284c00e8d0487b" +checksum = "dd8b5dd2ae5ed71462c540258bedcb51965123ad7e7ccf4b9a8cafaa4a63576d" [[package]] name = "opaque-debug" @@ -554,31 +569,32 @@ dependencies = [ [[package]] name = "pbkdf2" -version = "0.11.0" +version = "0.12.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "83a0692ec44e4cf1ef28ca317f14f8f07da2d95ec3fa01f86e4467b725e60917" +checksum = "f8ed6a7761f76e3b9f92dfb0a60a6a6477c61024b775147ff0973a02653abaf2" dependencies = [ "digest 0.10.7", + "hmac", ] [[package]] name = "pin-project" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c95a7476719eab1e366eaf73d0260af3021184f18177925b07f54b30089ceead" +checksum = "030ad2bc4db10a8944cb0d837f158bdfec4d4a4873ab701a95046770d11f8842" dependencies = [ "pin-project-internal", ] [[package]] name = "pin-project-internal" -version = "1.1.0" +version = "1.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "39407670928234ebc5e6e580247dd567ad73a3578460c5990f9503df207e8f07" +checksum = "ec2e072ecce94ec471b13398d5402c188e76ac03cf74dd1a975161b23a3f6d9c" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -624,18 +640,18 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.60" +version = "1.0.66" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dec2b086b7a862cf4de201096214fa870344cf922b2b30c167badb3af3195406" +checksum = "18fb31db3f9bddb2ea821cde30a9f70117e3f119938b5ee630b7403aa6e2ead9" dependencies = [ "unicode-ident", ] [[package]] name = "quote" -version = "1.0.28" +version = "1.0.32" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b9ab9c7eadfd8df19006f1cf1a4aed13540ed5cbc047010ece5826e10825488" +checksum = "50f3b39ccfb720540debaa0164757101c08ecb8d326b15358ce76a62c7e85965" dependencies = [ "proc-macro2", ] @@ -722,9 +738,9 @@ dependencies = [ [[package]] name = "rust-embed" -version = "6.7.0" +version = "6.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b73e721f488c353141288f223b599b4ae9303ecf3e62923f40a492f0634a4dc3" +checksum = "a36224c3276f8c4ebc8c20f158eca7ca4359c8db89991c4925132aaaf6702661" dependencies = [ "rust-embed-impl", "rust-embed-utils", @@ -733,22 +749,22 @@ dependencies = [ [[package]] name = "rust-embed-impl" -version = "6.6.0" +version = "6.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e22ce362f5561923889196595504317a4372b84210e6e335da529a65ea5452b5" +checksum = "49b94b81e5b2c284684141a2fb9e2a31be90638caf040bf9afbc5a0416afe1ac" dependencies = [ "proc-macro2", "quote", "rust-embed-utils", - "syn 2.0.18", + "syn 2.0.28", "walkdir", ] [[package]] name = "rust-embed-utils" -version = "7.5.0" +version = "7.8.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "512b0ab6853f7e14e3c8754acb43d6f748bb9ced66aa5915a6553ac8213f7731" +checksum = "9d38ff6bf570dc3bb7100fce9f7b60c33fa71d80e88da3f2580df4ff2bdded74" dependencies = [ "sha2", "walkdir", @@ -780,17 +796,16 @@ dependencies = [ [[package]] name = "scopeguard" -version = "1.1.0" +version = "1.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd" +checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49" [[package]] name = "scrypt" -version = "0.10.0" +version = "0.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9f9e24d2b632954ded8ab2ef9fea0a0c769ea56ea98bddbafbad22caeeadf45d" +checksum = "0516a385866c09368f0b5bcd1caff3366aace790fcd46e2bb032697bb172fd1f" dependencies = [ - "hmac", "pbkdf2", "salsa20", "sha2", @@ -813,29 +828,38 @@ checksum = "1ef965a420fe14fdac7dd018862966a4c14094f900e1650bbc71ddd7d580c8af" [[package]] name = "serde" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9e8c8cf938e98f769bc164923b06dce91cea1751522f46f8466461af04c9027d" +checksum = "6d3e73c93c3240c0bda063c239298e633114c69a888c3e37ca8bb33f343e9890" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.164" +version = "1.0.181" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9735b638ccc51c28bf6914d90a2e9725b377144fc612c49a611fddd1b631d68" +checksum = "be02f6cb0cd3a5ec20bbcfbcbd749f57daddb1a0882dc2e46a6c236c90b977ed" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", +] + +[[package]] +name = "serde_spanned" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "96426c9936fd7a0124915f9185ea1d20aa9445cc9821142f0a73bc9207a2e186" +dependencies = [ + "serde", ] [[package]] name = "sha2" -version = "0.10.6" +version = "0.10.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" +checksum = "479fb9d862239e610720565ca91403019f2f00410f1864c5aa7479b950a76ed8" dependencies = [ "cfg-if", "cpufeatures", @@ -844,9 +868,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.10.0" +version = "1.11.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" +checksum = "62bb4feee49fdd9f707ef802e22365a35de4b7b299de4763d44bfea899442ff9" [[package]] name = "strsim" @@ -873,9 +897,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.18" +version = "2.0.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "32d41677bcbe24c20c52e7c70b0d8db04134c5d1066bf98662e2871ad200ea3e" +checksum = "04361975b3f5e348b2189d8dc55bc942f278b2d482a6a0365de5bdd62d351567" dependencies = [ "proc-macro2", "quote", @@ -884,22 +908,22 @@ dependencies = [ [[package]] name = "thiserror" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "978c9a314bd8dc99be594bc3c175faaa9794be04a5a5e153caba6915336cebac" +checksum = "611040a08a0439f8248d1990b111c95baa9c704c805fa1f62104b39655fd7f90" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.40" +version = "1.0.44" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" +checksum = "090198534930841fab3a5d1bb637cde49e339654e606195f8d9c76eeb081dc96" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] [[package]] @@ -920,6 +944,40 @@ dependencies = [ "serde", ] +[[package]] +name = "toml" +version = "0.7.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c17e963a819c331dcacd7ab957d80bc2b9a9c1e71c804826d2f283dd65306542" +dependencies = [ + "serde", + "serde_spanned", + "toml_datetime", + "toml_edit", +] + +[[package]] +name = "toml_datetime" +version = "0.6.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "7cda73e2f1397b1262d6dfdcef8aafae14d1de7748d66822d3bfeeb6d03e5e4b" +dependencies = [ + "serde", +] + +[[package]] +name = "toml_edit" +version = "0.19.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8123f27e969974a3dfba720fdb560be359f57b44302d280ba72e76a74480e8a" +dependencies = [ + "indexmap", + "serde", + "serde_spanned", + "toml_datetime", + "winnow", +] + [[package]] name = "type-map" version = "0.4.0" @@ -956,9 +1014,9 @@ dependencies = [ [[package]] name = "unicode-ident" -version = "1.0.9" +version = "1.0.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b15811caf2415fb889178633e7724bad2509101cde276048e013b9def5e51fa0" +checksum = "301abaae475aa91687eb82514b328ab47a211a533026cb25fc3e519b86adfc3c" [[package]] name = "universal-hash" @@ -1031,9 +1089,9 @@ checksum = "712e227841d057c1ee1cd2fb22fa7e5a5461ae8e48fa2ca79ec42cfc1931183f" [[package]] name = "windows-targets" -version = "0.48.0" +version = "0.48.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b1eb6f0cd7c80c79759c929114ef071b87354ce476d9d94271031c0497adfd5" +checksum = "05d4b17490f70499f20b9e791dcf6a299785ce8af4d709018206dc5b4953e95f" dependencies = [ "windows_aarch64_gnullvm", "windows_aarch64_msvc", @@ -1086,6 +1144,15 @@ version = "0.48.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1a515f5799fe4961cb532f983ce2b23082366b898e52ffbce459c86f67c8378a" +[[package]] +name = "winnow" +version = "0.5.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "acaaa1190073b2b101e15083c38ee8ec891b5e05cbee516521e94ec008f61e64" +dependencies = [ + "memchr", +] + [[package]] name = "x25519-dalek" version = "1.1.1" @@ -1114,5 +1181,5 @@ checksum = "ce36e65b0d2999d2aafac989fb249189a141aee1f53c612c1f37d72631959f69" dependencies = [ "proc-macro2", "quote", - "syn 2.0.18", + "syn 2.0.28", ] diff --git a/rage/CHANGELOG.md b/rage/CHANGELOG.md index fec3659..940a379 100644 --- a/rage/CHANGELOG.md +++ b/rage/CHANGELOG.md @@ -9,6 +9,8 @@ and this project adheres to Rust's notion of to 1.0.0 are beta releases. ## [Unreleased] +### Changed +- MSRV is now 1.65.0. ## [0.9.2] - 2023-06-12 ### Changed diff --git a/rage/Cargo.toml b/rage/Cargo.toml index 38a8f41..cce7f6b 100644 --- a/rage/Cargo.toml +++ b/rage/Cargo.toml @@ -2,14 +2,14 @@ name = "rage" description = "[BETA] A simple, secure, and modern encryption tool." version = "0.9.2" -authors = ["Jack Grigg "] -repository = "https://github.com/str4d/rage" +authors.workspace = true +repository.workspace = true readme = "../README.md" keywords = ["age", "cli", "encryption"] categories = ["command-line-utilities", "cryptography"] -license = "MIT OR Apache-2.0" -edition = "2021" -rust-version = "1.59" +license.workspace = true +edition.workspace = true +rust-version.workspace = true default-run = "rage" [package.metadata.deb] @@ -54,17 +54,17 @@ maintenance = { status = "experimental" } [dependencies] # rage and rage-keygen dependencies -age = { version = "0.9.2", path = "../age", features = ["armor", "cli-common", "plugin"] } -chrono = "0.4" -console = { version = "0.15", default-features = false } -env_logger = "0.9" -gumdrop = "0.8" -i18n-embed = { version = "0.13", features = ["desktop-requester", "fluent-system"] } -i18n-embed-fl = "0.6" -lazy_static = "1" -log = "0.4" -pinentry = "0.5" -rust-embed = "6" +age = { workspace = true, features = ["armor", "cli-common", "plugin"] } +chrono.workspace = true +console.workspace = true +env_logger.workspace = true +gumdrop.workspace = true +i18n-embed = { workspace = true, features = ["desktop-requester"] } +i18n-embed-fl.workspace = true +lazy_static.workspace = true +log.workspace = true +pinentry.workspace = true +rust-embed.workspace = true # rage-mount dependencies ctrlc = { version = "3.2", optional = true } @@ -72,12 +72,12 @@ fuse_mt = { version = "0.6.0", optional = true } fuser = { version = "0.11.1", optional = true } libc = { version = "0.2", optional = true } tar = { version = "0.4", optional = true } -time = { version = "0.3.7", optional = true } +time = { version = ">=0.3.7, <0.3.24", optional = true } # time 0.3.24 has MSRV 1.67 zip = { version = "0.6.2", optional = true } [dev-dependencies] -clap = "3.1" -clap_complete = "3.1" +clap = { version = "4", default-features = false } +clap_complete = "4" flate2 = "1" man = "0.3" diff --git a/rage/examples/generate-completions.rs b/rage/examples/generate-completions.rs index ed410fd..527eb4a 100644 --- a/rage/examples/generate-completions.rs +++ b/rage/examples/generate-completions.rs @@ -1,4 +1,4 @@ -use clap::{Arg, Command}; +use clap::{Arg, ArgAction, Command}; use clap_complete::{generate, shells, Generator}; use std::fs::{create_dir_all, File}; @@ -46,53 +46,57 @@ fn generate_completions(mut app: Command, bin_name: &str) { fn rage_completions() { let app = Command::new("rage") .arg(Arg::new("input")) - .arg(Arg::new("encrypt").short('e').long("encrypt")) - .arg(Arg::new("decrypt").short('d').long("decrypt")) - .arg(Arg::new("passphrase").short('p').long("passphrase")) .arg( - Arg::new("max-work-factor") - .takes_value(true) - .long("max-work-factor"), + Arg::new("encrypt") + .short('e') + .long("encrypt") + .action(ArgAction::SetTrue), + ) + .arg( + Arg::new("decrypt") + .short('d') + .long("decrypt") + .action(ArgAction::SetTrue), + ) + .arg( + Arg::new("passphrase") + .short('p') + .long("passphrase") + .action(ArgAction::SetTrue), + ) + .arg(Arg::new("max-work-factor").long("max-work-factor")) + .arg( + Arg::new("armor") + .short('a') + .long("armor") + .action(ArgAction::SetTrue), ) - .arg(Arg::new("armor").short('a').long("armor")) .arg( Arg::new("recipient") - .takes_value(true) - .multiple_occurrences(true) .short('r') - .long("recipient"), + .long("recipient") + .action(ArgAction::Append), ) .arg( Arg::new("recipients-file") - .takes_value(true) - .multiple_occurrences(true) .short('R') - .long("recipients-file"), + .long("recipients-file") + .action(ArgAction::Append), ) .arg( Arg::new("identity") - .takes_value(true) - .multiple_occurrences(true) .short('i') - .long("identity"), + .long("identity") + .action(ArgAction::Append), ) - .arg( - Arg::new("output") - .takes_value(true) - .short('o') - .long("output"), - ); + .arg(Arg::new("plugin-name").short('j')) + .arg(Arg::new("output").short('o').long("output")); generate_completions(app, "rage"); } fn rage_keygen_completions() { - let app = Command::new("rage-keygen").arg( - Arg::new("output") - .takes_value(true) - .short('o') - .long("output"), - ); + let app = Command::new("rage-keygen").arg(Arg::new("output").short('o').long("output")); generate_completions(app, "rage-keygen"); } @@ -102,17 +106,12 @@ fn rage_mount_completions() { .arg(Arg::new("filename")) .arg(Arg::new("mountpoint")) .arg(Arg::new("types").short('t').long("types")) - .arg( - Arg::new("max-work-factor") - .takes_value(true) - .long("max-work-factor"), - ) + .arg(Arg::new("max-work-factor").long("max-work-factor")) .arg( Arg::new("identity") - .takes_value(true) - .multiple_occurrences(true) .short('i') - .long("identity"), + .long("identity") + .action(ArgAction::Append), ); generate_completions(app, "rage-mount"); diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 7930d28..ce69938 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ [toolchain] -channel = "1.59.0" +channel = "1.65.0" components = ["clippy", "rustfmt"] diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index a9b8162..bd8ca6f 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -5,3 +5,57 @@ description = "The cryptographic code in this crate has been reviewed for correctness by a member of a designated set of cryptography experts within the project." [audits] + +[[trusted.windows-sys]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-15" +end = "2024-08-06" + +[[trusted.windows-targets]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-09" +end = "2024-08-06" + +[[trusted.windows_aarch64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2024-08-06" + +[[trusted.windows_aarch64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-11-05" +end = "2024-08-06" + +[[trusted.windows_i686_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2024-08-06" + +[[trusted.windows_i686_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2024-08-06" + +[[trusted.windows_x86_64_gnu]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-28" +end = "2024-08-06" + +[[trusted.windows_x86_64_gnullvm]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2022-09-01" +end = "2024-08-06" + +[[trusted.windows_x86_64_msvc]] +criteria = "safe-to-deploy" +user-id = 64539 # Kenny Kerr (kennykerr) +start = "2021-10-27" +end = "2024-08-06" diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 2f2c405..e945133 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -2,7 +2,7 @@ # cargo-vet config file [cargo-vet] -version = "0.7" +version = "0.8" [imports.bytecode-alliance] url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-chain/audits.toml" @@ -10,6 +10,9 @@ url = "https://raw.githubusercontent.com/bytecodealliance/wasmtime/main/supply-c [imports.embark-studios] url = "https://raw.githubusercontent.com/EmbarkStudios/rust-ecosystem/main/audits.toml" +[imports.google] +url = "https://raw.githubusercontent.com/google/supply-chain/main/audits.toml" + [imports.isrg] url = "https://raw.githubusercontent.com/divviup/libprio-rs/main/supply-chain/audits.toml" @@ -35,14 +38,6 @@ audit-as-crates-io = false [policy.rage] audit-as-crates-io = false -[[exemptions.addr2line]] -version = "0.17.0" -criteria = "safe-to-run" - -[[exemptions.adler]] -version = "1.0.2" -criteria = "safe-to-deploy" - [[exemptions.aead]] version = "0.5.1" criteria = "safe-to-deploy" @@ -56,31 +51,39 @@ version = "0.10.1" criteria = "safe-to-deploy" [[exemptions.ahash]] -version = "0.8.0" +version = "0.8.3" criteria = "safe-to-run" [[exemptions.aho-corasick]] -version = "0.7.18" +version = "1.0.2" criteria = "safe-to-deploy" [[exemptions.android-tzdata]] version = "0.1.1" criteria = "safe-to-deploy" +[[exemptions.anstyle]] +version = "1.0.1" +criteria = "safe-to-run" + [[exemptions.arc-swap]] version = "1.6.0" criteria = "safe-to-deploy" -[[exemptions.base64]] -version = "0.13.1" -criteria = "safe-to-deploy" +[[exemptions.arrayvec]] +version = "0.7.4" +criteria = "safe-to-run" + +[[exemptions.backtrace]] +version = "0.3.68" +criteria = "safe-to-run" [[exemptions.base64ct]] -version = "1.5.3" +version = "1.6.0" criteria = "safe-to-deploy" [[exemptions.bcrypt-pbkdf]] -version = "0.9.0" +version = "0.10.0" criteria = "safe-to-deploy" [[exemptions.bech32]] @@ -103,14 +106,6 @@ criteria = "safe-to-deploy" version = "0.9.1" criteria = "safe-to-deploy" -[[exemptions.bstr]] -version = "0.2.17" -criteria = "safe-to-run" - -[[exemptions.bytemuck]] -version = "1.13.1" -criteria = "safe-to-run" - [[exemptions.byteorder]] version = "1.4.3" criteria = "safe-to-deploy" @@ -132,7 +127,7 @@ version = "0.1.2" criteria = "safe-to-deploy" [[exemptions.cc]] -version = "1.0.79" +version = "1.0.81" criteria = "safe-to-deploy" [[exemptions.chacha20]] @@ -147,24 +142,32 @@ criteria = "safe-to-deploy" version = "0.4.26" criteria = "safe-to-deploy" +[[exemptions.ciborium]] +version = "0.2.1" +criteria = "safe-to-run" + +[[exemptions.ciborium-io]] +version = "0.2.1" +criteria = "safe-to-run" + +[[exemptions.ciborium-ll]] +version = "0.2.1" +criteria = "safe-to-run" + [[exemptions.cipher]] version = "0.3.0" criteria = "safe-to-deploy" [[exemptions.clap]] -version = "2.34.0" +version = "4.3.19" criteria = "safe-to-run" -[[exemptions.clap]] -version = "3.2.25" +[[exemptions.clap_builder]] +version = "4.3.19" criteria = "safe-to-run" [[exemptions.clap_complete]] -version = "3.2.5" -criteria = "safe-to-run" - -[[exemptions.clap_lex]] -version = "0.2.4" +version = "4.3.2" criteria = "safe-to-run" [[exemptions.console]] @@ -172,7 +175,7 @@ version = "0.15.7" criteria = "safe-to-deploy" [[exemptions.const-oid]] -version = "0.9.2" +version = "0.9.4" criteria = "safe-to-deploy" [[exemptions.constant_time_eq]] @@ -184,11 +187,11 @@ version = "0.3.2" criteria = "safe-to-deploy" [[exemptions.cpp_demangle]] -version = "0.3.5" +version = "0.4.2" criteria = "safe-to-run" [[exemptions.cpufeatures]] -version = "0.2.2" +version = "0.2.9" criteria = "safe-to-deploy" [[exemptions.crc32fast]] @@ -200,43 +203,23 @@ version = "0.3.6" criteria = "safe-to-run" [[exemptions.criterion-cycles-per-byte]] -version = "0.1.3" +version = "0.5.0" criteria = "safe-to-run" [[exemptions.criterion-plot]] version = "0.4.5" criteria = "safe-to-run" -[[exemptions.crossbeam-channel]] -version = "0.5.7" -criteria = "safe-to-run" - -[[exemptions.crossbeam-deque]] -version = "0.8.3" -criteria = "safe-to-run" - -[[exemptions.crossbeam-epoch]] -version = "0.9.14" -criteria = "safe-to-run" - [[exemptions.crossbeam-utils]] -version = "0.8.15" +version = "0.8.16" criteria = "safe-to-deploy" -[[exemptions.csv]] -version = "1.1.6" -criteria = "safe-to-run" - -[[exemptions.csv-core]] -version = "0.1.10" -criteria = "safe-to-run" - [[exemptions.ctr]] version = "0.9.2" criteria = "safe-to-deploy" [[exemptions.ctrlc]] -version = "3.3.1" +version = "3.4.0" criteria = "safe-to-deploy" [[exemptions.curve25519-dalek]] @@ -244,35 +227,43 @@ version = "3.2.0" criteria = "safe-to-deploy" [[exemptions.dashmap]] -version = "5.4.0" +version = "5.5.0" criteria = "safe-to-deploy" [[exemptions.der]] -version = "0.6.1" +version = "0.7.7" criteria = "safe-to-deploy" [[exemptions.digest]] version = "0.9.0" criteria = "safe-to-deploy" +[[exemptions.either]] +version = "1.9.0" +criteria = "safe-to-deploy" + [[exemptions.encode_unicode]] version = "0.3.6" criteria = "safe-to-deploy" -[[exemptions.env_logger]] -version = "0.8.4" -criteria = "safe-to-run" - [[exemptions.env_logger]] version = "0.9.0" criteria = "safe-to-deploy" +[[exemptions.equivalent]] +version = "1.0.1" +criteria = "safe-to-deploy" + +[[exemptions.errno]] +version = "0.3.2" +criteria = "safe-to-deploy" + [[exemptions.fastrand]] -version = "1.8.0" +version = "2.0.0" criteria = "safe-to-deploy" [[exemptions.filetime]] -version = "0.2.21" +version = "0.2.22" criteria = "safe-to-deploy" [[exemptions.find-crate]] @@ -295,10 +286,6 @@ criteria = "safe-to-deploy" version = "0.11.1" criteria = "safe-to-deploy" -[[exemptions.futures]] -version = "0.3.21" -criteria = "safe-to-deploy" - [[exemptions.futures-macro]] version = "0.3.21" criteria = "safe-to-deploy" @@ -327,10 +314,6 @@ criteria = "safe-to-deploy" version = "0.2.10" criteria = "safe-to-deploy" -[[exemptions.gimli]] -version = "0.26.1" -criteria = "safe-to-run" - [[exemptions.gumdrop]] version = "0.8.1" criteria = "safe-to-deploy" @@ -344,27 +327,23 @@ version = "0.1.19" criteria = "safe-to-deploy" [[exemptions.hermit-abi]] -version = "0.3.1" +version = "0.3.2" criteria = "safe-to-deploy" [[exemptions.hkdf]] version = "0.12.3" criteria = "safe-to-deploy" -[[exemptions.hmac]] -version = "0.12.1" -criteria = "safe-to-deploy" - [[exemptions.humantime]] version = "2.1.0" criteria = "safe-to-deploy" [[exemptions.i18n-config]] -version = "0.4.3" +version = "0.4.4" criteria = "safe-to-deploy" [[exemptions.i18n-embed]] -version = "0.13.8" +version = "0.13.9" criteria = "safe-to-deploy" [[exemptions.i18n-embed-fl]] @@ -372,7 +351,7 @@ version = "0.6.7" criteria = "safe-to-deploy" [[exemptions.i18n-embed-impl]] -version = "0.8.0" +version = "0.8.1" criteria = "safe-to-deploy" [[exemptions.iana-time-zone]] @@ -387,40 +366,32 @@ criteria = "safe-to-deploy" version = "1.9.1" criteria = "safe-to-run" +[[exemptions.indexmap]] +version = "2.0.0" +criteria = "safe-to-deploy" + [[exemptions.inferno]] -version = "0.11.14" +version = "0.11.15" criteria = "safe-to-run" -[[exemptions.instant]] -version = "0.1.12" -criteria = "safe-to-deploy" - -[[exemptions.io-lifetimes]] -version = "1.0.11" -criteria = "safe-to-deploy" - [[exemptions.io_tee]] version = "0.1.1" criteria = "safe-to-deploy" -[[exemptions.itertools]] -version = "0.10.5" -criteria = "safe-to-run" - -[[exemptions.itoa]] -version = "0.4.8" -criteria = "safe-to-run" - -[[exemptions.itoa]] -version = "1.0.6" +[[exemptions.is-terminal]] +version = "0.4.9" criteria = "safe-to-deploy" +[[exemptions.itoa]] +version = "1.0.9" +criteria = "safe-to-run" + [[exemptions.jobserver]] version = "0.1.26" criteria = "safe-to-deploy" [[exemptions.js-sys]] -version = "0.3.63" +version = "0.3.64" criteria = "safe-to-deploy" [[exemptions.libc]] @@ -432,7 +403,7 @@ version = "0.2.2" criteria = "safe-to-deploy" [[exemptions.linux-raw-sys]] -version = "0.3.8" +version = "0.4.5" criteria = "safe-to-deploy" [[exemptions.locale_config]] @@ -456,25 +427,13 @@ version = "0.5.10" criteria = "safe-to-run" [[exemptions.memoffset]] -version = "0.6.5" +version = "0.9.0" criteria = "safe-to-run" [[exemptions.minimal-lexical]] version = "0.2.1" criteria = "safe-to-deploy" -[[exemptions.miniz_oxide]] -version = "0.5.3" -criteria = "safe-to-run" - -[[exemptions.miniz_oxide]] -version = "0.7.1" -criteria = "safe-to-deploy" - -[[exemptions.nix]] -version = "0.24.3" -criteria = "safe-to-run" - [[exemptions.nix]] version = "0.26.1" criteria = "safe-to-deploy" @@ -484,19 +443,19 @@ version = "7.1.1" criteria = "safe-to-deploy" [[exemptions.num-bigint-dig]] -version = "0.8.2" +version = "0.8.4" criteria = "safe-to-deploy" [[exemptions.num-format]] version = "0.4.4" criteria = "safe-to-run" -[[exemptions.num_cpus]] -version = "1.13.1" +[[exemptions.num-traits]] +version = "0.2.16" criteria = "safe-to-deploy" -[[exemptions.num_threads]] -version = "0.1.6" +[[exemptions.num_cpus]] +version = "1.16.0" criteria = "safe-to-deploy" [[exemptions.objc]] @@ -511,10 +470,6 @@ criteria = "safe-to-deploy" version = "0.1.1" criteria = "safe-to-deploy" -[[exemptions.object]] -version = "0.30.4" -criteria = "safe-to-run" - [[exemptions.once_cell]] version = "1.15.0" criteria = "safe-to-deploy" @@ -523,10 +478,6 @@ criteria = "safe-to-deploy" version = "11.1.3" criteria = "safe-to-run" -[[exemptions.os_str_bytes]] -version = "6.5.1" -criteria = "safe-to-run" - [[exemptions.page_size]] version = "0.4.2" criteria = "safe-to-deploy" @@ -547,20 +498,24 @@ criteria = "safe-to-deploy" version = "0.11.0" criteria = "safe-to-deploy" +[[exemptions.pbkdf2]] +version = "0.12.2" +criteria = "safe-to-deploy" + [[exemptions.percent-encoding]] version = "2.3.0" criteria = "safe-to-deploy" [[exemptions.pin-project]] -version = "1.1.0" +version = "1.1.2" criteria = "safe-to-deploy" [[exemptions.pin-project-internal]] -version = "1.1.0" +version = "1.1.2" criteria = "safe-to-deploy" [[exemptions.pin-project-lite]] -version = "0.2.9" +version = "0.2.10" criteria = "safe-to-deploy" [[exemptions.pinentry]] @@ -568,11 +523,11 @@ version = "0.5.0" criteria = "safe-to-deploy" [[exemptions.pkcs1]] -version = "0.4.1" +version = "0.7.5" criteria = "safe-to-deploy" [[exemptions.pkcs8]] -version = "0.9.0" +version = "0.10.2" criteria = "safe-to-deploy" [[exemptions.pkg-config]] @@ -580,15 +535,15 @@ version = "0.3.27" criteria = "safe-to-deploy" [[exemptions.plotters]] -version = "0.3.4" +version = "0.3.5" criteria = "safe-to-run" [[exemptions.plotters-backend]] -version = "0.3.4" +version = "0.3.5" criteria = "safe-to-run" [[exemptions.plotters-svg]] -version = "0.3.3" +version = "0.3.5" criteria = "safe-to-run" [[exemptions.poly1305]] @@ -596,11 +551,11 @@ version = "0.8.0" criteria = "safe-to-deploy" [[exemptions.polyval]] -version = "0.6.0" +version = "0.6.1" criteria = "safe-to-deploy" [[exemptions.pprof]] -version = "0.10.1" +version = "0.12.1" criteria = "safe-to-run" [[exemptions.ppv-lite86]] @@ -611,14 +566,6 @@ criteria = "safe-to-deploy" version = "1.0.4" criteria = "safe-to-deploy" -[[exemptions.proc-macro-error-attr]] -version = "1.0.4" -criteria = "safe-to-deploy" - -[[exemptions.proc-macro2]] -version = "1.0.60" -criteria = "safe-to-deploy" - [[exemptions.quick-xml]] version = "0.26.0" criteria = "safe-to-run" @@ -627,6 +574,10 @@ criteria = "safe-to-run" version = "1.0.3" criteria = "safe-to-run" +[[exemptions.quote]] +version = "1.0.32" +criteria = "safe-to-deploy" + [[exemptions.rand]] version = "0.7.3" criteria = "safe-to-deploy" @@ -647,32 +598,24 @@ criteria = "safe-to-deploy" version = "0.5.1" criteria = "safe-to-deploy" -[[exemptions.rand_core]] -version = "0.6.4" -criteria = "safe-to-deploy" - [[exemptions.rand_hc]] version = "0.2.0" criteria = "safe-to-deploy" -[[exemptions.redox_syscall]] -version = "0.2.16" -criteria = "safe-to-deploy" - [[exemptions.redox_syscall]] version = "0.3.5" criteria = "safe-to-deploy" [[exemptions.regex]] -version = "1.5.6" +version = "1.9.1" criteria = "safe-to-deploy" [[exemptions.regex-automata]] -version = "0.1.10" -criteria = "safe-to-run" +version = "0.3.4" +criteria = "safe-to-deploy" [[exemptions.regex-syntax]] -version = "0.6.26" +version = "0.7.4" criteria = "safe-to-deploy" [[exemptions.rgb]] @@ -684,32 +627,36 @@ version = "0.1.0" criteria = "safe-to-run" [[exemptions.rpassword]] -version = "6.0.1" +version = "7.2.0" criteria = "safe-to-deploy" [[exemptions.rsa]] -version = "0.7.2" +version = "0.9.2" +criteria = "safe-to-deploy" + +[[exemptions.rtoolbox]] +version = "0.0.1" criteria = "safe-to-deploy" [[exemptions.rust-embed]] -version = "6.7.0" +version = "6.8.1" criteria = "safe-to-deploy" [[exemptions.rust-embed-impl]] -version = "6.6.0" +version = "6.8.1" criteria = "safe-to-deploy" [[exemptions.rust-embed-utils]] -version = "7.5.0" +version = "7.8.1" criteria = "safe-to-deploy" [[exemptions.rustix]] -version = "0.37.20" +version = "0.38.6" criteria = "safe-to-deploy" [[exemptions.ryu]] -version = "1.0.13" -criteria = "safe-to-deploy" +version = "1.0.15" +criteria = "safe-to-run" [[exemptions.salsa20]] version = "0.10.2" @@ -720,11 +667,11 @@ version = "1.0.6" criteria = "safe-to-deploy" [[exemptions.scopeguard]] -version = "1.1.0" +version = "1.2.0" criteria = "safe-to-deploy" [[exemptions.scrypt]] -version = "0.10.0" +version = "0.11.0" criteria = "safe-to-deploy" [[exemptions.secrecy]] @@ -736,27 +683,23 @@ version = "0.10.2" criteria = "safe-to-deploy" [[exemptions.serde]] -version = "1.0.164" +version = "1.0.181" criteria = "safe-to-deploy" [[exemptions.serde_derive]] -version = "1.0.164" +version = "1.0.181" criteria = "safe-to-deploy" [[exemptions.serde_json]] -version = "1.0.81" -criteria = "safe-to-deploy" +version = "1.0.104" +criteria = "safe-to-run" -[[exemptions.sha2]] -version = "0.10.6" -criteria = "safe-to-deploy" - -[[exemptions.signature]] -version = "1.6.4" +[[exemptions.serde_spanned]] +version = "0.6.3" criteria = "safe-to-deploy" [[exemptions.smallvec]] -version = "1.10.0" +version = "1.11.0" criteria = "safe-to-deploy" [[exemptions.spin]] @@ -764,13 +707,9 @@ version = "0.5.2" criteria = "safe-to-deploy" [[exemptions.spki]] -version = "0.6.0" +version = "0.7.2" criteria = "safe-to-deploy" -[[exemptions.stable_deref_trait]] -version = "1.2.0" -criteria = "safe-to-run" - [[exemptions.static_assertions]] version = "1.1.0" criteria = "safe-to-deploy" @@ -783,16 +722,12 @@ criteria = "safe-to-run" version = "0.10.0" criteria = "safe-to-deploy" -[[exemptions.subtle]] -version = "2.4.1" -criteria = "safe-to-deploy" - [[exemptions.symbolic-common]] -version = "9.2.1" +version = "12.3.0" criteria = "safe-to-run" [[exemptions.symbolic-demangle]] -version = "9.2.1" +version = "12.3.0" criteria = "safe-to-run" [[exemptions.syn]] @@ -800,15 +735,15 @@ version = "1.0.109" criteria = "safe-to-deploy" [[exemptions.syn]] -version = "2.0.18" +version = "2.0.28" criteria = "safe-to-deploy" [[exemptions.tar]] -version = "0.4.38" +version = "0.4.39" criteria = "safe-to-deploy" [[exemptions.tempfile]] -version = "3.6.0" +version = "3.7.0" criteria = "safe-to-deploy" [[exemptions.termcolor]] @@ -816,20 +751,24 @@ version = "1.1.3" criteria = "safe-to-deploy" [[exemptions.test-case]] -version = "2.2.2" +version = "3.1.0" +criteria = "safe-to-run" + +[[exemptions.test-case-core]] +version = "3.1.0" criteria = "safe-to-run" [[exemptions.test-case-macros]] -version = "2.2.2" +version = "3.1.0" criteria = "safe-to-run" -[[exemptions.textwrap]] -version = "0.11.0" -criteria = "safe-to-run" +[[exemptions.thiserror]] +version = "1.0.44" +criteria = "safe-to-deploy" -[[exemptions.textwrap]] -version = "0.16.0" -criteria = "safe-to-run" +[[exemptions.thiserror-impl]] +version = "1.0.44" +criteria = "safe-to-deploy" [[exemptions.threadpool]] version = "1.8.1" @@ -840,25 +779,25 @@ version = "0.1.44" criteria = "safe-to-deploy" [[exemptions.time]] -version = "0.3.15" +version = "0.3.23" criteria = "safe-to-deploy" [[exemptions.tinytemplate]] version = "1.2.1" criteria = "safe-to-run" -[[exemptions.tokio]] -version = "1.28.2" -criteria = "safe-to-run" - -[[exemptions.tokio-macros]] -version = "2.1.0" -criteria = "safe-to-run" - [[exemptions.toml]] version = "0.5.9" criteria = "safe-to-deploy" +[[exemptions.toml]] +version = "0.7.6" +criteria = "safe-to-deploy" + +[[exemptions.toml_edit]] +version = "0.19.14" +criteria = "safe-to-deploy" + [[exemptions.type-map]] version = "0.4.0" criteria = "safe-to-deploy" @@ -867,16 +806,12 @@ criteria = "safe-to-deploy" version = "1.15.0" criteria = "safe-to-deploy" -[[exemptions.users]] -version = "0.11.0" +[[exemptions.unicode-ident]] +version = "1.0.11" criteria = "safe-to-deploy" -[[exemptions.uuid]] -version = "1.3.3" -criteria = "safe-to-run" - -[[exemptions.version_check]] -version = "0.9.4" +[[exemptions.users]] +version = "0.11.0" criteria = "safe-to-deploy" [[exemptions.walkdir]] @@ -896,27 +831,23 @@ version = "0.11.0+wasi-snapshot-preview1" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-backend]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-macro]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.wasm-bindgen-macro-support]] -version = "0.2.86" -criteria = "safe-to-deploy" - -[[exemptions.wasm-bindgen-shared]] -version = "0.2.86" +version = "0.2.87" criteria = "safe-to-deploy" [[exemptions.web-sys]] -version = "0.3.63" +version = "0.3.64" criteria = "safe-to-deploy" [[exemptions.which]] @@ -943,6 +874,10 @@ criteria = "safe-to-deploy" version = "0.48.0" criteria = "safe-to-deploy" +[[exemptions.winnow]] +version = "0.5.4" +criteria = "safe-to-deploy" + [[exemptions.wsl]] version = "0.1.0" criteria = "safe-to-deploy" @@ -984,5 +919,5 @@ version = "5.0.2+zstd.1.5.2" criteria = "safe-to-deploy" [[exemptions.zstd-sys]] -version = "2.0.4+zstd.1.5.2" +version = "2.0.8+zstd.1.5.5" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 0aabe28..5b4d9ae 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -2,8 +2,8 @@ # cargo-vet imports lock [[publisher.bumpalo]] -version = "3.12.0" -when = "2023-01-17" +version = "3.13.0" +when = "2023-05-22" user-id = 696 user-login = "fitzgen" user-name = "Nick Fitzgerald" @@ -15,12 +15,131 @@ user-id = 5946 user-login = "jrmuizel" user-name = "Jeff Muizelaar" -[[publisher.unicode-width]] -version = "0.1.10" -when = "2022-09-13" -user-id = 1139 -user-login = "Manishearth" -user-name = "Manish Goregaokar" +[[publisher.windows-sys]] +version = "0.45.0" +when = "2023-01-21" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-sys]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-targets]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows-targets]] +version = "0.48.1" +when = "2023-06-28" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_gnullvm]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_gnullvm]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_aarch64_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_gnu]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_gnu]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_i686_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnu]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnu]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnullvm]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_gnullvm]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_msvc]] +version = "0.42.2" +when = "2023-03-13" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" + +[[publisher.windows_x86_64_msvc]] +version = "0.48.0" +when = "2023-03-31" +user-id = 64539 +user-login = "kennykerr" +user-name = "Kenny Kerr" [[audits.bytecode-alliance.wildcard-audits.bumpalo]] who = "Nick Fitzgerald " @@ -32,20 +151,20 @@ end = "2024-03-10" [[audits.bytecode-alliance.audits.addr2line]] who = "Alex Crichton " criteria = "safe-to-deploy" -delta = "0.17.0 -> 0.19.0" -notes = """ -This is a minor update for addr2line which looks to mainly update its -dependencies and refactor existing code to expose more functionality and such. -""" +delta = "0.19.0 -> 0.20.0" +notes = "This version brings support for split-dwarf which while it uses the filesystem is always done at the behest of the caller, so everything is as expected for this update." -[[audits.bytecode-alliance.audits.arrayvec]] -who = "Nick Fitzgerald " +[[audits.bytecode-alliance.audits.adler]] +who = "Alex Crichton " criteria = "safe-to-deploy" -version = "0.7.2" -notes = """ -Well documented invariants, good assertions for those invariants in unsafe code, -and tested with MIRI to boot. LGTM. -""" +version = "1.0.2" +notes = "This is a small crate which forbids unsafe code and is a straightforward implementation of the adler hashing algorithm." + +[[audits.bytecode-alliance.audits.anes]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.1.6" +notes = "Contains no unsafe code, no IO, no build.rs." [[audits.bytecode-alliance.audits.atty]] who = "Alex Crichton " @@ -57,20 +176,29 @@ the environment's terminal information when asked. Does its stated purpose and no more. """ -[[audits.bytecode-alliance.audits.backtrace]] +[[audits.bytecode-alliance.audits.base64]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +version = "0.21.0" +notes = "This crate has no dependencies, no build.rs, and contains no unsafe code." + +[[audits.bytecode-alliance.audits.bitflags]] +who = "Jamey Sharp " +criteria = "safe-to-deploy" +delta = "2.1.0 -> 2.2.1" +notes = """ +This version adds unsafe impls of traits from the bytemuck crate when built +with that library enabled, but I believe the impls satisfy the documented +safety requirements for bytemuck. The other changes are minor. +""" + +[[audits.bytecode-alliance.audits.bitflags]] who = "Alex Crichton " criteria = "safe-to-deploy" -version = "0.3.66" -notes = "I am the author of this crate." - -[[audits.bytecode-alliance.audits.backtrace]] -who = "Alex Crichton " -criteria = "safe-to-run" -delta = "0.3.66 -> 0.3.67" +delta = "2.3.2 -> 2.3.3" notes = """ -This change introduced a new means of learning the current exe by parsing -Linux-specific constructs and does not constitute any major changes to the -crate. +Nothing outside the realm of what one would expect from a bitflags generator, +all as expected. """ [[audits.bytecode-alliance.audits.block-buffer]] @@ -84,15 +212,21 @@ criteria = "safe-to-deploy" version = "1.0.0" notes = "I am the author of this crate." -[[audits.bytecode-alliance.audits.cpufeatures]] -who = "Alex Crichton " +[[audits.bytecode-alliance.audits.criterion]] +who = "Pat Hickey " criteria = "safe-to-deploy" -delta = "0.2.2 -> 0.2.7" +delta = "0.3.6 -> 0.4.0" notes = """ -This is a minor update that looks to add some more detected CPU features and -various other minor portability fixes such as MIRI support. +criterion v0.3.6..v0.4.0 is mostly re-arranging the crate features and bumping dependencies. all changes +to code seem to be confined to benchmarks. """ +[[audits.bytecode-alliance.audits.criterion-plot]] +who = "Pat Hickey " +criteria = "safe-to-deploy" +delta = "0.4.5 -> 0.5.0" +notes = "Just a version bump, only change to code is to remove an allow(deprecated)" + [[audits.bytecode-alliance.audits.crypto-common]] who = "Benjamin Bouvier " criteria = "safe-to-deploy" @@ -103,18 +237,6 @@ who = "Benjamin Bouvier " criteria = "safe-to-deploy" delta = "0.9.0 -> 0.10.3" -[[audits.bytecode-alliance.audits.errno]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.3.0" -notes = "This crate uses libc and windows-sys APIs to get and set the raw OS error value." - -[[audits.bytecode-alliance.audits.errno]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -delta = "0.3.0 -> 0.3.1" -notes = "Just a dependency version bump and a bug fix for redox" - [[audits.bytecode-alliance.audits.errno-dragonfly]] who = "Jamey Sharp " criteria = "safe-to-deploy" @@ -149,15 +271,23 @@ who = "Pat Hickey " criteria = "safe-to-deploy" version = "0.3.27" -[[audits.bytecode-alliance.audits.gimli]] +[[audits.bytecode-alliance.audits.hashbrown]] +who = "Chris Fallin " +criteria = "safe-to-deploy" +delta = "0.12.3 -> 0.13.1" +notes = "The diff looks plausible. Much of it is low-level memory-layout code and I can't be 100% certain without a deeper dive into the implementation logic, but nothing looks actively malicious." + +[[audits.bytecode-alliance.audits.hashbrown]] +who = "Trevor Elliott " +criteria = "safe-to-deploy" +delta = "0.13.1 -> 0.13.2" +notes = "I read through the diff between v0.13.1 and v0.13.2, and verified that the changes made matched up with the changelog entries. There were very few changes between these two releases, and it was easy to verify what they did." + +[[audits.bytecode-alliance.audits.libc]] who = "Alex Crichton " criteria = "safe-to-deploy" -delta = "0.26.1 -> 0.27.0" -notes = """ -This is a standard update to gimli for more DWARF support for more platforms, -more features, etc. Some minor `unsafe` code was added that does not appear -incorrect. Otherwise looks like someone probably ran clippy and/or rustfmt. -""" +delta = "0.2.146 -> 0.2.147" +notes = "Only new type definitions and updating others for some platforms, no major changes" [[audits.bytecode-alliance.audits.libm]] who = "Alex Crichton " @@ -178,21 +308,44 @@ This is a minor update which has some testing affordances as well as some updated math algorithms. """ -[[audits.bytecode-alliance.audits.memoffset]] +[[audits.bytecode-alliance.audits.miniz_oxide]] who = "Alex Crichton " criteria = "safe-to-deploy" -delta = "0.7.1 -> 0.8.0" -notes = "This was a small update to the crate which has to do with Rust language features and compiler versions, no substantial changes." +version = "0.7.1" +notes = """ +This crate is a Rust implementation of zlib compression/decompression and has +been used by default by the Rust standard library for quite some time. It's also +a default dependency of the popular `backtrace` crate for decompressing debug +information. This crate forbids unsafe code and does not otherwise access system +resources. It's originally a port of the `miniz.c` library as well, and given +its own longevity should be relatively hardened against some of the more common +compression-related issues. +""" + +[[audits.bytecode-alliance.audits.object]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "0.30.3 -> 0.31.1" +notes = "A large-ish update to the crate but nothing out of the ordering. Support for new formats like xcoff, new constants, minor refactorings, etc. Nothing out of the ordinary." [[audits.bytecode-alliance.audits.pin-utils]] who = "Pat Hickey " criteria = "safe-to-deploy" version = "0.1.0" -[[audits.bytecode-alliance.audits.quote]] +[[audits.bytecode-alliance.audits.proc-macro2]] who = "Pat Hickey " criteria = "safe-to-deploy" -delta = "1.0.23 -> 1.0.27" +delta = "1.0.51 -> 1.0.57" + +[[audits.bytecode-alliance.audits.proc-macro2]] +who = "Alex Crichton " +criteria = "safe-to-deploy" +delta = "1.0.59 -> 1.0.63" +notes = """ +This is a routine update for new nightly features and new syntax popping up on +nightly, nothing out of the ordinary. +""" [[audits.bytecode-alliance.audits.rustc-demangle]] who = "Alex Crichton " @@ -206,216 +359,188 @@ criteria = "safe-to-deploy" version = "0.4.6" notes = "provides a datastructure implemented using std's Vec. all uses of unsafe are just delegating to the underlying unsafe Vec methods." -[[audits.bytecode-alliance.audits.unicode-ident]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "1.0.8" - -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-sys]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.45.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows-targets]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -version = "0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. Additionally, this particular crate is empty and just collects a bunch of dependencies, which are not exported, so I don't understand why it exists at all." - -[[audits.bytecode-alliance.audits.windows-targets]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. It just provides the import libs needed by windows-sys." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_gnullvm]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_aarch64_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_gnu]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_i686_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnu]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_gnullvm]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.42.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Dan Gohman " -criteria = "safe-to-deploy" -version = "0.48.0" -notes = "This is a Windows API bindings library maintained by Microsoft themselves." - -[[audits.bytecode-alliance.audits.windows_x86_64_msvc]] -who = "Pat Hickey " -criteria = "safe-to-deploy" -delta = "0.42.0 -> 0.42.1" -notes = "This is a Windows API bindings library maintained by Microsoft themselves. The diff is just adding license files." - -[[audits.embark-studios.audits.epaint]] -who = "Johan Andersson " -criteria = "safe-to-deploy" -violation = "<0.20.0" -notes = "Specified crate license does not include licenses of embedded fonts if using default features or the `default_fonts` feature. Tracked in: https://github.com/emilk/egui/issues/2321" - [[audits.embark-studios.audits.quickcheck_macros]] who = "Johan Andersson " criteria = "safe-to-deploy" version = "1.0.0" notes = "Proc macro. No unsafe usage or ambient capabilities" -[[audits.embark-studios.audits.thiserror]] +[[audits.embark-studios.audits.toml_datetime]] who = "Johan Andersson " criteria = "safe-to-deploy" -version = "1.0.40" -notes = "Wrapper over implementation crate, found no unsafe or ambient capabilities used" +delta = "0.6.1 -> 0.6.2" +notes = "No notable changes" -[[audits.embark-studios.audits.thiserror-impl]] -who = "Johan Andersson " +[[audits.google.audits.addr2line]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.19.0" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.bytemuck]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "1.13.1" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.clap_lex]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.4.1" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.crossbeam-channel]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.5.7" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.crossbeam-deque]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.8.3" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.crossbeam-epoch]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.9.14" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.crossbeam-epoch]] +who = "George Burgess IV " +criteria = "safe-to-run" +delta = "0.9.14 -> 0.9.15" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.env_logger]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.9.3" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.env_logger]] +who = "George Burgess IV " +criteria = "safe-to-run" +delta = "0.9.3 -> 0.8.4" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.futures]] +who = "George Burgess IV " criteria = "safe-to-deploy" -version = "1.0.40" -notes = "Found no unsafe or ambient capabilities used" +version = "0.3.28" +notes = """ +`futures` has no logic other than tests - it simply `pub use`s things from +other crates. +""" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.gimli]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.27.3" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.itertools]] +who = "ChromeOS" +criteria = "safe-to-run" +version = "0.10.5" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.object]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "0.30.3" +notes = "I'm not counting the code related to the GNU Hash section as crypto for the sake of this review." +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.proc-macro-error-attr]] +who = "George Burgess IV " +criteria = "safe-to-deploy" +version = "1.0.4" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.stable_deref_trait]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "1.2.0" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.tokio]] +who = "Vovo Yang " +criteria = "safe-to-run" +version = "1.29.1" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.tokio-macros]] +who = "Vovo Yang " +criteria = "safe-to-run" +version = "2.1.0" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.uuid]] +who = "George Burgess IV " +criteria = "safe-to-run" +version = "1.3.0" +notes = "Randomness and hashing involved in UUID generation is sourced from other crates." +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.google.audits.version_check]] +who = "George Burgess IV " +criteria = "safe-to-deploy" +version = "0.9.4" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + +[[audits.isrg.audits.aes]] +who = "Brandon Pitman " +criteria = "safe-to-deploy" +delta = "0.8.2 -> 0.8.3" [[audits.isrg.audits.aes-gcm]] who = "Tim Geoghegan " criteria = "safe-to-deploy" delta = "0.10.1 -> 0.10.2" +[[audits.isrg.audits.base64]] +who = "Tim Geoghegan " +criteria = "safe-to-deploy" +delta = "0.21.0 -> 0.21.1" + +[[audits.isrg.audits.base64]] +who = "Brandon Pitman " +criteria = "safe-to-deploy" +delta = "0.21.1 -> 0.21.2" + [[audits.isrg.audits.block-buffer]] who = "David Cook " criteria = "safe-to-deploy" version = "0.9.0" +[[audits.isrg.audits.clap_lex]] +who = "Brandon Pitman " +criteria = "safe-to-run" +delta = "0.4.1 -> 0.5.0" + +[[audits.isrg.audits.criterion]] +who = "Brandon Pitman " +criteria = "safe-to-run" +delta = "0.4.0 -> 0.5.1" + [[audits.isrg.audits.digest]] who = "David Cook " criteria = "safe-to-deploy" delta = "0.10.6 -> 0.10.7" -[[audits.isrg.audits.either]] -who = "David Cook " -criteria = "safe-to-deploy" -version = "1.6.1" - [[audits.isrg.audits.ghash]] who = "David Cook " criteria = "safe-to-deploy" version = "0.5.0" +[[audits.isrg.audits.hmac]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.12.1" + [[audits.isrg.audits.once_cell]] who = "David Cook " criteria = "safe-to-deploy" @@ -431,11 +556,21 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "1.17.1 -> 1.17.2" +[[audits.isrg.audits.once_cell]] +who = "David Cook " +criteria = "safe-to-deploy" +delta = "1.17.2 -> 1.18.0" + [[audits.isrg.audits.opaque-debug]] who = "David Cook " criteria = "safe-to-deploy" version = "0.3.0" +[[audits.isrg.audits.rand_core]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.6.3" + [[audits.isrg.audits.rayon]] who = "Brandon Pitman " criteria = "safe-to-deploy" @@ -446,20 +581,10 @@ who = "Brandon Pitman " criteria = "safe-to-deploy" delta = "1.10.2 -> 1.11.0" -[[audits.isrg.audits.serde_json]] -who = "Brandon Pitman " -criteria = "safe-to-deploy" -delta = "1.0.93 -> 1.0.94" - -[[audits.isrg.audits.serde_json]] -who = "Brandon Pitman " -criteria = "safe-to-deploy" -delta = "1.0.94 -> 1.0.95" - -[[audits.isrg.audits.subtle]] +[[audits.isrg.audits.sha2]] who = "David Cook " criteria = "safe-to-deploy" -delta = "2.4.1 -> 2.5.0" +version = "0.10.2" [[audits.isrg.audits.universal-hash]] who = "David Cook " @@ -471,6 +596,11 @@ who = "David Cook " criteria = "safe-to-deploy" delta = "0.5.0 -> 0.5.1" +[[audits.isrg.audits.wasm-bindgen-shared]] +who = "David Cook " +criteria = "safe-to-deploy" +version = "0.2.83" + [[audits.mozilla.wildcard-audits.core-foundation-sys]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -481,21 +611,6 @@ renew = false notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.wildcard-audits.unicode-width]] -who = "Manish Goregaokar " -criteria = "safe-to-deploy" -user-id = 1139 # Manish Goregaokar (Manishearth) -start = "2019-12-05" -end = "2024-05-03" -notes = "All code written or reviewed by Manish" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.aho-corasick]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.7.18 -> 0.7.20" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.android_system_properties]] who = "Nicolas Silva " criteria = "safe-to-deploy" @@ -522,6 +637,25 @@ version = "1.1.0" notes = "All code written or reviewed by Josh Stone." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.bitflags]] +who = "Alex Franchuk " +criteria = "safe-to-deploy" +delta = "1.3.2 -> 2.0.2" +notes = "Removal of some unsafe code/methods. No changes to externals, just some refactoring (mostly internal)." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.bitflags]] +who = "Nicolas Silva " +criteria = "safe-to-deploy" +delta = "2.0.2 -> 2.1.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.bitflags]] +who = "Teodor Tanasoaia " +criteria = "safe-to-deploy" +delta = "2.2.1 -> 2.3.2" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.block-buffer]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -571,34 +705,16 @@ criteria = "safe-to-deploy" delta = "0.2.3 -> 0.2.4" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.either]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.6.1 -> 1.7.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.either]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.7.0 -> 1.8.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.either]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.8.0 -> 1.8.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.env_logger]] who = "Mike Hommey " criteria = "safe-to-deploy" delta = "0.9.0 -> 0.9.3" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.fastrand]] -who = "Mike Hommey " +[[audits.mozilla.audits.env_logger]] +who = "Nicolas Silva " criteria = "safe-to-deploy" -delta = "1.8.0 -> 1.9.0" +delta = "0.9.3 -> 0.10.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.fluent]] @@ -625,30 +741,6 @@ criteria = "safe-to-deploy" version = "0.11.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.futures]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.3.21 -> 0.3.23" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.futures]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.3.23 -> 0.3.25" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.futures]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.3.25 -> 0.3.26" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.futures]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.3.26 -> 0.3.28" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.futures-channel]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -757,12 +849,6 @@ version = "0.12.3" notes = "This version is used in rust's libstd, so effectively we're already trusting it" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.hermit-abi]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.1.19 -> 0.2.6" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.hex]] who = "Simon Friedberger " criteria = "safe-to-deploy" @@ -806,6 +892,13 @@ criteria = "safe-to-deploy" version = "0.4.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.log]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.4.17 -> 0.4.18" +notes = "One dependency removed, others updated (which we don't rely on), some APIs (which we don't use) changed." +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" + [[audits.mozilla.audits.malloc_buf]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -818,18 +911,6 @@ it's not exploitable. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.memoffset]] -who = "Gabriele Svelto " -criteria = "safe-to-deploy" -delta = "0.6.5 -> 0.7.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.miniz_oxide]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.5.3 -> 0.6.2" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.nom]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -850,25 +931,6 @@ version = "0.1.43" notes = "All code written or reviewed by Josh Stone." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.num-traits]] -who = "Josh Stone " -criteria = "safe-to-deploy" -version = "0.2.15" -notes = "All code written or reviewed by Josh Stone." -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.num_cpus]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.13.1 -> 1.14.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.num_cpus]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.14.0 -> 1.15.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.once_cell]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -881,41 +943,74 @@ criteria = "safe-to-deploy" delta = "0.2.16 -> 0.2.17" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.quote]] +[[audits.mozilla.audits.proc-macro2]] who = "Nika Layzell " criteria = "safe-to-deploy" -version = "1.0.18" +version = "1.0.39" notes = """ -`quote` is a utility crate used by proc-macros to generate TokenStreams -conveniently from source code. The bulk of the logic is some complex -interlocking `macro_rules!` macros which are used to parse and build the -`TokenStream` within the proc-macro. +`proc-macro2` acts as either a thin(-ish) wrapper around the std-provided +`proc_macro` crate, or as a fallback implementation of the crate, depending on +where it is used. -This crate contains no unsafe code, and the internal logic, while difficult to -read, is generally straightforward. I have audited the the quote macros, ident -formatter, and runtime logic. +If using this crate on older versions of rustc (1.56 and earlier), it will +temporarily replace the panic handler while initializing in order to detect if +it is running within a `proc_macro`, which could lead to surprising behaviour. +This should not be an issue for more recent compiler versions, which support +`proc_macro::is_available()`. + +The `proc-macro2` crate's fallback behaviour is not identical to the complex +behaviour of the rustc compiler (e.g. it does not perform unicode normalization +for identifiers), however it behaves well enough for its intended use-case +(tests and scripts processing rust code). + +`proc-macro2` does not use unsafe code, however exposes one `unsafe` API to +allow bypassing checks in the fallback implementation when constructing +`Literal` using `from_str_unchecked`. This was intended to only be used by the +`quote!` macro, however it has been removed +(https://github.com/dtolnay/quote/commit/f621fe64a8a501cae8e95ebd6848e637bbc79078), +and is likely completely unused. Even when used, this API shouldn't be able to +cause unsoundness. """ aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.quote]] +[[audits.mozilla.audits.proc-macro2]] who = "Mike Hommey " criteria = "safe-to-deploy" -delta = "1.0.18 -> 1.0.21" +delta = "1.0.39 -> 1.0.43" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.quote]] +[[audits.mozilla.audits.proc-macro2]] who = "Mike Hommey " criteria = "safe-to-deploy" -delta = "1.0.21 -> 1.0.23" +delta = "1.0.43 -> 1.0.49" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.quote]] +[[audits.mozilla.audits.proc-macro2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "1.0.49 -> 1.0.51" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.proc-macro2]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -delta = "1.0.27 -> 1.0.28" -notes = "Enabled on wasm targets" +delta = "1.0.57 -> 1.0.59" +notes = "Enabled on Wasm" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" +[[audits.mozilla.audits.proc-macro2]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.63 -> 1.0.66" +notes = "Removed special support for some really old Rust versions" +aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" + +[[audits.mozilla.audits.rand_core]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.6.3 -> 0.6.4" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.rayon]] who = "Josh Stone " criteria = "safe-to-deploy" @@ -948,36 +1043,6 @@ criteria = "safe-to-deploy" delta = "1.10.1 -> 1.10.2" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.5.6 -> 1.6.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.6.0 -> 1.7.0" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.7.0 -> 1.7.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex-syntax]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.6.26 -> 0.6.27" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.regex-syntax]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.6.27 -> 0.6.28" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.rustc-hash]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -985,48 +1050,18 @@ version = "1.1.0" notes = "Straightforward crate with no unsafe code, does what it says on the tin." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.serde_cbor]] -who = "R. Martinho Fernandes " -criteria = "safe-to-deploy" -version = "0.11.1" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.serde_cbor]] -who = "John M. Schanck " -criteria = "safe-to-deploy" -delta = "0.11.1 -> 0.11.2" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.serde_json]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.81 -> 1.0.83" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.serde_json]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.83 -> 1.0.85" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.serde_json]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.85 -> 1.0.91" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - -[[audits.mozilla.audits.serde_json]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "1.0.91 -> 1.0.93" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.sha1]] who = "Dana Keeler " criteria = "safe-to-deploy" version = "0.10.5" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.sha2]] +who = "Mike Hommey " +criteria = "safe-to-deploy" +delta = "0.10.2 -> 0.10.6" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.slab]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -1039,6 +1074,13 @@ criteria = "safe-to-deploy" delta = "0.4.7 -> 0.4.8" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.subtle]] +who = "Simon Friedberger " +criteria = "safe-to-deploy" +version = "2.5.0" +notes = "The goal is to provide some constant-time correctness for cryptographic implementations. The approach is reasonable, it is known to be insufficient but this is pointed out in the documentation." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.termcolor]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -1051,6 +1093,12 @@ criteria = "safe-to-deploy" delta = "0.1.44 -> 0.1.45" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.time-core]] +who = "Kershaw Chang " +criteria = "safe-to-deploy" +version = "0.1.0" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.tinystr]] who = "Makoto Kato " criteria = "safe-to-deploy" @@ -1106,11 +1154,11 @@ criteria = "safe-to-deploy" delta = "0.9.0 -> 0.9.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.unicode-ident]] +[[audits.mozilla.audits.uuid]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -delta = "1.0.8 -> 1.0.9" -notes = "Dependency updates only" +delta = "1.3.0 -> 1.4.1" +notes = "Internal refactoring, new target support" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" [[audits.zcash.audits.aead]] @@ -1146,10 +1194,15 @@ criteria = "safe-to-deploy" delta = "0.14.6 -> 0.14.7" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.gimli]] -who = "Jack Grigg " +[[audits.zcash.audits.hashbrown]] +who = "Daira Emma Hopwood " criteria = "safe-to-deploy" -delta = "0.27.0 -> 0.27.2" +delta = "0.13.2 -> 0.14.0" +notes = """ +There is some additional use of unsafe code but the changes in this crate looked plausible. +There is a new default dependency on the `allocator-api2` crate, which itself has quite a lot of unsafe code. +Many previously undocumented safety requirements have been documented. +""" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.indexmap]] @@ -1165,6 +1218,12 @@ version = "0.1.3" notes = "Reviewed in full." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.log]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.4.18 -> 0.4.19" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.nix]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1172,18 +1231,6 @@ delta = "0.26.1 -> 0.26.2" notes = "Fixes `SockaddrIn6` endianness bug." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.regex]] -who = "Sean Bowe " -criteria = "safe-to-deploy" -delta = "1.7.1 -> 1.7.3" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.regex-syntax]] -who = "Sean Bowe " -criteria = "safe-to-deploy" -delta = "0.6.28 -> 0.6.29" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - [[audits.zcash.audits.rustc-demangle]] who = "Sean Bowe " criteria = "safe-to-deploy" @@ -1196,10 +1243,52 @@ criteria = "safe-to-deploy" delta = "0.1.22 -> 0.1.23" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.serde_json]] +[[audits.zcash.audits.sha2]] who = "Jack Grigg " criteria = "safe-to-deploy" -delta = "1.0.95 -> 1.0.96" +delta = "0.10.6 -> 0.10.7" +notes = """ +The new `unsafe` assembly backend only uses aarch64 intrinsics, via their typed +Rust APIs (aside from the SHA2-specific intrinsics that are not in Rust yet). I +did not perform a cryptographic review, but the code to load from and store into +the function arguments looks correct. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.signature]] +who = "Daira Emma Hopwood " +criteria = "safe-to-deploy" +version = "2.1.0" +notes = """ +This crate uses `#![forbid(unsafe_code)]`, has no build script, and only provides traits with some trivial default implementations. +I did not review whether implementing these APIs would present any undocumented cryptographic hazards. +""" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.time-core]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.1.0 -> 0.1.1" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.toml_datetime]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +version = "0.5.1" +notes = "Crate has `#![forbid(unsafe_code)]`, no `unwrap / expect / panic`, no ambient capabilities." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.toml_datetime]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.5.1 -> 0.6.1" +notes = "Fixes a bug in parsing negative minutes in datetime string offsets." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.toml_datetime]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.6.2 -> 0.6.3" aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" [[audits.zcash.audits.universal-hash]] @@ -1209,6 +1298,19 @@ delta = "0.4.1 -> 0.5.0" notes = "I checked correctness of to_blocks which uses unsafe code in a safe function." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" +[[audits.zcash.audits.wasm-bindgen-shared]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.2.83 -> 0.2.84" +notes = "Bumps the schema version to add `linked_modules`." +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + +[[audits.zcash.audits.wasm-bindgen-shared]] +who = "Jack Grigg " +criteria = "safe-to-deploy" +delta = "0.2.84 -> 0.2.87" +aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" + [[audits.zcash.audits.which]] who = "Jack Grigg " criteria = "safe-to-deploy" @@ -1216,61 +1318,6 @@ delta = "4.3.0 -> 4.4.0" notes = "New APIs are remixes of existing code." aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" -[[audits.zcash.audits.windows-targets]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_aarch64_gnullvm]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_aarch64_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_i686_gnu]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_i686_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_gnu]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_gnullvm]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - -[[audits.zcash.audits.windows_x86_64_msvc]] -who = "Jack Grigg " -criteria = "safe-to-deploy" -delta = "0.42.1 -> 0.42.2" -notes = "This is an opaque Windows API bindings library maintained by Microsoft." -aggregated-from = "https://raw.githubusercontent.com/zcash/zcash/master/qa/supply-chain/audits.toml" - [[audits.zcash.audits.zeroize]] who = "Sean Bowe " criteria = "safe-to-deploy"