mirrors/rage
1
0
Fork 0
mirror of https://github.com/str4d/rage.git synced 2025-04-04 03:17:42 +03:00
Code Issues Projects Releases Packages Wiki Activity

Migrate from gumdrop to clap

Browse source 
Closes str4d/rage#437.
This commit is contained in:
Jack Grigg 2024-01-08 03:00:36 +00:00
parent 50cb0a538a
commit f9087bea50
24 changed files with 334 additions and 366 deletions
Download patch file Download diff file Expand all files Collapse all files

46
Cargo.lock generated
View file

@ -126,7 +126,7 @@ dependencies = [
"base64", "base64",
"bech32", "bech32",
"chrono", "chrono",
"gumdrop", "clap",
] ]
[[package]] [[package]]
@ -497,6 +497,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fb690e81c7840c0d7aade59f242ea3b41b9bc27bcd5997890e7702ae4b32e487" checksum = "fb690e81c7840c0d7aade59f242ea3b41b9bc27bcd5997890e7702ae4b32e487"
dependencies = [ dependencies = [
"clap_builder", "clap_builder",
"clap_derive",
"once_cell",
] ]
[[package]] [[package]]
@ -505,8 +507,10 @@ version = "4.3.24"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5ed2e96bc16d8d740f6f48d663eddf4b8a0983e79210fd55479b7bcd0a69860e" checksum = "5ed2e96bc16d8d740f6f48d663eddf4b8a0983e79210fd55479b7bcd0a69860e"
dependencies = [ dependencies = [
"anstream",
"anstyle", "anstyle",
"clap_lex", "clap_lex",
"strsim",
] ]
[[package]] [[package]]
@ -518,6 +522,18 @@ dependencies = [
"clap", "clap",
] ]
[[package]]
name = "clap_derive"
version = "4.3.12"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "54a9bb5758fc5dfe728d1019941681eccaf0cf8a4189b692a0ee2f2ecf90a050"
dependencies = [
"heck",
"proc-macro2",
"quote",
"syn 2.0.46",
]
[[package]] [[package]]
name = "clap_lex" name = "clap_lex"
version = "0.5.0" version = "0.5.0"
@ -1118,26 +1134,6 @@ version = "0.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b"
[[package]]
name = "gumdrop"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5bc700f989d2f6f0248546222d9b4258f5b02a171a431f8285a81c08142629e3"
dependencies = [
"gumdrop_derive",
]
[[package]]
name = "gumdrop_derive"
version = "0.8.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "729f9bd3449d77e7831a18abfb7ba2f99ee813dfd15b8c2167c9a54ba20aa99d"
dependencies = [
"proc-macro2",
"quote",
"syn 1.0.109",
]
[[package]] [[package]]
name = "half" name = "half"
version = "1.8.2" version = "1.8.2"
@ -1150,6 +1146,12 @@ version = "0.14.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604" checksum = "290f1a1d9242c78d09ce40a5e87e7554ee637af1351968159f4952f028f75604"
[[package]]
name = "heck"
version = "0.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8"
[[package]] [[package]]
name = "hermit-abi" name = "hermit-abi"
version = "0.3.3" version = "0.3.3"
@ -2002,7 +2004,6 @@ dependencies = [
"flate2", "flate2",
"fuse_mt", "fuse_mt",
"fuser", "fuser",
"gumdrop",
"i18n-embed", "i18n-embed",
"i18n-embed-fl", "i18n-embed-fl",
"lazy_static", "lazy_static",
@ -2521,7 +2522,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237" checksum = "72b64191b275b66ffe2469e8af2c1cfe3bafa67b529ead792a6d0160888b4237"
dependencies = [ dependencies = [
"proc-macro2", "proc-macro2",
"quote",
"unicode-ident", "unicode-ident",
] ]

2
Cargo.toml
View file

@ -61,7 +61,7 @@ rust-embed = "8"
# CLI # CLI
chrono = "0.4" chrono = "0.4"
clap = { version = "4.3", features = ["derive"] }
console = { version = "0.15", default-features = false } console = { version = "0.15", default-features = false }
env_logger = "0.10" env_logger = "0.10"
gumdrop = "0.8"
log = "0.4" log = "0.4"

2
age-plugin/Cargo.toml
View file

@ -21,7 +21,7 @@ bech32.workspace = true
chrono.workspace = true chrono.workspace = true
[dev-dependencies] [dev-dependencies]
gumdrop.workspace = true clap.workspace = true
[lib] [lib]
bench = false bench = false

14
age-plugin/README.md
View file

@ -67,7 +67,7 @@ users will use identity files containing identities that specify that plugin nam
## Example plugin binary ## Example plugin binary
The following example uses `gumdrop` to parse CLI arguments, but any argument parsing The following example uses `clap` to parse CLI arguments, but any argument parsing
logic will work as long as it can detect the `--age-plugin=STATE_MACHINE` flag. logic will work as long as it can detect the `--age-plugin=STATE_MACHINE` flag.
```rust ```rust
@ -78,7 +78,8 @@ use age_plugin::{
recipient::{self, RecipientPluginV1}, recipient::{self, RecipientPluginV1},
Callbacks, run_state_machine, Callbacks, run_state_machine,
}; };
use gumdrop::Options; use clap::Parser;
use std::collections::HashMap; use std::collections::HashMap;
use std::io; use std::io;
@ -133,17 +134,14 @@ impl IdentityPluginV1 for IdentityPlugin {
} }
} }
#[derive(Debug, Options)] #[derive(Debug, Parser)]
struct PluginOptions { struct PluginOptions {
#[options(help = "print help message")] #[arg(help = "run the given age plugin state machine", long)]
help: bool,
#[options(help = "run the given age plugin state machine", no_short)]
age_plugin: Option<String>, age_plugin: Option<String>,
} }
fn main() -> io::Result<()> { fn main() -> io::Result<()> {
let opts = PluginOptions::parse_args_default_or_exit(); let opts = PluginOptions::parse();
if let Some(state_machine) = opts.age_plugin { if let Some(state_machine) = opts.age_plugin {
// The plugin was started by an age client; run the state machine. // The plugin was started by an age client; run the state machine.

11
age-plugin/examples/age-plugin-unencrypted.rs
View file

@ -8,7 +8,7 @@ use age_plugin::{
recipient::{self, RecipientPluginV1}, recipient::{self, RecipientPluginV1},
run_state_machine, Callbacks, run_state_machine, Callbacks,
}; };
use gumdrop::Options; use clap::Parser;
use std::collections::HashMap; use std::collections::HashMap;
use std::env; use std::env;
@ -139,17 +139,14 @@ impl IdentityPluginV1 for IdentityPlugin {
} }
} }
#[derive(Debug, Options)] #[derive(Debug, Parser)]
struct PluginOptions { struct PluginOptions {
#[options(help = "print help message")] #[arg(help = "run the given age plugin state machine", long)]
help: bool,
#[options(help = "run the given age plugin state machine", no_short)]
age_plugin: Option<String>, age_plugin: Option<String>,
} }
fn main() -> io::Result<()> { fn main() -> io::Result<()> {
let opts = PluginOptions::parse_args_default_or_exit(); let opts = PluginOptions::parse();
if let Some(state_machine) = opts.age_plugin { if let Some(state_machine) = opts.age_plugin {
run_state_machine( run_state_machine(

14
age-plugin/src/lib.rs
View file

@ -65,7 +65,7 @@
//! //!
//! # Example plugin binary //! # Example plugin binary
//! //!
//! The following example uses `gumdrop` to parse CLI arguments, but any argument parsing //! The following example uses `clap` to parse CLI arguments, but any argument parsing
//! logic will work as long as it can detect the `--age-plugin=STATE_MACHINE` flag. //! logic will work as long as it can detect the `--age-plugin=STATE_MACHINE` flag.
//! //!
//! ``` //! ```
@ -76,7 +76,8 @@
//! recipient::{self, RecipientPluginV1}, //! recipient::{self, RecipientPluginV1},
//! Callbacks, run_state_machine, //! Callbacks, run_state_machine,
//! }; //! };
//! use gumdrop::Options; //! use clap::Parser;
//!
//! use std::collections::HashMap; //! use std::collections::HashMap;
//! use std::io; //! use std::io;
//! //!
@ -131,17 +132,14 @@
//! } //! }
//! } //! }
//! //!
//! #[derive(Debug, Options)] //! #[derive(Debug, Parser)]
//! struct PluginOptions { //! struct PluginOptions {
//! #[options(help = "print help message")] //! #[arg(help = "run the given age plugin state machine", long)]
//! help: bool,
//!
//! #[options(help = "run the given age plugin state machine", no_short)]
//! age_plugin: Option<String>, //! age_plugin: Option<String>,
//! } //! }
//! //!
//! fn main() -> io::Result<()> { //! fn main() -> io::Result<()> {
//! let opts = PluginOptions::parse_args_default_or_exit(); //! let opts = PluginOptions::parse();
//! //!
//! if let Some(state_machine) = opts.age_plugin { //! if let Some(state_machine) = opts.age_plugin {
//! // The plugin was started by an age client; run the state machine. //! // The plugin was started by an age client; run the state machine.

1
rage/CHANGELOG.md
View file

@ -11,6 +11,7 @@ to 1.0.0 are beta releases.
## [Unreleased] ## [Unreleased]
### Changed ### Changed
- MSRV is now 1.65.0. - MSRV is now 1.65.0.
- Migrated from `gumdrop` to `clap` for argument parsing.
### Fixed ### Fixed
- OpenSSH private keys passed to `-i/--identity` that contain invalid public - OpenSSH private keys passed to `-i/--identity` that contain invalid public

3
rage/Cargo.toml
View file

@ -56,9 +56,9 @@ maintenance = { status = "experimental" }
# rage and rage-keygen dependencies # rage and rage-keygen dependencies
age = { workspace = true, features = ["armor", "cli-common", "plugin"] } age = { workspace = true, features = ["armor", "cli-common", "plugin"] }
chrono.workspace = true chrono.workspace = true
clap.workspace = true
console.workspace = true console.workspace = true
env_logger.workspace = true env_logger.workspace = true
gumdrop.workspace = true
i18n-embed = { workspace = true, features = ["desktop-requester"] } i18n-embed = { workspace = true, features = ["desktop-requester"] }
i18n-embed-fl.workspace = true i18n-embed-fl.workspace = true
lazy_static.workspace = true lazy_static.workspace = true
@ -76,7 +76,6 @@ time = { version = ">=0.3.7, <0.3.24", optional = true } # time 0.3.24 has MSRV
zip = { version = "0.6.2", optional = true } zip = { version = "0.6.2", optional = true }
[dev-dependencies] [dev-dependencies]
clap = { version = "4", default-features = false }
clap_complete = "4" clap_complete = "4"
flate2 = "1" flate2 = "1"
man = "0.3" man = "0.3"

8
rage/i18n/en-US/rage.ftl
View file

@ -35,13 +35,7 @@
usage-header = Usage: usage-header = Usage:
rage-usage = rage-after-help =
{usage-header}
{" "}{$usage_a}
{" "}{$usage_b}
{$flags}
{-input} defaults to standard input, and {-output} defaults to standard output. {-input} defaults to standard input, and {-output} defaults to standard output.
{-recipient} can be: {-recipient} can be:

8
rage/i18n/es-AR/rage.ftl
View file

@ -35,13 +35,7 @@
usage-header = Usage: usage-header = Usage:
rage-usage = rage-after-help =
{usage-header}
{" "}{$usage_a}
{" "}{$usage_b}
{$flags}
{-input} por defecto a standard input, y {-output} por defecto standard output. {-input} por defecto a standard input, y {-output} por defecto standard output.
{-recipient} puede ser: {-recipient} puede ser:

8
rage/i18n/it/rage.ftl
View file

@ -35,13 +35,7 @@
usage-header = Usage: usage-header = Usage:
rage-usage = rage-after-help =
{usage-header}
{" "}{$usage_a}
{" "}{$usage_b}
{$flags}
{-input} ha come valore predefinito lo standard input, e {-output} ha come {-input} ha come valore predefinito lo standard input, e {-output} ha come
valore predefinito lo standard output. valore predefinito lo standard output.

8
rage/i18n/zh-CN/rage.ftl
View file

@ -35,13 +35,7 @@
usage-header = Usage: usage-header = Usage:
rage-usage = rage-after-help =
{usage-header}
{" "}{$usage_a}
{" "}{$usage_b}
{$flags}
{-input} 默认为标准输入 (stdin), 而 {-output} 默认为标准输出 (stdout) 。 {-input} 默认为标准输入 (stdin), 而 {-output} 默认为标准输出 (stdout) 。
{-recipient} 可为: {-recipient} 可为:

8
rage/i18n/zh-TW/rage.ftl
View file

@ -35,13 +35,7 @@
usage-header = Usage: usage-header = Usage:
rage-usage = rage-after-help =
{usage-header}
{" "}{$usage_a}
{" "}{$usage_b}
{$flags}
{-input} 默認為標準輸入 (stdin), 而 {-output} 默認為標準輸出 (stdout) 。 {-input} 默認為標準輸入 (stdin), 而 {-output} 默認為標準輸出 (stdout) 。
{-recipient} 可為: {-recipient} 可為:

85
rage/src/bin/rage-keygen/main.rs
View file

@ -1,7 +1,7 @@
#![forbid(unsafe_code)] #![forbid(unsafe_code)]
use age::{cli_common::file_io, secrecy::ExposeSecret}; use age::{cli_common::file_io, secrecy::ExposeSecret};
use gumdrop::Options; use clap::{ArgAction, Parser};
use i18n_embed::{ use i18n_embed::{
fluent::{fluent_language_loader, FluentLanguageLoader}, fluent::{fluent_language_loader, FluentLanguageLoader},
DesktopLanguageRequester, DesktopLanguageRequester,
@ -31,15 +31,23 @@ macro_rules! fl {
}}; }};
} }
#[derive(Debug, Options)] #[derive(Debug, Parser)]
#[command(display_name = "rage-keygen")]
#[command(name = "rage-keygen")]
#[command(version)]
#[command(disable_help_flag(true))]
#[command(disable_version_flag(true))]
struct AgeOptions { struct AgeOptions {
#[options(help = "Print this help message and exit.")] #[arg(action = ArgAction::Help, short, long)]
help: bool, #[arg(help = "Print this help message and exit.")]
help: Option<bool>,
#[options(help = "Print version info and exit.", short = "V")] #[arg(action = ArgAction::Version, short = 'V', long)]
version: bool, #[arg(help = "Print version info and exit.")]
version: Option<bool>,
#[options(help = "Write the result to the file at path OUTPUT. Defaults to standard output.")] #[arg(short, long)]
#[arg(help = "Write the result to the file at path OUTPUT. Defaults to standard output.")]
output: Option<String>, output: Option<String>,
} }
@ -57,40 +65,35 @@ fn main() -> Result<(), error::Error> {
// Isolation Marks, so we disable them for now. // Isolation Marks, so we disable them for now.
LANGUAGE_LOADER.set_use_isolating(false); LANGUAGE_LOADER.set_use_isolating(false);
let opts = AgeOptions::parse_args_default_or_exit(); let opts = AgeOptions::parse();
let mut output = file_io::OutputWriter::new(
opts.output,
false,
file_io::OutputFormat::Text,
0o600,
false,
)
.map_err(error::Error::FailedToOpenOutput)?;
let sk = age::x25519::Identity::generate();
let pk = sk.to_public();
(|| {
writeln!(
output,
"# {}: {}",
fl!("identity-file-created"),
chrono::Local::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true)
)?;
writeln!(output, "# {}: {}", fl!("identity-file-pubkey"), pk)?;
writeln!(output, "{}", sk.to_string().expose_secret())?;
if !output.is_terminal() {
eprintln!("{}: {}", fl!("tty-pubkey"), pk);
}
if opts.version {
println!("rage-keygen {}", env!("CARGO_PKG_VERSION"));
Ok(()) Ok(())
} else { })()
let mut output = file_io::OutputWriter::new( .map_err(error::Error::FailedToWriteOutput)
opts.output,
false,
file_io::OutputFormat::Text,
0o600,
false,
)
.map_err(error::Error::FailedToOpenOutput)?;
let sk = age::x25519::Identity::generate();
let pk = sk.to_public();
(|| {
writeln!(
output,
"# {}: {}",
fl!("identity-file-created"),
chrono::Local::now().to_rfc3339_opts(chrono::SecondsFormat::Secs, true)
)?;
writeln!(output, "# {}: {}", fl!("identity-file-pubkey"), pk)?;
writeln!(output, "{}", sk.to_string().expose_secret())?;
if !output.is_terminal() {
eprintln!("{}: {}", fl!("tty-pubkey"), pk);
}
Ok(())
})()
.map_err(error::Error::FailedToWriteOutput)
}
} }

53
rage/src/bin/rage-mount/main.rs
View file

@ -5,9 +5,9 @@ use age::{
cli_common::{read_identities, read_secret}, cli_common::{read_identities, read_secret},
stream::StreamReader, stream::StreamReader,
}; };
use clap::{ArgAction, CommandFactory, Parser};
use fuse_mt::FilesystemMT; use fuse_mt::FilesystemMT;
use fuser::MountOption; use fuser::MountOption;
use gumdrop::Options;
use i18n_embed::{ use i18n_embed::{
fluent::{fluent_language_loader, FluentLanguageLoader}, fluent::{fluent_language_loader, FluentLanguageLoader},
DesktopLanguageRequester, DesktopLanguageRequester,
@ -125,31 +125,37 @@ impl fmt::Debug for Error {
} }
} }
#[derive(Debug, Options)] #[derive(Debug, Parser)]
#[command(display_name = "rage-mount")]
#[command(name = "rage-mount")]
#[command(version)]
#[command(disable_help_flag(true))]
#[command(disable_version_flag(true))]
struct AgeMountOptions { struct AgeMountOptions {
#[options(free, help = "The encrypted filesystem to mount.")] #[arg(help = "The encrypted filesystem to mount.")]
filename: String, filename: String,
#[options(free, help = "The directory to mount the filesystem at.")] #[arg(help = "The directory to mount the filesystem at.")]
mountpoint: String, mountpoint: String,
#[options(help = "Print this help message and exit.")] #[arg(action = ArgAction::Help, short, long)]
help: bool, #[arg(help = "Print this help message and exit.")]
help: Option<bool>,
#[options(help = "Print version info and exit.", short = "V")] #[arg(action = ArgAction::Version, short = 'V', long)]
version: bool, #[arg(help = "Print version info and exit.")]
version: Option<bool>,
#[options(help = "Indicates the filesystem type (one of \"tar\", \"zip\").")] #[arg(short, long)]
#[arg(help = "Indicates the filesystem type (one of \"tar\", \"zip\").")]
types: String, types: String,
#[options( #[arg(long, value_name = "WF")]
help = "Maximum work factor to allow for passphrase decryption.", #[arg(help = "Maximum work factor to allow for passphrase decryption.")]
meta = "WF",
no_short
)]
max_work_factor: Option<u8>, max_work_factor: Option<u8>,
#[options(help = "Use the private key file at IDENTITY. May be repeated.")] #[arg(short, long)]
#[arg(help = "Use the private key file at IDENTITY. May be repeated.")]
identity: Vec<String>, identity: Vec<String>,
} }
@ -219,24 +225,13 @@ fn main() -> Result<(), Error> {
// Isolation Marks, so we disable them for now. // Isolation Marks, so we disable them for now.
LANGUAGE_LOADER.set_use_isolating(false); LANGUAGE_LOADER.set_use_isolating(false);
let args = args().collect::<Vec<_>>(); if console::user_attended() && args().len() == 1 {
AgeMountOptions::command().print_help()?;
if console::user_attended() && args.len() == 1 {
// If gumdrop ever merges that PR, that can be used here
// instead.
println!("{} {} [OPTIONS]", fl!("usage-header"), args[0]);
println!();
println!("{}", AgeMountOptions::usage());
return Ok(()); return Ok(());
} }
let opts = AgeMountOptions::parse_args_default_or_exit(); let opts = AgeMountOptions::parse();
if opts.version {
println!("rage-mount {}", env!("CARGO_PKG_VERSION"));
return Ok(());
}
if opts.filename.is_empty() { if opts.filename.is_empty() {
return Err(Error::MissingFilename); return Err(Error::MissingFilename);
} }

214
rage/src/bin/rage/main.rs
View file

@ -9,7 +9,7 @@ use age::{
secrecy::ExposeSecret, secrecy::ExposeSecret,
Identity, IdentityFile, IdentityFileEntry, Recipient, Identity, IdentityFile, IdentityFileEntry, Recipient,
}; };
use gumdrop::{Options, ParsingStyle}; use clap::{ArgAction, CommandFactory, Parser};
use i18n_embed::{ use i18n_embed::{
fluent::{fluent_language_loader, FluentLanguageLoader}, fluent::{fluent_language_loader, FluentLanguageLoader},
DesktopLanguageRequester, DesktopLanguageRequester,
@ -233,56 +233,106 @@ fn read_recipients(
Ok(recipients) Ok(recipients)
} }
#[derive(Debug, Options)] fn binary_name() -> String {
if let Some(arg) = std::env::args_os().next() {
Path::new(&arg)
.file_name()
.expect("is not directory")
.to_string_lossy()
.to_string()
} else {
"rage".into()
}
}
fn usage() -> String {
let binary_name = binary_name();
format!(
"{binary_name} [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT]\n \
{binary_name} --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]",
)
}
fn after_help() -> String {
let binary_name = binary_name();
let keygen_name = format!("{}-keygen", binary_name);
let example_a = format!("$ {} -o key.txt", keygen_name);
let example_a_output = "age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p";
let example_b = format!(
"$ tar cvz ~/data | {} -r {} > data.tar.gz.age",
binary_name, example_a_output,
);
let example_c = format!(
"$ {} -d -i key.txt -o data.tar.gz data.tar.gz.age",
binary_name,
);
fl!(
"rage-after-help",
keygen_name = keygen_name,
example_a = example_a,
example_a_output = example_a_output,
example_b = example_b,
example_c = example_c,
)
}
#[derive(Debug, Parser)]
#[command(version)]
#[command(override_usage(usage()))]
#[command(disable_help_flag(true))]
#[command(disable_version_flag(true))]
#[command(after_help(after_help()))]
struct AgeOptions { struct AgeOptions {
#[options(free, help = "Path to a file to read from.")] #[arg(help = "Path to a file to read from.")]
input: Option<String>, input: Option<String>,
#[options(help = "Print this help message and exit.")] #[arg(action = ArgAction::Help, short, long)]
help: bool, #[arg(help = "Print this help message and exit.")]
help: Option<bool>,
#[options(help = "Print version info and exit.", short = "V")] #[arg(action = ArgAction::Version, short = 'V', long)]
version: bool, #[arg(help = "Print version info and exit.")]
version: Option<bool>,
#[options(help = "Encrypt the input (the default).")] #[arg(short, long)]
#[arg(help = "Encrypt the input (the default).")]
encrypt: bool, encrypt: bool,
#[options(help = "Decrypt the input.")] #[arg(short, long)]
#[arg(help = "Decrypt the input.")]
decrypt: bool, decrypt: bool,
#[options(help = "Encrypt with a passphrase instead of recipients.")] #[arg(short, long)]
#[arg(help = "Encrypt with a passphrase instead of recipients.")]
passphrase: bool, passphrase: bool,
#[options( #[arg(long, value_name = "WF")]
help = "Maximum work factor to allow for passphrase decryption.", #[arg(help = "Maximum work factor to allow for passphrase decryption.")]
meta = "WF",
no_short
)]
max_work_factor: Option<u8>, max_work_factor: Option<u8>,
#[options(help = "Encrypt to a PEM encoded format.")] #[arg(short, long)]
#[arg(help = "Encrypt to a PEM encoded format.")]
armor: bool, armor: bool,
#[options(help = "Encrypt to the specified RECIPIENT. May be repeated.")] #[arg(short, long)]
#[arg(help = "Encrypt to the specified RECIPIENT. May be repeated.")]
recipient: Vec<String>, recipient: Vec<String>,
#[options( #[arg(short = 'R', long, value_name = "PATH")]
help = "Encrypt to the recipients listed at PATH. May be repeated.", #[arg(help = "Encrypt to the recipients listed at PATH. May be repeated.")]
meta = "PATH"
)]
recipients_file: Vec<String>, recipients_file: Vec<String>,
#[options(help = "Use the identity file at IDENTITY. May be repeated.")] #[arg(short, long)]
#[arg(help = "Use the identity file at IDENTITY. May be repeated.")]
identity: Vec<String>, identity: Vec<String>,
#[options( #[arg(short = 'j', value_name = "PLUGIN-NAME")]
help = "Use age-plugin-PLUGIN-NAME in its default mode as an identity.", #[arg(help = "Use age-plugin-PLUGIN-NAME in its default mode as an identity.")]
no_long, plugin_name: Option<String>,
short = "j"
)]
plugin_name: String,
#[options(help = "Write the result to the file at path OUTPUT.")] #[arg(short, long)]
#[arg(help = "Write the result to the file at path OUTPUT.")]
output: Option<String>, output: Option<String>,
} }
@ -344,7 +394,7 @@ impl<R: io::Read, const N: usize> io::Read for ReadChecker<R, N> {
} }
fn encrypt(opts: AgeOptions) -> Result<(), error::EncryptError> { fn encrypt(opts: AgeOptions) -> Result<(), error::EncryptError> {
if !opts.plugin_name.is_empty() { if opts.plugin_name.is_some() {
return Err(error::EncryptError::PluginNameFlag); return Err(error::EncryptError::PluginNameFlag);
} }
@ -479,7 +529,7 @@ fn decrypt(opts: AgeOptions) -> Result<(), error::DecryptError> {
return Err(error::DecryptError::RecipientsFileFlag); return Err(error::DecryptError::RecipientsFileFlag);
} }
if !(opts.identity.is_empty() || opts.plugin_name.is_empty()) { if !(opts.identity.is_empty() || opts.plugin_name.is_none()) {
return Err(error::DecryptError::MixedIdentityAndPluginName); return Err(error::DecryptError::MixedIdentityAndPluginName);
} }
@ -549,13 +599,14 @@ fn decrypt(opts: AgeOptions) -> Result<(), error::DecryptError> {
} }
} }
age::Decryptor::Recipients(decryptor) => { age::Decryptor::Recipients(decryptor) => {
let identities = if opts.plugin_name.is_empty() { let plugin_name = opts.plugin_name.as_deref().unwrap_or_default();
let identities = if plugin_name.is_empty() {
read_identities(opts.identity, opts.max_work_factor)? read_identities(opts.identity, opts.max_work_factor)?
} else { } else {
// Construct the default plugin. // Construct the default plugin.
vec![Box::new(plugin::IdentityPluginV1::new( vec![Box::new(plugin::IdentityPluginV1::new(
&opts.plugin_name, plugin_name,
&[plugin::Identity::default_for_plugin(&opts.plugin_name)], &[plugin::Identity::default_for_plugin(plugin_name)],
UiCallbacks, UiCallbacks,
)?) as Box<dyn Identity>] )?) as Box<dyn Identity>]
}; };
@ -588,82 +639,39 @@ fn main() -> Result<(), error::Error> {
// Isolation Marks, so we disable them for now. // Isolation Marks, so we disable them for now.
LANGUAGE_LOADER.set_use_isolating(false); LANGUAGE_LOADER.set_use_isolating(false);
let args = args().collect::<Vec<_>>();
let opts = AgeOptions::parse_args(&args[1..], ParsingStyle::default()).unwrap_or_else(|e| {
eprintln!("{}: {}", args[0], e);
std::process::exit(2);
});
// If you are piping input with no other args, this will not allow // If you are piping input with no other args, this will not allow
// it. // it.
if (console::user_attended() && args.len() == 1) || opts.help_requested() { if console::user_attended() && args().len() == 1 {
let binary_name = args[0].as_str(); AgeOptions::command()
let keygen_name = format!("{}-keygen", binary_name); .print_help()
let usage_a = format!( .map_err(error::EncryptError::Io)?;
"{} [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT]",
binary_name
);
let usage_b = format!(
"{} --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]",
binary_name
);
let example_a = format!("$ {} -o key.txt", keygen_name);
let example_a_output = "age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p";
let example_b = format!(
"$ tar cvz ~/data | {} -r {} > data.tar.gz.age",
binary_name, example_a_output
);
let example_c = format!(
"$ {} -d -i key.txt -o data.tar.gz data.tar.gz.age",
binary_name
);
println!(
"{}",
fl!(
"rage-usage",
usage_a = usage_a,
usage_b = usage_b,
flags = AgeOptions::usage(),
keygen_name = keygen_name,
example_a = example_a,
example_a_output = example_a_output,
example_b = example_b,
example_c = example_c,
)
);
return Ok(()); return Ok(());
} }
if opts.version { let opts = AgeOptions::parse();
println!("rage {}", env!("CARGO_PKG_VERSION"));
Ok(())
} else {
if opts.encrypt && opts.decrypt {
return Err(error::Error::MixedEncryptAndDecrypt);
}
if !(opts.identity.is_empty() || opts.encrypt || opts.decrypt) {
return Err(error::Error::IdentityFlagAmbiguous);
}
if let (Some(in_file), Some(out_file)) = (&opts.input, &opts.output) { if opts.encrypt && opts.decrypt {
// Check that the given filenames do not correspond to the same file. return Err(error::Error::MixedEncryptAndDecrypt);
let in_path = Path::new(&in_file); }
let out_path = Path::new(&out_file); if !(opts.identity.is_empty() || opts.encrypt || opts.decrypt) {
match (in_path.canonicalize(), out_path.canonicalize()) { return Err(error::Error::IdentityFlagAmbiguous);
(Ok(in_abs), Ok(out_abs)) if in_abs == out_abs => { }
return Err(error::Error::SameInputAndOutput(out_file.clone()));
} if let (Some(in_file), Some(out_file)) = (&opts.input, &opts.output) {
_ => (), // Check that the given filenames do not correspond to the same file.
let in_path = Path::new(&in_file);
let out_path = Path::new(&out_file);
match (in_path.canonicalize(), out_path.canonicalize()) {
(Ok(in_abs), Ok(out_abs)) if in_abs == out_abs => {
return Err(error::Error::SameInputAndOutput(out_file.clone()));
} }
} _ => (),
if opts.decrypt {
decrypt(opts).map_err(error::Error::from)
} else {
encrypt(opts).map_err(error::Error::from)
} }
} }
if opts.decrypt {
decrypt(opts).map_err(error::Error::from)
} else {
encrypt(opts).map_err(error::Error::from)
}
} }

14
rage/tests/cmd/rage-keygen/help.toml
View file

@ -1,11 +1,11 @@
bin.name = "rage-keygen" bin.name = "rage-keygen"
args = "--help" args = "--help"
stdout = "" stdout = """
stderr = """ Usage: rage-keygen[EXE] [OPTIONS]
Usage: [..]rage-keygen[EXE] [OPTIONS]
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-o, --output OUTPUT Write the result to the file at path OUTPUT. Defaults to standard output. -o, --output <OUTPUT> Write the result to the file at path OUTPUT. Defaults to standard output.
""" """
stderr = ""

14
rage/tests/cmd/rage-keygen/help_it.toml
View file

@ -1,12 +1,12 @@
bin.name = "rage-keygen" bin.name = "rage-keygen"
args = "--help" args = "--help"
env.add.LANG = "it" env.add.LANG = "it"
stdout = "" stdout = """
stderr = """ Usage: rage-keygen[EXE] [OPTIONS]
Usage: [..]rage-keygen[EXE] [OPTIONS]
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-o, --output OUTPUT Write the result to the file at path OUTPUT. Defaults to standard output. -o, --output <OUTPUT> Write the result to the file at path OUTPUT. Defaults to standard output.
""" """
stderr = ""

24
rage/tests/cmd/rage-mount/help.toml
View file

@ -1,17 +1,17 @@
bin.name = "rage-mount" bin.name = "rage-mount"
args = "--help" args = "--help"
stdout = "" stdout = """
stderr = """ Usage: rage-mount[EXE] [OPTIONS] --types <TYPES> <FILENAME> <MOUNTPOINT>
Usage: [..]rage-mount[EXE] [OPTIONS]
Positional arguments: Arguments:
filename The encrypted filesystem to mount. <FILENAME> The encrypted filesystem to mount.
mountpoint The directory to mount the filesystem at. <MOUNTPOINT> The directory to mount the filesystem at.
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-t, --types TYPES Indicates the filesystem type (one of "tar", "zip"). -t, --types <TYPES> Indicates the filesystem type (one of "tar", "zip").
--max-work-factor WF Maximum work factor to allow for passphrase decryption. --max-work-factor <WF> Maximum work factor to allow for passphrase decryption.
-i, --identity IDENTITY Use the private key file at IDENTITY. May be repeated. -i, --identity <IDENTITY> Use the private key file at IDENTITY. May be repeated.
""" """
stderr = ""

24
rage/tests/cmd/rage-mount/help_it.toml
View file

@ -1,18 +1,18 @@
bin.name = "rage-mount" bin.name = "rage-mount"
args = "--help" args = "--help"
env.add.LANG = "it" env.add.LANG = "it"
stdout = "" stdout = """
stderr = """ Usage: rage-mount[EXE] [OPTIONS] --types <TYPES> <FILENAME> <MOUNTPOINT>
Usage: [..]rage-mount[EXE] [OPTIONS]
Positional arguments: Arguments:
filename The encrypted filesystem to mount. <FILENAME> The encrypted filesystem to mount.
mountpoint The directory to mount the filesystem at. <MOUNTPOINT> The directory to mount the filesystem at.
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-t, --types TYPES Indicates the filesystem type (one of "tar", "zip"). -t, --types <TYPES> Indicates the filesystem type (one of "tar", "zip").
--max-work-factor WF Maximum work factor to allow for passphrase decryption. --max-work-factor <WF> Maximum work factor to allow for passphrase decryption.
-i, --identity IDENTITY Use the private key file at IDENTITY. May be repeated. -i, --identity <IDENTITY> Use the private key file at IDENTITY. May be repeated.
""" """
stderr = ""

43
rage/tests/cmd/rage/help.toml
View file

@ -1,31 +1,30 @@
bin.name = "rage" bin.name = "rage"
args = "--help" args = "--help"
stdout = """ stdout = """
Usage: Usage: rage[EXE] [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT]
[..]rage[EXE] [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT] rage[EXE] --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]
[..]rage[EXE] --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]
Positional arguments: Arguments:
input Path to a file to read from. [INPUT] Path to a file to read from.
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-e, --encrypt Encrypt the input (the default). -e, --encrypt Encrypt the input (the default).
-d, --decrypt Decrypt the input. -d, --decrypt Decrypt the input.
-p, --passphrase Encrypt with a passphrase instead of recipients. -p, --passphrase Encrypt with a passphrase instead of recipients.
--max-work-factor WF Maximum work factor to allow for passphrase decryption. --max-work-factor <WF> Maximum work factor to allow for passphrase decryption.
-a, --armor Encrypt to a PEM encoded format. -a, --armor Encrypt to a PEM encoded format.
-r, --recipient RECIPIENT Encrypt to the specified RECIPIENT. May be repeated. -r, --recipient <RECIPIENT> Encrypt to the specified RECIPIENT. May be repeated.
-R, --recipients-file PATH Encrypt to the recipients listed at PATH. May be repeated. -R, --recipients-file <PATH> Encrypt to the recipients listed at PATH. May be repeated.
-i, --identity IDENTITY Use the identity file at IDENTITY. May be repeated. -i, --identity <IDENTITY> Use the identity file at IDENTITY. May be repeated.
-j PLUGIN-NAME Use age-plugin-PLUGIN-NAME in its default mode as an identity. -j <PLUGIN-NAME> Use age-plugin-PLUGIN-NAME in its default mode as an identity.
-o, --output OUTPUT Write the result to the file at path OUTPUT. -o, --output <OUTPUT> Write the result to the file at path OUTPUT.
INPUT defaults to standard input, and OUTPUT defaults to standard output. INPUT defaults to standard input, and OUTPUT defaults to standard output.
RECIPIENT can be: RECIPIENT can be:
- An age public key, as generated by [..]rage-keygen ("age1..."). - An age public key, as generated by rage-keygen ("age1...").
- An SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA..."). - An SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...").
PATH is a path to a file containing age recipients, one per line PATH is a path to a file containing age recipients, one per line
@ -37,9 +36,9 @@ Passphrase-encrypted age identity files can be used as identity files.
Multiple identities may be provided, and any unused ones will be ignored. Multiple identities may be provided, and any unused ones will be ignored.
Example: Example:
$ [..]rage-keygen -o key.txt $ rage-keygen -o key.txt
Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p Public key: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
$ tar cvz ~/data | [..]rage -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age $ tar cvz ~/data | rage -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age
$ [..]rage -d -i key.txt -o data.tar.gz data.tar.gz.age $ rage -d -i key.txt -o data.tar.gz data.tar.gz.age
""" """
stderr = "" stderr = ""

43
rage/tests/cmd/rage/help_it.toml
View file

@ -2,32 +2,31 @@ bin.name = "rage"
args = "--help" args = "--help"
env.add.LANG = "it" env.add.LANG = "it"
stdout = """ stdout = """
Usage: Usage: rage[EXE] [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT]
[..]rage[EXE] [--encrypt] -r RECIPIENT [-i IDENTITY] [-a] [-o OUTPUT] [INPUT] rage[EXE] --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]
[..]rage[EXE] --decrypt [-i IDENTITY] [-o OUTPUT] [INPUT]
Positional arguments: Arguments:
input Path to a file to read from. [INPUT] Path to a file to read from.
Optional arguments: Options:
-h, --help Print this help message and exit. -h, --help Print this help message and exit.
-V, --version Print version info and exit. -V, --version Print version info and exit.
-e, --encrypt Encrypt the input (the default). -e, --encrypt Encrypt the input (the default).
-d, --decrypt Decrypt the input. -d, --decrypt Decrypt the input.
-p, --passphrase Encrypt with a passphrase instead of recipients. -p, --passphrase Encrypt with a passphrase instead of recipients.
--max-work-factor WF Maximum work factor to allow for passphrase decryption. --max-work-factor <WF> Maximum work factor to allow for passphrase decryption.
-a, --armor Encrypt to a PEM encoded format. -a, --armor Encrypt to a PEM encoded format.
-r, --recipient RECIPIENT Encrypt to the specified RECIPIENT. May be repeated. -r, --recipient <RECIPIENT> Encrypt to the specified RECIPIENT. May be repeated.
-R, --recipients-file PATH Encrypt to the recipients listed at PATH. May be repeated. -R, --recipients-file <PATH> Encrypt to the recipients listed at PATH. May be repeated.
-i, --identity IDENTITY Use the identity file at IDENTITY. May be repeated. -i, --identity <IDENTITY> Use the identity file at IDENTITY. May be repeated.
-j PLUGIN-NAME Use age-plugin-PLUGIN-NAME in its default mode as an identity. -j <PLUGIN-NAME> Use age-plugin-PLUGIN-NAME in its default mode as an identity.
-o, --output OUTPUT Write the result to the file at path OUTPUT. -o, --output <OUTPUT> Write the result to the file at path OUTPUT.
INPUT ha come valore predefinito lo standard input, e OUTPUT ha come INPUT ha come valore predefinito lo standard input, e OUTPUT ha come
valore predefinito lo standard output. valore predefinito lo standard output.
RECIPIENT può essere: RECIPIENT può essere:
- Una chiave pubblica age, come generata da [..]rage-keygen ("age1..."). - Una chiave pubblica age, come generata da rage-keygen ("age1...").
- Una chiave pubblica SSH ("ssh-ed25519 AAAA...", "ssh-rsa AAAA..."). - Una chiave pubblica SSH ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...").
PATH è il percorso ad un file contenente dei destinatari age, PATH è il percorso ad un file contenente dei destinatari age,
@ -40,9 +39,9 @@ I file di identità possono essere cifrati con age e una passphrase.
Possono essere fornite più identità, quelle inutilizzate verranno ignorate. Possono essere fornite più identità, quelle inutilizzate verranno ignorate.
Esempio: Esempio:
$ [..]rage-keygen -o key.txt $ rage-keygen -o key.txt
Chiave pubblica: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p Chiave pubblica: age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p
$ tar cvz ~/data | [..]rage -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age $ tar cvz ~/data | rage -r age1ql3z7hjy54pw3hyww5ayyfg7zqgvc7w3j2elw8zmrj2kg5sfn9aqmcac8p > data.tar.gz.age
$ [..]rage -d -i key.txt -o data.tar.gz data.tar.gz.age $ rage -d -i key.txt -o data.tar.gz data.tar.gz.age
""" """
stderr = "" stderr = ""

30
supply-chain/config.toml
View file

@ -67,23 +67,23 @@ criteria = "safe-to-deploy"
[[exemptions.anstream]] [[exemptions.anstream]]
version = "0.3.2" version = "0.3.2"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.anstyle]] [[exemptions.anstyle]]
version = "1.0.2" version = "1.0.2"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.anstyle-parse]] [[exemptions.anstyle-parse]]
version = "0.2.1" version = "0.2.1"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.anstyle-query]] [[exemptions.anstyle-query]]
version = "1.0.0" version = "1.0.0"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.anstyle-wincon]] [[exemptions.anstyle-wincon]]
version = "1.0.2" version = "1.0.2"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.arc-swap]] [[exemptions.arc-swap]]
version = "1.6.0" version = "1.6.0"
@ -171,16 +171,24 @@ criteria = "safe-to-deploy"
[[exemptions.clap]] [[exemptions.clap]]
version = "4.3.24" version = "4.3.24"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.clap_builder]] [[exemptions.clap_builder]]
version = "4.3.24" version = "4.3.24"
criteria = "safe-to-run" criteria = "safe-to-deploy"
[[exemptions.clap_complete]] [[exemptions.clap_complete]]
version = "4.3.2" version = "4.3.2"
criteria = "safe-to-run" criteria = "safe-to-run"
[[exemptions.clap_derive]]
version = "4.3.12"
criteria = "safe-to-deploy"
[[exemptions.clap_lex]]
version = "0.5.0"
criteria = "safe-to-deploy"
[[exemptions.console]] [[exemptions.console]]
version = "0.15.7" version = "0.15.7"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
@ -341,14 +349,6 @@ criteria = "safe-to-deploy"
version = "0.28.1" version = "0.28.1"
criteria = "safe-to-run" criteria = "safe-to-run"
[[exemptions.gumdrop]]
version = "0.8.1"
criteria = "safe-to-deploy"
[[exemptions.gumdrop_derive]]
version = "0.8.1"
criteria = "safe-to-deploy"
[[exemptions.hashbrown]] [[exemptions.hashbrown]]
version = "0.14.3" version = "0.14.3"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"

23
supply-chain/imports.lock
View file

@ -344,6 +344,12 @@ criteria = "safe-to-deploy"
version = "0.3.27" version = "0.3.27"
notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting." notes = "Unsafe used to implement a concurrency primitive AtomicWaker. Well-commented and not obviously incorrect. Like my other audits of these concurrency primitives inside the futures family, I couldn't certify that it is correct without formal methods, but that is out of scope for this vetting."
[[audits.bytecode-alliance.audits.heck]]
who = "Alex Crichton <alex@alexcrichton.com>"
criteria = "safe-to-deploy"
version = "0.4.0"
notes = "Contains `forbid_unsafe` and only uses `std::fmt` from the standard library. Otherwise only contains string manipulation."
[[audits.bytecode-alliance.audits.iana-time-zone]] [[audits.bytecode-alliance.audits.iana-time-zone]]
who = "Dan Gohman <dev@sunfishcode.online>" who = "Dan Gohman <dev@sunfishcode.online>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
@ -500,12 +506,6 @@ criteria = "safe-to-run"
version = "0.3.67" version = "0.3.67"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.clap_lex]]
who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run"
version = "0.4.1"
aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT"
[[audits.google.audits.crossbeam-deque]] [[audits.google.audits.crossbeam-deque]]
who = "George Burgess IV <gbiv@google.com>" who = "George Burgess IV <gbiv@google.com>"
criteria = "safe-to-run" criteria = "safe-to-run"
@ -682,11 +682,6 @@ who = "David Cook <dcook@divviup.org>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"
version = "0.9.0" version = "0.9.0"
[[audits.isrg.audits.clap_lex]]
who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-run"
delta = "0.4.1 -> 0.5.0"
[[audits.isrg.audits.criterion]] [[audits.isrg.audits.criterion]]
who = "Brandon Pitman <bran@bran.land>" who = "Brandon Pitman <bran@bran.land>"
criteria = "safe-to-run" criteria = "safe-to-run"
@ -1198,6 +1193,12 @@ capabilities.
""" """
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.heck]]
who = "Mike Hommey <mh+mozilla@glandium.org>"
criteria = "safe-to-deploy"
delta = "0.4.0 -> 0.4.1"
aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml"
[[audits.mozilla.audits.hex]] [[audits.mozilla.audits.hex]]
who = "Simon Friedberger <simon@mozilla.com>" who = "Simon Friedberger <simon@mozilla.com>"
criteria = "safe-to-deploy" criteria = "safe-to-deploy"