update rustsec crate

This commit is contained in:
Rob Ede 2020-09-29 00:55:02 +01:00
parent 820a3cfd28
commit 57c2c79046
No known key found for this signature in database
GPG key ID: C2A3B36E841A91E6
7 changed files with 297 additions and 218 deletions

400
Cargo.lock generated
View file

@ -6,12 +6,6 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2692800d602527d2b8fea50036119c37df74ab565b10e285706a3dcec0ec3e16"
[[package]]
name = "antidote"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34fde25430d87a9388dadbe6e34d7f72a462c8b43ac8d309b42b0a8505d7e2a5"
[[package]]
name = "anyhow"
version = "1.0.32"
@ -113,11 +107,26 @@ dependencies = [
"crossbeam",
]
[[package]]
name = "cargo-lock"
version = "4.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8504b63dd1249fd1745b7b4ef9b6f7b107ddeb3c95370043c7dbcc38653a2679"
dependencies = [
"semver 0.9.0",
"serde",
"toml",
"url",
]
[[package]]
name = "cc"
version = "1.0.60"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ef611cc68ff783f18535d77ddd080185275713d852c4f5cbb6122c462a7a825c"
dependencies = [
"jobserver",
]
[[package]]
name = "cfg-if"
@ -133,7 +142,8 @@ checksum = "d021fddb7bd3e734370acfa4a83f34095571d8570c039f1420d77540f68d5772"
dependencies = [
"libc",
"num-integer",
"num-traits 0.2.12",
"num-traits",
"serde",
"time",
"winapi 0.3.9",
]
@ -166,6 +176,22 @@ dependencies = [
"libc",
]
[[package]]
name = "crates-index"
version = "0.15.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "15467291e8911aa3e73b0e77d988362da1df7ac974c7189ab38b94b6f7edfa7e"
dependencies = [
"git2",
"glob",
"hex",
"home",
"serde",
"serde_derive",
"serde_json",
"smol_str",
]
[[package]]
name = "crossbeam"
version = "0.2.12"
@ -220,6 +246,15 @@ dependencies = [
"lazy_static 1.4.0",
]
[[package]]
name = "cvss"
version = "1.0.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "c425c059aef1e9cc614482211c4bd78664299ca91d4353db994f9966a1e7161d"
dependencies = [
"serde",
]
[[package]]
name = "derive_more"
version = "0.99.10"
@ -240,12 +275,6 @@ dependencies = [
"generic-array",
]
[[package]]
name = "dtoa"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "134951f4028bdadb9b84baf4232681efbf277da25144b9b0ad65df75946c422b"
[[package]]
name = "fake-simd"
version = "0.1.2"
@ -320,6 +349,27 @@ dependencies = [
"typenum",
]
[[package]]
name = "git2"
version = "0.13.11"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1e094214efbc7fdbbdee952147e493b00e99a4e52817492277e98967ae918165"
dependencies = [
"bitflags 1.2.1",
"libc",
"libgit2-sys",
"log 0.4.11",
"openssl-probe",
"openssl-sys",
"url",
]
[[package]]
name = "glob"
version = "0.3.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9b919933a397b79c37e33b77bb2aa3dc8eb6e165ad809e58ff75bc7db2e34574"
[[package]]
name = "hashbrown"
version = "0.9.1"
@ -335,31 +385,30 @@ dependencies = [
"libc",
]
[[package]]
name = "hex"
version = "0.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "644f9158b2f133fd50f5fb3242878846d9eb792e445c893805ff0e3824006e35"
dependencies = [
"serde",
]
[[package]]
name = "home"
version = "0.5.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "2456aef2e6b6a9784192ae780c0f15bc57df0e918585282325e8c8ac27737654"
dependencies = [
"winapi 0.3.9",
]
[[package]]
name = "httparse"
version = "1.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cd179ae861f0c2e53da70d892f5f3029f9594be0c41dc5269cd371691b1dc2f9"
[[package]]
name = "hyper"
version = "0.10.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0a0652d9a2609a968c14be1a9ea00bf4b1d64e2e1f53a1b51b6fff3a6e829273"
dependencies = [
"base64 0.9.3",
"httparse",
"language-tags",
"log 0.3.9",
"mime 0.2.6",
"num_cpus",
"time",
"traitobject",
"typeable",
"unicase 1.4.2",
"url",
]
[[package]]
name = "hyper"
version = "0.11.27"
@ -374,30 +423,19 @@ dependencies = [
"iovec",
"language-tags",
"log 0.4.11",
"mime 0.3.16",
"mime",
"net2",
"percent-encoding",
"percent-encoding 1.0.1",
"relay",
"time",
"tokio-core",
"tokio-io",
"tokio-proto",
"tokio-service",
"unicase 2.6.0",
"unicase",
"want",
]
[[package]]
name = "hyper-native-tls"
version = "0.2.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "72332e4a35d3059583623b50e98e491b78f8b96c5521fcb3f428167955aa56e8"
dependencies = [
"antidote",
"hyper 0.10.16",
"native-tls",
]
[[package]]
name = "hyper-tls"
version = "0.1.4"
@ -405,7 +443,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ffb1bd5e518d3065840ab315dbbf44e4420e5f7d80e2cb93fa6ffffc50522378"
dependencies = [
"futures",
"hyper 0.11.27",
"hyper",
"native-tls",
"tokio-core",
"tokio-io",
@ -415,9 +453,9 @@ dependencies = [
[[package]]
name = "idna"
version = "0.1.5"
version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "38f09e0f0b1fb55fdee1f17470ad800da77af5186a1a76c026b679358b7e844e"
checksum = "02e2673c30ee86b5b96a9cb52ad15718aa1f966f5ab9ad54a8b95d5ca33120a9"
dependencies = [
"matches",
"unicode-bidi",
@ -432,7 +470,7 @@ checksum = "55e2e4c765aa53a0424761bf9f41aa7a6ac1efa87238f59560640e27fca028f2"
dependencies = [
"autocfg",
"hashbrown",
"serde 1.0.116",
"serde",
]
[[package]]
@ -444,18 +482,21 @@ dependencies = [
"libc",
]
[[package]]
name = "itoa"
version = "0.3.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8324a32baf01e2ae060e9de58ed0bc2320c9a2833491ee36cd3b4c414de4db8c"
[[package]]
name = "itoa"
version = "0.4.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dc6f3ad7b9d11a0c00842ff8de1b60ee58661048eb8049ed33c73594f359d7e6"
[[package]]
name = "jobserver"
version = "0.1.21"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5c71313ebb9439f74b00d9d2dcec36440beaf57a6aa0623068441dd7cd81a7f2"
dependencies = [
"libc",
]
[[package]]
name = "kernel32-sys"
version = "0.2.2"
@ -490,6 +531,46 @@ version = "0.2.77"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f2f96b10ec2560088a8e76961b00d47107b3a625fecb76dedb29ee7ccbf98235"
[[package]]
name = "libgit2-sys"
version = "0.12.13+1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "069eea34f76ec15f2822ccf78fe0cdb8c9016764d0a12865278585a74dbdeae5"
dependencies = [
"cc",
"libc",
"libssh2-sys",
"libz-sys",
"openssl-sys",
"pkg-config",
]
[[package]]
name = "libssh2-sys"
version = "0.2.19"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ca46220853ba1c512fc82826d0834d87b06bcd3c2a42241b7de72f3d2fe17056"
dependencies = [
"cc",
"libc",
"libz-sys",
"openssl-sys",
"pkg-config",
"vcpkg",
]
[[package]]
name = "libz-sys"
version = "1.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "602113192b08db8f38796c4e85c39e960c145965140e918018bcde1952429655"
dependencies = [
"cc",
"libc",
"pkg-config",
"vcpkg",
]
[[package]]
name = "linked-hash-map"
version = "0.5.3"
@ -586,15 +667,6 @@ dependencies = [
"autocfg",
]
[[package]]
name = "mime"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ba626b8a6de5da682e1caa06bdb42a335aee5a84db8e5046a3e8ab17ba0a3ae0"
dependencies = [
"log 0.3.9",
]
[[package]]
name = "mime"
version = "0.3.16"
@ -676,16 +748,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8d59457e662d541ba17869cf51cf177c0b5f0cbf476c66bdc90bf1edac4f875b"
dependencies = [
"autocfg",
"num-traits 0.2.12",
]
[[package]]
name = "num-traits"
version = "0.1.43"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "92e5113e9fd4cc14ded8e499429f396a20f98c772a47cc8622a736e1ec843c31"
dependencies = [
"num-traits 0.2.12",
"num-traits",
]
[[package]]
@ -732,6 +795,12 @@ dependencies = [
"openssl-sys",
]
[[package]]
name = "openssl-probe"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "77af24da69f9d9341038eba93a073b1fdaaa1b788221b00a69bce9e762cb32de"
[[package]]
name = "openssl-sys"
version = "0.9.58"
@ -786,6 +855,12 @@ version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831"
[[package]]
name = "percent-encoding"
version = "2.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d4fd5641d01c8f18a23da7b6fe29298ff4b55afcccdf78973b24cf3175fee32e"
[[package]]
name = "pest"
version = "2.1.3"
@ -835,6 +910,15 @@ version = "0.3.18"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d36492546b6af1463394d46f0c834346f31548646f6ba10849802c9c9a27ac33"
[[package]]
name = "platforms"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "feb3b2b1033b8a60b4da6ee470325f887758c95d5320f52f9ce0df055a55940e"
dependencies = [
"serde",
]
[[package]]
name = "proc-macro2"
version = "1.0.23"
@ -912,7 +996,7 @@ version = "0.3.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "e614f96449605730b4f7ad2c019e88c1652d730634b4eba07b810801856635e3"
dependencies = [
"serde 1.0.116",
"serde",
]
[[package]]
@ -933,21 +1017,6 @@ dependencies = [
"winapi 0.3.9",
]
[[package]]
name = "reqwest"
version = "0.4.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3bef9ed8fdfcc30947d6b774938dc0c3f369a474efe440df2c7f278180b2d2e6"
dependencies = [
"hyper 0.10.16",
"hyper-native-tls",
"log 0.3.9",
"serde 0.9.15",
"serde_json 0.9.10",
"serde_urlencoded",
"url",
]
[[package]]
name = "route-recognizer"
version = "0.1.13"
@ -965,13 +1034,22 @@ dependencies = [
[[package]]
name = "rustsec"
version = "0.6.0"
version = "0.21.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "9fb074a338f1f966f5d86eaef9aa85b544207ed138986e60a33e08202c5c4492"
checksum = "b2f7c2b431b329341b1ee7193b7403269153b99804ff5850a0b8966aed26f558"
dependencies = [
"reqwest",
"semver 0.11.0",
"toml 0.3.2",
"cargo-lock",
"chrono",
"crates-index",
"cvss",
"git2",
"home",
"platforms",
"semver 0.9.0",
"semver-parser 0.9.0",
"serde",
"thiserror",
"toml",
]
[[package]]
@ -1069,6 +1147,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1d7eb9ef2c18661902cc47e535f9bc51b78acd254da71d375c2f6720d9a40403"
dependencies = [
"semver-parser 0.7.0",
"serde",
]
[[package]]
@ -1078,7 +1157,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f301af10236f6df4160f7c3f04eec6dbc70ace82d23326abad5edee88801c6b6"
dependencies = [
"semver-parser 0.10.0",
"serde 1.0.116",
"serde",
]
[[package]]
@ -1087,6 +1166,12 @@ version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "388a1df253eca08550bef6c72392cfe7c30914bf41df5269b68cbd6ff8f570a3"
[[package]]
name = "semver-parser"
version = "0.9.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b46e1121e8180c12ff69a742aabc4f310542b6ccb69f1691689ac17fdf8618aa"
[[package]]
name = "semver-parser"
version = "0.10.0"
@ -1097,12 +1182,6 @@ dependencies = [
"pest_derive",
]
[[package]]
name = "serde"
version = "0.9.15"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "34b623917345a631dc9608d5194cc206b3fe6c3554cd1c75b937e55e285254af"
[[package]]
name = "serde"
version = "1.0.116"
@ -1123,39 +1202,15 @@ dependencies = [
"syn",
]
[[package]]
name = "serde_json"
version = "0.9.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ad8bcf487be7d2e15d3d543f04312de991d631cfe1b43ea0ade69e6a8a5b16a1"
dependencies = [
"dtoa",
"itoa 0.3.4",
"num-traits 0.1.43",
"serde 0.9.15",
]
[[package]]
name = "serde_json"
version = "1.0.57"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "164eacbdb13512ec2745fb09d51fd5b22b0d65ed294a1dcf7285a360c80a675c"
dependencies = [
"itoa 0.4.6",
"itoa",
"ryu",
"serde 1.0.116",
]
[[package]]
name = "serde_urlencoded"
version = "0.4.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "68f06ece1408d3221d11a9da11953ad0c94daa48cfa42026471306f895b91bc8"
dependencies = [
"dtoa",
"itoa 0.3.4",
"serde 0.9.15",
"url",
"serde",
]
[[package]]
@ -1179,7 +1234,7 @@ dependencies = [
"cadence",
"derive_more",
"futures",
"hyper 0.11.27",
"hyper",
"hyper-tls",
"indexmap",
"lru-cache",
@ -1190,13 +1245,13 @@ dependencies = [
"rustsec",
"sass-rs",
"semver 0.11.0",
"serde 1.0.116",
"serde_json 1.0.57",
"serde",
"serde_json",
"slog",
"slog-json",
"tokio-core",
"tokio-service",
"toml 0.5.6",
"toml",
"try_future",
]
@ -1225,8 +1280,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddc0d2aff1f8f325ef660d9a0eb6e6dcd20b30b3f581a5897f58bf42d061c37a"
dependencies = [
"chrono",
"serde 1.0.116",
"serde_json 1.0.57",
"serde",
"serde_json",
"slog",
]
@ -1245,6 +1300,15 @@ dependencies = [
"maybe-uninit",
]
[[package]]
name = "smol_str"
version = "0.1.17"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6ca0f7ce3a29234210f0f4f0b56f8be2e722488b95cb522077943212da3b32eb"
dependencies = [
"serde",
]
[[package]]
name = "syn"
version = "1.0.42"
@ -1272,6 +1336,26 @@ dependencies = [
"remove_dir_all",
]
[[package]]
name = "thiserror"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7dfdd070ccd8ccb78f4ad66bf1982dc37f620ef696c6b5028fe2ed83dd3d0d08"
dependencies = [
"thiserror-impl",
]
[[package]]
name = "thiserror-impl"
version = "1.0.20"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd80fc12f73063ac132ac92aceea36734f04a1d93c1240c6944e23a3b8841793"
dependencies = [
"proc-macro2",
"quote",
"syn",
]
[[package]]
name = "time"
version = "0.1.44"
@ -1529,30 +1613,15 @@ dependencies = [
"tokio-reactor",
]
[[package]]
name = "toml"
version = "0.3.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bd86ad9ebee246fdedd610e0f6d0587b754a3d81438db930a244d0480ed7878f"
dependencies = [
"serde 0.9.15",
]
[[package]]
name = "toml"
version = "0.5.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ffc92d160b1eef40665be3a05630d003936a3bc7da7421277846c2613e92c71a"
dependencies = [
"serde 1.0.116",
"serde",
]
[[package]]
name = "traitobject"
version = "0.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "efd1f82c56340fdf16f2a953d7bda4f8fdffba13d93b00844c25572110b26079"
[[package]]
name = "try-lock"
version = "0.1.0"
@ -1574,12 +1643,6 @@ version = "0.6.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3e5d7cd7ab3e47dda6e56542f4bbf3824c15234958c6e1bd6aaa347e93499fdc"
[[package]]
name = "typeable"
version = "0.1.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "1410f6f91f21d1612654e7cc69193b0334f909dcf2c790c4826254fbb86f8887"
[[package]]
name = "typenum"
version = "1.12.0"
@ -1592,22 +1655,13 @@ version = "0.1.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "56dee185309b50d1f11bfedef0fe6d036842e3fb77413abef29f8f8d1c5d4c1c"
[[package]]
name = "unicase"
version = "1.4.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7f4765f83163b74f957c797ad9253caf97f103fb064d3999aea9568d09fc8a33"
dependencies = [
"version_check 0.1.5",
]
[[package]]
name = "unicase"
version = "2.6.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6"
dependencies = [
"version_check 0.9.2",
"version_check",
]
[[package]]
@ -1636,13 +1690,13 @@ checksum = "f7fe0bb3479651439c9112f72b6c505038574c9fbb575ed1bf3b797fa39dd564"
[[package]]
name = "url"
version = "1.7.2"
version = "2.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "dd4e7c0d531266369519a4aa4f399d748bd37043b00bde1e4ff1f60a120b355a"
checksum = "829d4a8476c35c9bf0bbce5a3b23f4106f79728039b726d292bb93bc106787cb"
dependencies = [
"idna",
"matches",
"percent-encoding",
"percent-encoding 2.1.0",
]
[[package]]
@ -1651,12 +1705,6 @@ version = "0.2.10"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6454029bf181f092ad1b853286f23e2c507d8e8194d01d92da4a55c274a5508c"
[[package]]
name = "version_check"
version = "0.1.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd"
[[package]]
name = "version_check"
version = "0.9.2"

View file

@ -19,13 +19,13 @@ derive_more = "0.99"
futures = "0.1"
hyper = "0.11"
hyper-tls = "0.1"
indexmap = { version = "1.0.0", features = ["serde-1"] }
indexmap = { version = "1", features = ["serde-1"] }
lru-cache = "0.1"
maud = "0.22"
once_cell = "1.4"
relative-path = { version = "0.3.7", features = ["serde"] }
route-recognizer = "0.1"
rustsec = "0.6.0"
rustsec = "0.21"
semver = { version = "0.11", features = ["serde"] }
serde = { version = "1", features = ["derive"] }
serde_json = "1"

View file

@ -1,6 +1,6 @@
use std::sync::Arc;
use rustsec::db::AdvisoryDatabase;
use rustsec::database::{Database, Query};
use semver::Version;
use crate::models::crates::{
@ -9,11 +9,11 @@ use crate::models::crates::{
pub struct DependencyAnalyzer {
deps: AnalyzedDependencies,
advisory_db: Option<Arc<AdvisoryDatabase>>,
advisory_db: Option<Arc<Database>>,
}
impl DependencyAnalyzer {
pub fn new(deps: &CrateDeps, advisory_db: Option<Arc<AdvisoryDatabase>>) -> DependencyAnalyzer {
pub fn new(deps: &CrateDeps, advisory_db: Option<Arc<Database>>) -> DependencyAnalyzer {
DependencyAnalyzer {
deps: AnalyzedDependencies::new(deps),
advisory_db,
@ -24,7 +24,7 @@ impl DependencyAnalyzer {
name: &CrateName,
dep: &mut AnalyzedDependency,
ver: &Version,
advisory_db: Option<&AdvisoryDatabase>,
advisory_db: Option<&Database>,
) {
if dep.required.matches(&ver) {
if let Some(ref mut current_latest_that_matches) = dep.latest_that_matches {
@ -35,8 +35,12 @@ impl DependencyAnalyzer {
dep.latest_that_matches = Some(ver.clone());
}
let name: rustsec::cargo_lock::Name = name.as_ref().parse().unwrap();
let version: rustsec::cargo_lock::Version = ver.to_string().parse().unwrap();
let query = Query::new().package_version(name, version);
if !advisory_db
.map(|db| db.find_vulns_for_crate(name.as_ref(), ver).is_empty())
.map(|db| db.query(&query).is_empty())
.unwrap_or(true)
{
dep.insecure = true;
@ -90,8 +94,9 @@ impl DependencyAnalyzer {
#[cfg(test)]
mod tests {
use super::DependencyAnalyzer;
use models::crates::{CrateDep, CrateDeps, CrateRelease};
use crate::models::crates::{CrateDep, CrateDeps, CrateRelease};
use super::*;
#[test]
fn tracks_latest_without_matching() {

View file

@ -118,8 +118,9 @@ mod tests {
use relative_path::RelativePath;
use semver::VersionReq;
use super::ManifestCrawler;
use models::crates::CrateDep;
use crate::models::crates::CrateDep;
use super::*;
#[test]
fn simple_package_manifest() {

View file

@ -12,7 +12,7 @@ use hyper::Client;
use hyper_tls::HttpsConnector;
use once_cell::sync::Lazy;
use relative_path::{RelativePath, RelativePathBuf};
use rustsec::db::AdvisoryDatabase;
use rustsec::database::Database;
use semver::VersionReq;
use slog::Logger;
use tokio_service::Service;
@ -237,7 +237,7 @@ impl Engine {
.call((repo_path.clone(), manifest_path))
}
fn fetch_advisory_db(&self) -> impl Future<Item = Arc<AdvisoryDatabase>, Error = Error> {
fn fetch_advisory_db(&self) -> impl Future<Item = Arc<Database>, Error = Error> {
self.fetch_advisory_db
.call(())
.from_err()

View file

@ -2,10 +2,10 @@ use std::str;
use std::sync::Arc;
use anyhow::{anyhow, ensure, Error};
use futures::{future, Future, IntoFuture, Stream};
use futures::{future, future::done, Future, IntoFuture, Stream};
use hyper::{Error as HyperError, Method, Request, Response};
use rustsec::db::AdvisoryDatabase;
use rustsec::ADVISORY_DB_URL;
use rustsec::database::Database;
use rustsec::repository::DEFAULT_URL;
use tokio_service::Service;
#[derive(Debug, Clone)]
@ -17,35 +17,59 @@ where
S::Future: 'static,
{
type Request = ();
type Response = Arc<AdvisoryDatabase>;
type Response = Arc<Database>;
type Error = Error;
type Future = Box<dyn Future<Item = Self::Response, Error = Self::Error>>;
fn call(&self, _req: ()) -> Self::Future {
let service = self.0.clone();
let uri_future = ADVISORY_DB_URL.parse().into_future().from_err();
Box::new(done(
rustsec::Database::fetch()
.map(|db| Arc::new(db))
.map_err(|err| anyhow!("err fetching rustsec DB")),
))
}
}
Box::new(uri_future.and_then(move |uri| {
let request = Request::new(Method::Get, uri);
// #[derive(Debug, Clone)]
// pub struct FetchAdvisoryDatabase<S>(pub S);
service.call(request).from_err().and_then(|response| {
let status = response.status();
if !status.is_success() {
future::Either::A(future::err(anyhow!(
"Status code {} when fetching advisory db",
status
)))
} else {
let body_future = response.body().concat2().from_err();
let decode_future = body_future.and_then(|body| {
Ok(Arc::new(AdvisoryDatabase::from_toml(str::from_utf8(
&body,
)?)?))
});
future::Either::B(decode_future)
}
})
}))
}
}
// impl<S> Service for FetchAdvisoryDatabase<S>
// where
// S: Service<Request = Request, Response = Response, Error = HyperError> + Clone + 'static,
// S::Future: 'static,
// {
// type Request = ();
// type Response = Arc<Database>;
// type Error = Error;
// type Future = Box<dyn Future<Item = Self::Response, Error = Self::Error>>;
// fn call(&self, _req: ()) -> Self::Future {
// let service = self.0.clone();
// let uri_future = DEFAULT_URL.parse().into_future().from_err();
// Box::new(uri_future.and_then(move |uri| {
// let request = Request::new(Method::Get, uri);
// service.call(request).from_err().and_then(|response| {
// let status = response.status();
// if !status.is_success() {
// future::Either::A(future::err(anyhow!(
// "Status code {} when fetching advisory db",
// status
// )))
// } else {
// let body_future = response.body().concat2().from_err();
// let decode_future = body_future.and_then(|body| {
// Ok(Arc::new(Database::from_toml(str::from_utf8(
// &body,
// )?)?))
// });
// future::Either::B(decode_future)
// }
// })
// }))
// }
// }

View file

@ -138,8 +138,9 @@ pub fn parse_manifest_toml(input: &str) -> Result<CrateManifest, Error> {
#[cfg(test)]
mod tests {
use super::parse_manifest_toml;
use models::crates::CrateManifest;
use crate::models::crates::CrateManifest;
use super::*;
#[test]
fn parse_workspace_without_members_declaration() {