feliix42/deps.rs
1
0
Fork 0
mirror of https://github.com/deps-rs/deps.rs.git synced 2024-11-22 10:26:30 +00:00
Code Issues Projects Releases Packages Wiki Activity

update rustsec crate

Browse source
This commit is contained in:
Rob Ede 2020-09-29 00:55:02 +01:00
parent 820a3cfd28
commit 57c2c79046
No known key found for this signature in database
GPG key ID: C2A3B36E841A91E6
7 changed files with 297 additions and 218 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

400
Cargo.lock generated
View file

@ -6,12 +6,6 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2692800d602527d2b8fea50036119c37df74ab565b10e285706a3dcec0ec3e16" checksum = "2692800d602527d2b8fea50036119c37df74ab565b10e285706a3dcec0ec3e16"
[[package]]
name = "antidote"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34fde25430d87a9388dadbe6e34d7f72a462c8b43ac8d309b42b0a8505d7e2a5"
[[package]] [[package]]
name = "anyhow" name = "anyhow"
version = "1.0.32" version = "1.0.32"
@ -113,11 +107,26 @@ dependencies = [
"crossbeam", "crossbeam",
] ]
[[package]]
name = "cargo-lock"
version = "4.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8504b63dd1249fd1745b7b4ef9b6f7b107ddeb3c95370043c7dbcc38653a2679"
dependencies = [
"semver 0.9.0",
"serde",
"toml",
"url",
]
[[package]] [[package]]
name = "cc" name = "cc"
version = "1.0.60" version = "1.0.60"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ef611cc68ff783f18535d77ddd080185275713d852c4f5cbb6122c462a7a825c" checksum = "ef611cc68ff783f18535d77ddd080185275713d852c4f5cbb6122c462a7a825c"
dependencies = [
"jobserver",
]
[[package]] [[package]]
name = "cfg-if" name = "cfg-if"
@ -133,7 +142,8 @@ checksum = "d021fddb7bd3e734370acfa4a83f34095571d8570c039f1420d77540f68d5772"
dependencies = [ dependencies = [
"libc", "libc",
"num-integer", "num-integer",
"num-traits 0.2.12", "num-traits",
"serde",
"time", "time",
"winapi 0.3.9", "winapi 0.3.9",
] ]
@ -166,6 +176,22 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "crates-index"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "15467291e8911aa3e73b0e77d988362da1df7ac974c7189ab38b94b6f7edfa7e"
dependencies = [
"git2",
"glob",
"hex",
"home",
"serde",
"serde_derive",
"serde_json",
"smol_str",
]
[[package]] [[package]]
name = "crossbeam" name = "crossbeam"
version = "0.2.12" version = "0.2.12"
@ -220,6 +246,15 @@ dependencies = [
"lazy_static 1.4.0", "lazy_static 1.4.0",
] ]
[[package]]
name = "cvss"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c425c059aef1e9cc614482211c4bd78664299ca91d4353db994f9966a1e7161d"
dependencies = [
"serde",
]
[[package]] [[package]]
name = "derive_more" name = "derive_more"
version = "0.99.10" version = "0.99.10"
@ -240,12 +275,6 @@ dependencies = [
"generic-array", "generic-array",
] ]
[[package]]
name = "dtoa"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "134951f4028bdadb9b84baf4232681efbf277da25144b9b0ad65df75946c422b"
[[package]] [[package]]
name = "fake-simd" name = "fake-simd"
version = "0.1.2" version = "0.1.2"
@ -320,6 +349,27 @@ dependencies = [
"typenum", "typenum",
] ]
[[package]]
name = "git2"
version = "0.13.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e094214efbc7fdbbdee952147e493b00e99a4e52817492277e98967ae918165"
dependencies = [
"bitflags 1.2.1",
"libc",
"libgit2-sys",
"log 0.4.11",
"openssl-probe",
"openssl-sys",
"url",
]
[[package]]
name = "glob"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574"
[[package]] [[package]]
name = "hashbrown" name = "hashbrown"
version = "0.9.1" version = "0.9.1"
@ -335,31 +385,30 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "hex"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "644f9158b2f133fd50f5fb3242878846d9eb792e445c893805ff0e3824006e35"
dependencies = [
"serde",
]
[[package]]
name = "home"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2456aef2e6b6a9784192ae780c0f15bc57df0e918585282325e8c8ac27737654"
dependencies = [
"winapi 0.3.9",
]
[[package]] [[package]]
name = "httparse" name = "httparse"
version = "1.3.4" version = "1.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd179ae861f0c2e53da70d892f5f3029f9594be0c41dc5269cd371691b1dc2f9" checksum = "cd179ae861f0c2e53da70d892f5f3029f9594be0c41dc5269cd371691b1dc2f9"
[[package]]
name = "hyper"
version = "0.10.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0a0652d9a2609a968c14be1a9ea00bf4b1d64e2e1f53a1b51b6fff3a6e829273"
dependencies = [
"base64 0.9.3",
"httparse",
"language-tags",
"log 0.3.9",
"mime 0.2.6",
"num_cpus",
"time",
"traitobject",
"typeable",
"unicase 1.4.2",
"url",
]
[[package]] [[package]]
name = "hyper" name = "hyper"
version = "0.11.27" version = "0.11.27"
@ -374,30 +423,19 @@ dependencies = [
"iovec", "iovec",
"language-tags", "language-tags",
"log 0.4.11", "log 0.4.11",
"mime 0.3.16", "mime",
"net2", "net2",
"percent-encoding", "percent-encoding 1.0.1",
"relay", "relay",
"time", "time",
"tokio-core", "tokio-core",
"tokio-io", "tokio-io",
"tokio-proto", "tokio-proto",
"tokio-service", "tokio-service",
"unicase 2.6.0", "unicase",
"want", "want",
] ]
[[package]]
name = "hyper-native-tls"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72332e4a35d3059583623b50e98e491b78f8b96c5521fcb3f428167955aa56e8"
dependencies = [
"antidote",
"hyper 0.10.16",
"native-tls",
]
[[package]] [[package]]
name = "hyper-tls" name = "hyper-tls"
version = "0.1.4" version = "0.1.4"
@ -405,7 +443,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ffb1bd5e518d3065840ab315dbbf44e4420e5f7d80e2cb93fa6ffffc50522378" checksum = "ffb1bd5e518d3065840ab315dbbf44e4420e5f7d80e2cb93fa6ffffc50522378"
dependencies = [ dependencies = [
"futures", "futures",
"hyper 0.11.27", "hyper",
"native-tls", "native-tls",
"tokio-core", "tokio-core",
"tokio-io", "tokio-io",
@ -415,9 +453,9 @@ dependencies = [
[[package]] [[package]]
name = "idna" name = "idna"
version = "0.1.5" version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38f09e0f0b1fb55fdee1f17470ad800da77af5186a1a76c026b679358b7e844e" checksum = "02e2673c30ee86b5b96a9cb52ad15718aa1f966f5ab9ad54a8b95d5ca33120a9"
dependencies = [ dependencies = [
"matches", "matches",
"unicode-bidi", "unicode-bidi",
@ -432,7 +470,7 @@ checksum = "55e2e4c765aa53a0424761bf9f41aa7a6ac1efa87238f59560640e27fca028f2"
dependencies = [ dependencies = [
"autocfg", "autocfg",
"hashbrown", "hashbrown",
"serde 1.0.116", "serde",
] ]
[[package]] [[package]]
@ -444,18 +482,21 @@ dependencies = [
"libc", "libc",
] ]
[[package]]
name = "itoa"
version = "0.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8324a32baf01e2ae060e9de58ed0bc2320c9a2833491ee36cd3b4c414de4db8c"
[[package]] [[package]]
name = "itoa" name = "itoa"
version = "0.4.6" version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6" checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6"
[[package]]
name = "jobserver"
version = "0.1.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c71313ebb9439f74b00d9d2dcec36440beaf57a6aa0623068441dd7cd81a7f2"
dependencies = [
"libc",
]
[[package]] [[package]]
name = "kernel32-sys" name = "kernel32-sys"
version = "0.2.2" version = "0.2.2"
@ -490,6 +531,46 @@ version = "0.2.77"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2f96b10ec2560088a8e76961b00d47107b3a625fecb76dedb29ee7ccbf98235" checksum = "f2f96b10ec2560088a8e76961b00d47107b3a625fecb76dedb29ee7ccbf98235"
[[package]]
name = "libgit2-sys"
version = "0.12.13+1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "069eea34f76ec15f2822ccf78fe0cdb8c9016764d0a12865278585a74dbdeae5"
dependencies = [
"cc",
"libc",
"libssh2-sys",
"libz-sys",
"openssl-sys",
"pkg-config",
]
[[package]]
name = "libssh2-sys"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ca46220853ba1c512fc82826d0834d87b06bcd3c2a42241b7de72f3d2fe17056"
dependencies = [
"cc",
"libc",
"libz-sys",
"openssl-sys",
"pkg-config",
"vcpkg",
]
[[package]]
name = "libz-sys"
version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "602113192b08db8f38796c4e85c39e960c145965140e918018bcde1952429655"
dependencies = [
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]] [[package]]
name = "linked-hash-map" name = "linked-hash-map"
version = "0.5.3" version = "0.5.3"
@ -586,15 +667,6 @@ dependencies = [
"autocfg", "autocfg",
] ]
[[package]]
name = "mime"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba626b8a6de5da682e1caa06bdb42a335aee5a84db8e5046a3e8ab17ba0a3ae0"
dependencies = [
"log 0.3.9",
]
[[package]] [[package]]
name = "mime" name = "mime"
version = "0.3.16" version = "0.3.16"
@ -676,16 +748,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b" checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b"
dependencies = [ dependencies = [
"autocfg", "autocfg",
"num-traits 0.2.12", "num-traits",
]
[[package]]
name = "num-traits"
version = "0.1.43"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31"
dependencies = [
"num-traits 0.2.12",
] ]
[[package]] [[package]]
@ -732,6 +795,12 @@ dependencies = [
"openssl-sys", "openssl-sys",
] ]
[[package]]
name = "openssl-probe"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de"
[[package]] [[package]]
name = "openssl-sys" name = "openssl-sys"
version = "0.9.58" version = "0.9.58"
@ -786,6 +855,12 @@ version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831" checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831"
[[package]]
name = "percent-encoding"
version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e"
[[package]] [[package]]
name = "pest" name = "pest"
version = "2.1.3" version = "2.1.3"
@ -835,6 +910,15 @@ version = "0.3.18"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d36492546b6af1463394d46f0c834346f31548646f6ba10849802c9c9a27ac33" checksum = "d36492546b6af1463394d46f0c834346f31548646f6ba10849802c9c9a27ac33"
[[package]]
name = "platforms"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "feb3b2b1033b8a60b4da6ee470325f887758c95d5320f52f9ce0df055a55940e"
dependencies = [
"serde",
]
[[package]] [[package]]
name = "proc-macro2" name = "proc-macro2"
version = "1.0.23" version = "1.0.23"
@ -912,7 +996,7 @@ version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e614f96449605730b4f7ad2c019e88c1652d730634b4eba07b810801856635e3" checksum = "e614f96449605730b4f7ad2c019e88c1652d730634b4eba07b810801856635e3"
dependencies = [ dependencies = [
"serde 1.0.116", "serde",
] ]
[[package]] [[package]]
@ -933,21 +1017,6 @@ dependencies = [
"winapi 0.3.9", "winapi 0.3.9",
] ]
[[package]]
name = "reqwest"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3bef9ed8fdfcc30947d6b774938dc0c3f369a474efe440df2c7f278180b2d2e6"
dependencies = [
"hyper 0.10.16",
"hyper-native-tls",
"log 0.3.9",
"serde 0.9.15",
"serde_json 0.9.10",
"serde_urlencoded",
"url",
]
[[package]] [[package]]
name = "route-recognizer" name = "route-recognizer"
version = "0.1.13" version = "0.1.13"
@ -965,13 +1034,22 @@ dependencies = [
[[package]] [[package]]
name = "rustsec" name = "rustsec"
version = "0.6.0" version = "0.21.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9fb074a338f1f966f5d86eaef9aa85b544207ed138986e60a33e08202c5c4492" checksum = "b2f7c2b431b329341b1ee7193b7403269153b99804ff5850a0b8966aed26f558"
dependencies = [ dependencies = [
"reqwest", "cargo-lock",
"semver 0.11.0", "chrono",
"toml 0.3.2", "crates-index",
"cvss",
"git2",
"home",
"platforms",
"semver 0.9.0",
"semver-parser 0.9.0",
"serde",
"thiserror",
"toml",
] ]
[[package]] [[package]]
@ -1069,6 +1147,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403" checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403"
dependencies = [ dependencies = [
"semver-parser 0.7.0", "semver-parser 0.7.0",
"serde",
] ]
[[package]] [[package]]
@ -1078,7 +1157,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6" checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6"
dependencies = [ dependencies = [
"semver-parser 0.10.0", "semver-parser 0.10.0",
"serde 1.0.116", "serde",
] ]
[[package]] [[package]]
@ -1087,6 +1166,12 @@ version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3" checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
[[package]]
name = "semver-parser"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b46e1121e8180c12ff69a742aabc4f310542b6ccb69f1691689ac17fdf8618aa"
[[package]] [[package]]
name = "semver-parser" name = "semver-parser"
version = "0.10.0" version = "0.10.0"
@ -1097,12 +1182,6 @@ dependencies = [
"pest_derive", "pest_derive",
] ]
[[package]]
name = "serde"
version = "0.9.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34b623917345a631dc9608d5194cc206b3fe6c3554cd1c75b937e55e285254af"
[[package]] [[package]]
name = "serde" name = "serde"
version = "1.0.116" version = "1.0.116"
@ -1123,39 +1202,15 @@ dependencies = [
"syn", "syn",
] ]
[[package]]
name = "serde_json"
version = "0.9.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad8bcf487be7d2e15d3d543f04312de991d631cfe1b43ea0ade69e6a8a5b16a1"
dependencies = [
"dtoa",
"itoa 0.3.4",
"num-traits 0.1.43",
"serde 0.9.15",
]
[[package]] [[package]]
name = "serde_json" name = "serde_json"
version = "1.0.57" version = "1.0.57"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c" checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c"
dependencies = [ dependencies = [
"itoa 0.4.6", "itoa",
"ryu", "ryu",
"serde 1.0.116", "serde",
]
[[package]]
name = "serde_urlencoded"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "68f06ece1408d3221d11a9da11953ad0c94daa48cfa42026471306f895b91bc8"
dependencies = [
"dtoa",
"itoa 0.3.4",
"serde 0.9.15",
"url",
] ]
[[package]] [[package]]
@ -1179,7 +1234,7 @@ dependencies = [
"cadence", "cadence",
"derive_more", "derive_more",
"futures", "futures",
"hyper 0.11.27", "hyper",
"hyper-tls", "hyper-tls",
"indexmap", "indexmap",
"lru-cache", "lru-cache",
@ -1190,13 +1245,13 @@ dependencies = [
"rustsec", "rustsec",
"sass-rs", "sass-rs",
"semver 0.11.0", "semver 0.11.0",
"serde 1.0.116", "serde",
"serde_json 1.0.57", "serde_json",
"slog", "slog",
"slog-json", "slog-json",
"tokio-core", "tokio-core",
"tokio-service", "tokio-service",
"toml 0.5.6", "toml",
"try_future", "try_future",
] ]
@ -1225,8 +1280,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddc0d2aff1f8f325ef660d9a0eb6e6dcd20b30b3f581a5897f58bf42d061c37a" checksum = "ddc0d2aff1f8f325ef660d9a0eb6e6dcd20b30b3f581a5897f58bf42d061c37a"
dependencies = [ dependencies = [
"chrono", "chrono",
"serde 1.0.116", "serde",
"serde_json 1.0.57", "serde_json",
"slog", "slog",
] ]
@ -1245,6 +1300,15 @@ dependencies = [
"maybe-uninit", "maybe-uninit",
] ]
[[package]]
name = "smol_str"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ca0f7ce3a29234210f0f4f0b56f8be2e722488b95cb522077943212da3b32eb"
dependencies = [
"serde",
]
[[package]] [[package]]
name = "syn" name = "syn"
version = "1.0.42" version = "1.0.42"
@ -1272,6 +1336,26 @@ dependencies = [
"remove_dir_all", "remove_dir_all",
] ]
[[package]]
name = "thiserror"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7dfdd070ccd8ccb78f4ad66bf1982dc37f620ef696c6b5028fe2ed83dd3d0d08"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd80fc12f73063ac132ac92aceea36734f04a1d93c1240c6944e23a3b8841793"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]] [[package]]
name = "time" name = "time"
version = "0.1.44" version = "0.1.44"
@ -1529,30 +1613,15 @@ dependencies = [
"tokio-reactor", "tokio-reactor",
] ]
[[package]]
name = "toml"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd86ad9ebee246fdedd610e0f6d0587b754a3d81438db930a244d0480ed7878f"
dependencies = [
"serde 0.9.15",
]
[[package]] [[package]]
name = "toml" name = "toml"
version = "0.5.6" version = "0.5.6"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ffc92d160b1eef40665be3a05630d003936a3bc7da7421277846c2613e92c71a" checksum = "ffc92d160b1eef40665be3a05630d003936a3bc7da7421277846c2613e92c71a"
dependencies = [ dependencies = [
"serde 1.0.116", "serde",
] ]
[[package]]
name = "traitobject"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "efd1f82c56340fdf16f2a953d7bda4f8fdffba13d93b00844c25572110b26079"
[[package]] [[package]]
name = "try-lock" name = "try-lock"
version = "0.1.0" version = "0.1.0"
@ -1574,12 +1643,6 @@ version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e5d7cd7ab3e47dda6e56542f4bbf3824c15234958c6e1bd6aaa347e93499fdc" checksum = "3e5d7cd7ab3e47dda6e56542f4bbf3824c15234958c6e1bd6aaa347e93499fdc"
[[package]]
name = "typeable"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1410f6f91f21d1612654e7cc69193b0334f909dcf2c790c4826254fbb86f8887"
[[package]] [[package]]
name = "typenum" name = "typenum"
version = "1.12.0" version = "1.12.0"
@ -1592,22 +1655,13 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c" checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c"
[[package]]
name = "unicase"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f4765f83163b74f957c797ad9253caf97f103fb064d3999aea9568d09fc8a33"
dependencies = [
"version_check 0.1.5",
]
[[package]] [[package]]
name = "unicase" name = "unicase"
version = "2.6.0" version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6"
dependencies = [ dependencies = [
"version_check 0.9.2", "version_check",
] ]
[[package]] [[package]]
@ -1636,13 +1690,13 @@ checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564"
[[package]] [[package]]
name = "url" name = "url"
version = "1.7.2" version = "2.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd4e7c0d531266369519a4aa4f399d748bd37043b00bde1e4ff1f60a120b355a" checksum = "829d4a8476c35c9bf0bbce5a3b23f4106f79728039b726d292bb93bc106787cb"
dependencies = [ dependencies = [
"idna", "idna",
"matches", "matches",
"percent-encoding", "percent-encoding 2.1.0",
] ]
[[package]] [[package]]
@ -1651,12 +1705,6 @@ version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index" source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6454029bf181f092ad1b853286f23e2c507d8e8194d01d92da4a55c274a5508c" checksum = "6454029bf181f092ad1b853286f23e2c507d8e8194d01d92da4a55c274a5508c"
[[package]]
name = "version_check"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd"
[[package]] [[package]]
name = "version_check" name = "version_check"
version = "0.9.2" version = "0.9.2"

4
Cargo.toml
View file

@ -19,13 +19,13 @@ derive_more = "0.99"
futures = "0.1" futures = "0.1"
hyper = "0.11" hyper = "0.11"
hyper-tls = "0.1" hyper-tls = "0.1"
indexmap = { version = "1.0.0", features = ["serde-1"] } indexmap = { version = "1", features = ["serde-1"] }
lru-cache = "0.1" lru-cache = "0.1"
maud = "0.22" maud = "0.22"
once_cell = "1.4" once_cell = "1.4"
relative-path = { version = "0.3.7", features = ["serde"] } relative-path = { version = "0.3.7", features = ["serde"] }
route-recognizer = "0.1" route-recognizer = "0.1"
rustsec = "0.6.0" rustsec = "0.21"
semver = { version = "0.11", features = ["serde"] } semver = { version = "0.11", features = ["serde"] }
serde = { version = "1", features = ["derive"] } serde = { version = "1", features = ["derive"] }
serde_json = "1" serde_json = "1"

19
src/engine/machines/analyzer.rs
View file

@ -1,6 +1,6 @@
use std::sync::Arc; use std::sync::Arc;
use rustsec::db::AdvisoryDatabase; use rustsec::database::{Database, Query};
use semver::Version; use semver::Version;
use crate::models::crates::{ use crate::models::crates::{
@ -9,11 +9,11 @@ use crate::models::crates::{
pub struct DependencyAnalyzer { pub struct DependencyAnalyzer {
deps: AnalyzedDependencies, deps: AnalyzedDependencies,
advisory_db: Option<Arc<AdvisoryDatabase>>, advisory_db: Option<Arc<Database>>,
} }
impl DependencyAnalyzer { impl DependencyAnalyzer {
pub fn new(deps: &CrateDeps, advisory_db: Option<Arc<AdvisoryDatabase>>) -> DependencyAnalyzer { pub fn new(deps: &CrateDeps, advisory_db: Option<Arc<Database>>) -> DependencyAnalyzer {
DependencyAnalyzer { DependencyAnalyzer {
deps: AnalyzedDependencies::new(deps), deps: AnalyzedDependencies::new(deps),
advisory_db, advisory_db,
@ -24,7 +24,7 @@ impl DependencyAnalyzer {
name: &CrateName, name: &CrateName,
dep: &mut AnalyzedDependency, dep: &mut AnalyzedDependency,
ver: &Version, ver: &Version,
advisory_db: Option<&AdvisoryDatabase>, advisory_db: Option<&Database>,
) { ) {
if dep.required.matches(&ver) { if dep.required.matches(&ver) {
if let Some(ref mut current_latest_that_matches) = dep.latest_that_matches { if let Some(ref mut current_latest_that_matches) = dep.latest_that_matches {
@ -35,8 +35,12 @@ impl DependencyAnalyzer {
dep.latest_that_matches = Some(ver.clone()); dep.latest_that_matches = Some(ver.clone());
} }
let name: rustsec::cargo_lock::Name = name.as_ref().parse().unwrap();
let version: rustsec::cargo_lock::Version = ver.to_string().parse().unwrap();
let query = Query::new().package_version(name, version);
if !advisory_db if !advisory_db
.map(|db| db.find_vulns_for_crate(name.as_ref(), ver).is_empty()) .map(|db| db.query(&query).is_empty())
.unwrap_or(true) .unwrap_or(true)
{ {
dep.insecure = true; dep.insecure = true;
@ -90,8 +94,9 @@ impl DependencyAnalyzer {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::DependencyAnalyzer; use crate::models::crates::{CrateDep, CrateDeps, CrateRelease};
use models::crates::{CrateDep, CrateDeps, CrateRelease};
use super::*;
#[test] #[test]
fn tracks_latest_without_matching() { fn tracks_latest_without_matching() {

5
src/engine/machines/crawler.rs
View file

@ -118,8 +118,9 @@ mod tests {
use relative_path::RelativePath; use relative_path::RelativePath;
use semver::VersionReq; use semver::VersionReq;
use super::ManifestCrawler; use crate::models::crates::CrateDep;
use models::crates::CrateDep;
use super::*;
#[test] #[test]
fn simple_package_manifest() { fn simple_package_manifest() {

4
src/engine/mod.rs
View file

@ -12,7 +12,7 @@ use hyper::Client;
use hyper_tls::HttpsConnector; use hyper_tls::HttpsConnector;
use once_cell::sync::Lazy; use once_cell::sync::Lazy;
use relative_path::{RelativePath, RelativePathBuf}; use relative_path::{RelativePath, RelativePathBuf};
use rustsec::db::AdvisoryDatabase; use rustsec::database::Database;
use semver::VersionReq; use semver::VersionReq;
use slog::Logger; use slog::Logger;
use tokio_service::Service; use tokio_service::Service;
@ -237,7 +237,7 @@ impl Engine {
.call((repo_path.clone(), manifest_path)) .call((repo_path.clone(), manifest_path))
} }
fn fetch_advisory_db(&self) -> impl Future<Item = Arc<AdvisoryDatabase>, Error = Error> { fn fetch_advisory_db(&self) -> impl Future<Item = Arc<Database>, Error = Error> {
self.fetch_advisory_db self.fetch_advisory_db
.call(()) .call(())
.from_err() .from_err()

78
src/interactors/rustsec.rs
View file

@ -2,10 +2,10 @@ use std::str;
use std::sync::Arc; use std::sync::Arc;
use anyhow::{anyhow, ensure, Error}; use anyhow::{anyhow, ensure, Error};
use futures::{future, Future, IntoFuture, Stream}; use futures::{future, future::done, Future, IntoFuture, Stream};
use hyper::{Error as HyperError, Method, Request, Response}; use hyper::{Error as HyperError, Method, Request, Response};
use rustsec::db::AdvisoryDatabase; use rustsec::database::Database;
use rustsec::ADVISORY_DB_URL; use rustsec::repository::DEFAULT_URL;
use tokio_service::Service; use tokio_service::Service;
#[derive(Debug, Clone)] #[derive(Debug, Clone)]
@ -17,35 +17,59 @@ where
S::Future: 'static, S::Future: 'static,
{ {
type Request = (); type Request = ();
type Response = Arc<AdvisoryDatabase>; type Response = Arc<Database>;
type Error = Error; type Error = Error;
type Future = Box<dyn Future<Item = Self::Response, Error = Self::Error>>; type Future = Box<dyn Future<Item = Self::Response, Error = Self::Error>>;
fn call(&self, _req: ()) -> Self::Future { fn call(&self, _req: ()) -> Self::Future {
let service = self.0.clone(); let service = self.0.clone();
let uri_future = ADVISORY_DB_URL.parse().into_future().from_err(); Box::new(done(
rustsec::Database::fetch()
.map(|db| Arc::new(db))
.map_err(|err| anyhow!("err fetching rustsec DB")),
))
}
}
Box::new(uri_future.and_then(move |uri| { // #[derive(Debug, Clone)]
let request = Request::new(Method::Get, uri); // pub struct FetchAdvisoryDatabase<S>(pub S);
service.call(request).from_err().and_then(|response| { // impl<S> Service for FetchAdvisoryDatabase<S>
let status = response.status(); // where
if !status.is_success() { // S: Service<Request = Request, Response = Response, Error = HyperError> + Clone + 'static,
future::Either::A(future::err(anyhow!( // S::Future: 'static,
"Status code {} when fetching advisory db", // {
status // type Request = ();
))) // type Response = Arc<Database>;
} else { // type Error = Error;
let body_future = response.body().concat2().from_err(); // type Future = Box<dyn Future<Item = Self::Response, Error = Self::Error>>;
let decode_future = body_future.and_then(|body| {
Ok(Arc::new(AdvisoryDatabase::from_toml(str::from_utf8( // fn call(&self, _req: ()) -> Self::Future {
&body, // let service = self.0.clone();
)?)?))
}); // let uri_future = DEFAULT_URL.parse().into_future().from_err();
future::Either::B(decode_future)
} // Box::new(uri_future.and_then(move |uri| {
}) // let request = Request::new(Method::Get, uri);
}))
} // service.call(request).from_err().and_then(|response| {
} // let status = response.status();
// if !status.is_success() {
// future::Either::A(future::err(anyhow!(
// "Status code {} when fetching advisory db",
// status
// )))
// } else {
// let body_future = response.body().concat2().from_err();
// let decode_future = body_future.and_then(|body| {
// Ok(Arc::new(Database::from_toml(str::from_utf8(
// &body,
// )?)?))
// });
// future::Either::B(decode_future)
// }
// })
// }))
// }
// }

5
src/parsers/manifest.rs
View file

@ -138,8 +138,9 @@ pub fn parse_manifest_toml(input: &str) -> Result<CrateManifest, Error> {
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::parse_manifest_toml; use crate::models::crates::CrateManifest;
use models::crates::CrateManifest;
use super::*;
#[test] #[test]
fn parse_workspace_without_members_declaration() { fn parse_workspace_without_members_declaration() {