From 2e6b09293e85f86c70a19247dba88cf77ce60bb6 Mon Sep 17 00:00:00 2001 From: kalvinparker <106995826+kalvinparker@users.noreply.github.com> Date: Thu, 13 Nov 2025 11:57:11 +0000 Subject: [PATCH] Add audit output files and update dependencies - Created new output files for OpenID build and deny logs. - Added JSON and text output for reqwest tree post native. - Implemented upgrade logs and error handling for build and deny processes. - Updated webauthn and webpki dependency trees in respective output files. - Addressed license rejection issues in upgrade process. - Included error logs for webauthn search and webpki tree post native. --- docker/audit/exp/patch_and_run.sh | 18 + docker/audit/exp/reqwest_native_exp.sh | 16 + docker/audit/output/ar_exp.done | 1 + docker/audit/output/deny_ar_update.err | 2 + docker/audit/output/deny_ar_update.json | 0 docker/audit/output/deny_let_update.err | 1 + docker/audit/output/deny_let_update.json | 0 docker/audit/output/deny_licenses.err | 2 + docker/audit/output/deny_licenses.json | 0 docker/audit/output/deny_licenses_exp.err | 8 + docker/audit/output/deny_licenses_exp.json | 0 docker/audit/output/deny_reqwest_native.err | 2 + docker/audit/output/deny_reqwest_native.json | 0 docker/audit/output/deny_with_allow.done | 1 + docker/audit/output/deny_with_allow.err | 1 + docker/audit/output/deny_with_allow.json | 0 docker/audit/output/exp.done | 1 + docker/audit/output/let_exp.done | 1 + docker/audit/output/metadata.err | 6 + docker/audit/output/metadata.json | 1 + docker/audit/output/native.done | 1 + docker/audit/output/native.log | 2 + docker/audit/output/native_build.err | 305 +++++++++++++++++ docker/audit/output/native_build.out | 0 docker/audit/output/native_deny.err | 8 + docker/audit/output/native_deny.json | 0 docker/audit/output/openid.done | 1 + docker/audit/output/openid_build.err | 302 +++++++++++++++++ docker/audit/output/openid_build.out | 0 docker/audit/output/openid_deny.err | 2 + docker/audit/output/openid_deny.json | 0 docker/audit/output/req_exp.done | 1 + .../audit/output/reqwest-tree_post_native.err | 0 .../audit/output/reqwest-tree_post_native.txt | 9 + docker/audit/output/upgrade.done | 1 + docker/audit/output/upgrade.log | 4 + docker/audit/output/upgrade_build.err | 309 ++++++++++++++++++ docker/audit/output/upgrade_build.out | 0 docker/audit/output/upgrade_deny.err | 8 + docker/audit/output/upgrade_deny.json | 0 docker/audit/output/webauthn_search.err | 7 + docker/audit/output/webauthn_search.txt | 9 + .../audit/output/webpki-tree_post_native.err | 0 .../audit/output/webpki-tree_post_native.txt | 12 + docker/audit/run-audit.ps1 | 42 +-- 45 files changed, 1055 insertions(+), 29 deletions(-) create mode 100644 docker/audit/exp/patch_and_run.sh create mode 100644 docker/audit/exp/reqwest_native_exp.sh create mode 100644 docker/audit/output/ar_exp.done create mode 100644 docker/audit/output/deny_ar_update.err create mode 100644 docker/audit/output/deny_ar_update.json create mode 100644 docker/audit/output/deny_let_update.err create mode 100644 docker/audit/output/deny_let_update.json create mode 100644 docker/audit/output/deny_licenses.err create mode 100644 docker/audit/output/deny_licenses.json create mode 100644 docker/audit/output/deny_licenses_exp.err create mode 100644 docker/audit/output/deny_licenses_exp.json create mode 100644 docker/audit/output/deny_reqwest_native.err create mode 100644 docker/audit/output/deny_reqwest_native.json create mode 100644 docker/audit/output/deny_with_allow.done create mode 100644 docker/audit/output/deny_with_allow.err create mode 100644 docker/audit/output/deny_with_allow.json create mode 100644 docker/audit/output/exp.done create mode 100644 docker/audit/output/let_exp.done create mode 100644 docker/audit/output/metadata.err create mode 100644 docker/audit/output/metadata.json create mode 100644 docker/audit/output/native.done create mode 100644 docker/audit/output/native.log create mode 100644 docker/audit/output/native_build.err create mode 100644 docker/audit/output/native_build.out create mode 100644 docker/audit/output/native_deny.err create mode 100644 docker/audit/output/native_deny.json create mode 100644 docker/audit/output/openid.done create mode 100644 docker/audit/output/openid_build.err create mode 100644 docker/audit/output/openid_build.out create mode 100644 docker/audit/output/openid_deny.err create mode 100644 docker/audit/output/openid_deny.json create mode 100644 docker/audit/output/req_exp.done create mode 100644 docker/audit/output/reqwest-tree_post_native.err create mode 100644 docker/audit/output/reqwest-tree_post_native.txt create mode 100644 docker/audit/output/upgrade.done create mode 100644 docker/audit/output/upgrade.log create mode 100644 docker/audit/output/upgrade_build.err create mode 100644 docker/audit/output/upgrade_build.out create mode 100644 docker/audit/output/upgrade_deny.err create mode 100644 docker/audit/output/upgrade_deny.json create mode 100644 docker/audit/output/webauthn_search.err create mode 100644 docker/audit/output/webauthn_search.txt create mode 100644 docker/audit/output/webpki-tree_post_native.err create mode 100644 docker/audit/output/webpki-tree_post_native.txt diff --git a/docker/audit/exp/patch_and_run.sh b/docker/audit/exp/patch_and_run.sh new file mode 100644 index 00000000..bc1c00e0 --- /dev/null +++ b/docker/audit/exp/patch_and_run.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash +set -euo pipefail + +# Safe copy of workspace +cp -a /workspace /tmp/wrk_copy +cd /tmp/wrk_copy + +# Try bumping webauthn-rs to 0.6 in the copy (non-destructive) +perl -0777 -pe 's/webauthn-rs\s*=\s*"[^"]+"/webauthn-rs = "0.6"/g' -i Cargo.toml || true + +# Attempt to update that package only +/usr/local/cargo/bin/cargo update -p webauthn-rs || true + +# Run cargo-deny licenses check and capture outputs +/usr/local/cargo/bin/cargo deny --manifest-path Cargo.toml --format json check licenses > /tmp/deny_licenses.json 2>/tmp/deny_licenses.err || true + +# Record done marker +echo done > /tmp/exp.done diff --git a/docker/audit/exp/reqwest_native_exp.sh b/docker/audit/exp/reqwest_native_exp.sh new file mode 100644 index 00000000..e2209d25 --- /dev/null +++ b/docker/audit/exp/reqwest_native_exp.sh @@ -0,0 +1,16 @@ +#!/usr/bin/env bash +set -euo pipefail + +cp -a /workspace /tmp/wrk_req +cd /tmp/wrk_req + +# Replace rustls features to prefer native-tls in reqwest (simple approach editing Cargo.toml) +perl -0777 -pe 's/reqwest\s*=\s*"[^"]+"/reqwest = "0.12.24"/g' -i Cargo.toml || true +# Remove rustls-tls feature and add tls = "native-tls" where features are specified +perl -0777 -pe 's/rustls-tls/native-tls/g' -i Cargo.toml || true + +# Attempt to update reqwest and run cargo-deny licenses in the copied workspace +/usr/local/cargo/bin/cargo update -p reqwest || true +/usr/local/cargo/bin/cargo deny --manifest-path Cargo.toml --format json check licenses > /tmp/deny_reqwest_native.json 2>/tmp/deny_reqwest_native.err || true + +echo done > /tmp/req_exp.done diff --git a/docker/audit/output/ar_exp.done b/docker/audit/output/ar_exp.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/ar_exp.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/deny_ar_update.err b/docker/audit/output/deny_ar_update.err new file mode 100644 index 00000000..a56cf83b --- /dev/null +++ b/docker/audit/output/deny_ar_update.err @@ -0,0 +1,2 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":1,"helps":536,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_ar_update.json b/docker/audit/output/deny_ar_update.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/deny_let_update.err b/docker/audit/output/deny_let_update.err new file mode 100644 index 00000000..d2e8bb67 --- /dev/null +++ b/docker/audit/output/deny_let_update.err @@ -0,0 +1 @@ +{"fields":{"licenses":{"errors":0,"helps":537,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_let_update.json b/docker/audit/output/deny_let_update.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/deny_licenses.err b/docker/audit/output/deny_licenses.err new file mode 100644 index 00000000..a56cf83b --- /dev/null +++ b/docker/audit/output/deny_licenses.err @@ -0,0 +1,2 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":1,"helps":536,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_licenses.json b/docker/audit/output/deny_licenses.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/deny_licenses_exp.err b/docker/audit/output/deny_licenses_exp.err new file mode 100644 index 00000000..c1ac372f --- /dev/null +++ b/docker/audit/output/deny_licenses_exp.err @@ -0,0 +1,8 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"base64urlsafedata","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true}]}]}],"labels":[{"column":12,"line":35,"message":"","span":"MPL-2.0"},{"column":12,"line":35,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":30,"message":"","span":"MPL-2.0"},{"column":12,"line":30,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}],"labels":[{"column":12,"line":39,"message":"","span":"MPL-2.0"},{"column":12,"line":39,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webpki-roots","version":"1.0.3"},"parents":[{"Krate":{"name":"hyper-rustls","version":"0.27.7"},"parents":[{"Krate":{"name":"reqwest","version":"0.12.24"},"parents":[{"Krate":{"name":"oauth2","version":"5.0.0"},"parents":[{"Krate":{"name":"openidconnect","version":"4.0.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]},{"Krate":{"name":"opendal","version":"0.54.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]},{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"yubico_ng","version":"0.14.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"reqwest","version":"0.12.24"},"repeat":true}]}],"labels":[{"column":12,"line":26,"message":"","span":"CDLA-Permissive-2.0"},{"column":12,"line":26,"message":"rejected: license is not explicitly allowed","span":"CDLA-Permissive-2.0"}],"message":"failed to satisfy license requirements","notes":["CDLA-Permissive-2.0 - Community Data License Agreement Permissive 2.0:"," - No additional metadata available for license"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":7,"helps":530,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_licenses_exp.json b/docker/audit/output/deny_licenses_exp.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/deny_reqwest_native.err b/docker/audit/output/deny_reqwest_native.err new file mode 100644 index 00000000..a56cf83b --- /dev/null +++ b/docker/audit/output/deny_reqwest_native.err @@ -0,0 +1,2 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":1,"helps":536,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_reqwest_native.json b/docker/audit/output/deny_reqwest_native.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/deny_with_allow.done b/docker/audit/output/deny_with_allow.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/deny_with_allow.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/deny_with_allow.err b/docker/audit/output/deny_with_allow.err new file mode 100644 index 00000000..d2e8bb67 --- /dev/null +++ b/docker/audit/output/deny_with_allow.err @@ -0,0 +1 @@ +{"fields":{"licenses":{"errors":0,"helps":537,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/deny_with_allow.json b/docker/audit/output/deny_with_allow.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/exp.done b/docker/audit/output/exp.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/exp.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/let_exp.done b/docker/audit/output/let_exp.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/let_exp.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/metadata.err b/docker/audit/output/metadata.err new file mode 100644 index 00000000..de414adb --- /dev/null +++ b/docker/audit/output/metadata.err @@ -0,0 +1,6 @@ +info: syncing channel updates for '1.91.0-x86_64-unknown-linux-gnu' +info: latest update on 2025-10-30, rust version 1.91.0 (f8297e351 2025-10-28) +info: downloading component 'clippy' +info: downloading component 'rustfmt' +info: installing component 'clippy' +info: installing component 'rustfmt' diff --git a/docker/audit/output/metadata.json b/docker/audit/output/metadata.json new file mode 100644 index 00000000..df982e3b --- /dev/null +++ b/docker/audit/output/metadata.json @@ -0,0 +1 @@ +{"packages":[{"name":"macros","version":"0.1.0","id":"path+file:///workspace/macros#0.1.0","license":"AGPL-3.0-only","license_file":null,"description":null,"source":null,"dependencies":[{"name":"quote","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.0.41","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"syn","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.0.108","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null}],"targets":[{"kind":["proc-macro"],"crate_types":["proc-macro"],"name":"macros","src_path":"/workspace/macros/src/lib.rs","edition":"2021","doc":true,"doctest":true,"test":true}],"features":{},"manifest_path":"/workspace/macros/Cargo.toml","metadata":null,"publish":[],"authors":[],"categories":[],"keywords":[],"readme":null,"repository":"https://github.com/dani-garcia/vaultwarden","homepage":null,"documentation":null,"edition":"2021","links":null,"default_run":null,"rust_version":"1.89.0"},{"name":"vaultwarden","version":"1.0.0","id":"path+file:///workspace#vaultwarden@1.0.0","license":"AGPL-3.0-only","license_file":null,"description":null,"source":null,"dependencies":[{"name":"anyhow","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.0.100","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"argon2","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"aws-config","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.8.8","kind":null,"rename":null,"optional":true,"uses_default_features":false,"features":["behavior-version-latest","rt-tokio","credentials-process","sso"],"target":null,"registry":null},{"name":"aws-credential-types","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.2.8","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"aws-smithy-runtime-api","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.9.2","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"bigdecimal","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.4.9","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"bytes","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.10.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"cached","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.56.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["async"],"target":null,"registry":null},{"name":"chrono","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.4.42","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["clock","serde"],"target":null,"registry":null},{"name":"chrono-tz","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.10.4","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"cookie","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.18.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"cookie_store","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.22.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"dashmap","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^6.1.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"data-encoding","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.9.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"data-url","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.3.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"derive_more","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.0.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["from","into","as_ref","deref","display"],"target":null,"registry":null},{"name":"diesel","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.3.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["chrono","r2d2","numeric"],"target":null,"registry":null},{"name":"diesel-derive-newtype","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.1.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"diesel_migrations","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.3.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"dotenvy","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.15.7","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":[],"target":null,"registry":null},{"name":"email_address","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.2.9","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"fern","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.7.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["syslog-7","reopen-1"],"target":null,"registry":null},{"name":"futures","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.3.31","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"governor","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.10.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"grass_compiler","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.13.4","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":[],"target":null,"registry":null},{"name":"handlebars","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^6.3.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["dir_source"],"target":null,"registry":null},{"name":"hickory-resolver","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.25.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"html5gum","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.8.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"http","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.3.1","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"job_scheduler_ng","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.4.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"jsonwebtoken","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^9.3.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"lettre","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.11.19","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["smtp-transport","sendmail-transport","builder","serde","hostname","tracing","tokio1-rustls","ring","rustls-native-certs"],"target":null,"registry":null},{"name":"libsqlite3-sys","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.35.0","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":["bundled"],"target":null,"registry":null},{"name":"log","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.4.28","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"macros","source":null,"req":"*","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null,"path":"/workspace/macros"},{"name":"mimalloc","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.1.48","kind":null,"rename":null,"optional":true,"uses_default_features":false,"features":["secure"],"target":null,"registry":null},{"name":"mini-moka","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.10.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"num-derive","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.4.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"num-traits","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.2.19","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"opendal","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.54.1","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["services-fs"],"target":null,"registry":null},{"name":"openidconnect","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^4.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["reqwest","native-tls"],"target":null,"registry":null},{"name":"openssl","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.10.74","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"pastey","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.1.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"percent-encoding","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.3.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"pico-args","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"rand","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.9.2","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"regex","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.12.2","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["std","perf","unicode-perl"],"target":null,"registry":null},{"name":"reqsign","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.16.5","kind":null,"rename":null,"optional":true,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"reqwest","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.12.24","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["rustls-tls","rustls-tls-native-roots","stream","json","deflate","gzip","brotli","zstd","socks","cookies","charset","http2","system-proxy"],"target":null,"registry":null},{"name":"ring","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.17.14","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"rmpv","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"rocket","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.1","kind":null,"rename":null,"optional":false,"uses_default_features":false,"features":["tls","json"],"target":null,"registry":null},{"name":"rocket_ws","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.1.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"rpassword","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^7.4.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"semver","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.0.27","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"serde","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.0.228","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["derive"],"target":null,"registry":null},{"name":"serde_json","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.0.145","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"subtle","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.6.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"svg-hush","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.9.5","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"time","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.3.44","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"tokio","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.48.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["rt-multi-thread","fs","io-util","parking_lot","time","signal","net"],"target":null,"registry":null},{"name":"tokio-util","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.7.16","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["compat"],"target":null,"registry":null},{"name":"totp-lite","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.0.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"tracing","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.1.41","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["log"],"target":null,"registry":null},{"name":"url","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^2.5.7","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"uuid","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^1.18.1","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["v4"],"target":null,"registry":null},{"name":"webauthn-rs","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":["danger-allow-state-serialisation","danger-credential-internals"],"target":null,"registry":null},{"name":"webauthn-rs-core","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"webauthn-rs-proto","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.5.3","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"which","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^8.0.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":null,"registry":null},{"name":"yubico_ng","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^0.14.1","kind":null,"rename":"yubico","optional":false,"uses_default_features":false,"features":["online-tokio"],"target":null,"registry":null},{"name":"syslog","source":"registry+https://github.com/rust-lang/crates.io-index","req":"^7.0.0","kind":null,"rename":null,"optional":false,"uses_default_features":true,"features":[],"target":"cfg(unix)","registry":null}],"targets":[{"kind":["bin"],"crate_types":["bin"],"name":"vaultwarden","src_path":"/workspace/src/main.rs","edition":"2021","doc":true,"doctest":false,"test":true},{"kind":["custom-build"],"crate_types":["bin"],"name":"build-script-build","src_path":"/workspace/build.rs","edition":"2021","doc":false,"doctest":false,"test":false}],"features":{"default":[],"enable_mimalloc":["dep:mimalloc"],"enable_syslog":[],"mysql":["diesel/mysql","diesel_migrations/mysql"],"oidc-accept-rfc3339-timestamps":["openidconnect/accept-rfc3339-timestamps"],"oidc-accept-string-booleans":["openidconnect/accept-string-booleans"],"postgresql":["diesel/postgres","diesel_migrations/postgres"],"s3":["opendal/services-s3","dep:aws-config","dep:aws-credential-types","dep:aws-smithy-runtime-api","dep:anyhow","dep:http","dep:reqsign"],"sqlite":["diesel/sqlite","diesel_migrations/sqlite","dep:libsqlite3-sys"],"unstable":[],"vendored_openssl":["openssl/vendored"]},"manifest_path":"/workspace/Cargo.toml","metadata":null,"publish":[],"authors":["Daniel García "],"categories":[],"keywords":[],"readme":"README.md","repository":"https://github.com/dani-garcia/vaultwarden","homepage":null,"documentation":null,"edition":"2021","links":null,"default_run":null,"rust_version":"1.89.0"}],"workspace_members":["path+file:///workspace/macros#0.1.0","path+file:///workspace#vaultwarden@1.0.0"],"workspace_default_members":["path+file:///workspace#vaultwarden@1.0.0"],"resolve":null,"target_directory":"/workspace/target","build_directory":"/workspace/target","version":1,"workspace_root":"/workspace","metadata":null} diff --git a/docker/audit/output/native.done b/docker/audit/output/native.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/native.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/native.log b/docker/audit/output/native.log new file mode 100644 index 00000000..447319ce --- /dev/null +++ b/docker/audit/output/native.log @@ -0,0 +1,2 @@ +starting native-tls experiment +cargo update done diff --git a/docker/audit/output/native_build.err b/docker/audit/output/native_build.err new file mode 100644 index 00000000..70f37141 --- /dev/null +++ b/docker/audit/output/native_build.err @@ -0,0 +1,305 @@ + Downloading crates ... + Downloaded foreign-types v0.3.2 + Downloaded darling_macro v0.20.11 + Downloaded alloc-stdlib v0.2.2 + Downloaded base64urlsafedata v0.5.3 + Downloaded asn1-rs-impl v0.2.0 + Downloaded alloc-no-stdlib v2.0.4 + Downloaded event-listener-strategy v0.5.4 + Downloaded async-stream-impl v0.3.6 + Downloaded email-encoding v0.4.1 + Downloaded futures-timer v3.0.3 + Downloaded devise_codegen v0.4.2 + Downloaded dsl_auto_type v0.2.0 + Downloaded event-listener v2.5.3 + Downloaded dyn-clone v1.0.20 + Downloaded futures-executor v0.3.31 + Downloaded hyper-tls v0.6.0 + Downloaded group v0.13.0 + Downloaded hostname v0.4.1 + Downloaded futures-macro v0.3.31 + Downloaded rand_core v0.6.4 + Downloaded data-url v0.3.2 + Downloaded dashmap v5.5.3 + Downloaded rand_chacha v0.3.1 + Downloaded blake2 v0.10.6 + Downloaded futures v0.3.31 + Downloaded hmac v0.12.1 + Downloaded cookie v0.18.1 + Downloaded base64 v0.21.7 + Downloaded iana-time-zone v0.1.64 + Downloaded rocket_ws v0.1.1 + Downloaded rfc6979 v0.4.0 + Downloaded resolv-conf v0.7.5 + Downloaded derive_more v2.0.1 + Downloaded rustls-pemfile v1.0.4 + Downloaded darling_core v0.21.3 + Downloaded serde-value v0.7.0 + Downloaded bigdecimal v0.4.9 + Downloaded sec1 v0.7.3 + Downloaded diesel_derives v2.3.4 + Downloaded siphasher v1.0.1 + Downloaded simple_asn1 v0.6.3 + Downloaded totp-lite v2.0.1 + Downloaded serde_with_macros v3.15.1 + Downloaded async-std v1.13.2 + Downloaded webauthn-attestation-ca v0.5.3 + Downloaded webauthn-rs-proto v0.5.3 + Downloaded webauthn-rs v0.5.3 + Downloaded schemars v0.9.0 + Downloaded yubico_ng v0.14.1 + Downloaded value-bag v1.11.1 + Downloaded rpassword v7.4.0 + Downloaded yansi v1.0.1 + Downloaded curve25519-dalek v4.1.3 + Downloaded r2d2 v0.8.10 + Downloaded pem-rfc7468 v0.7.0 + Downloaded winnow v0.6.26 + Downloaded rustls v0.21.12 + Downloaded web-time v1.1.0 + Downloaded syn v2.0.110 + Downloaded uncased v0.9.10 + Downloaded tagptr v0.2.0 + Downloaded hickory-resolver v0.25.2 + Downloaded zerocopy-derive v0.8.27 + Downloaded x509-parser v0.16.0 + Downloaded psm v0.1.28 + Downloaded webauthn-rs-core v0.5.3 + Downloaded pest_derive v2.8.3 + Downloaded indexmap v1.9.3 + Downloaded litrs v1.0.0 + Downloaded vcpkg v0.2.15 + Downloaded which v8.0.0 + Downloaded publicsuffix v2.3.0 + Downloaded oauth2 v5.0.0 + Downloaded num-bigint v0.4.6 + Downloaded grass_compiler v0.13.4 + Downloaded pest v2.8.3 + Downloaded num-bigint-dig v0.8.5 + Downloaded openidconnect v4.0.1 + Downloaded rustls-webpki v0.101.7 + Downloaded quick-xml v0.38.3 + Downloaded portable-atomic v1.11.1 + Downloaded p384 v0.13.1 + Downloaded object v0.32.2 + Downloaded lettre v0.11.19 + Downloaded openssl v0.10.75 + Downloaded moka v0.12.11 + Downloaded hyper v0.14.32 + Downloaded hickory-proto v0.25.2 + Downloaded itertools v0.10.5 + Downloaded nom v8.0.0 + Downloaded nom v7.1.3 + Downloaded libm v0.2.15 + Downloaded minimal-lexical v0.2.1 + Downloaded hkdf v0.12.4 + Downloaded governor v0.10.1 + Downloaded lasso v0.7.3 + Downloaded hashbrown v0.14.5 + Downloaded p256 v0.13.2 + Downloaded mini-moka v0.10.3 + Downloaded jsonwebtoken v9.3.1 + Downloaded hashbrown v0.12.3 + Downloaded ucd-trie v0.1.7 + Downloaded polling v3.11.0 + Downloaded num-modular v0.6.1 + Downloaded native-tls v0.2.14 + Downloaded pest_generator v2.8.3 + Downloaded openssl-sys v0.9.111 + Downloaded chrono-tz v0.10.4 + Downloaded brotli v8.0.2 + Downloaded http v0.2.12 + Downloaded html5gum v0.8.0 + Downloaded handlebars v6.3.2 + Downloaded pkcs8 v0.10.2 + Downloaded pkcs1 v0.7.5 + Downloaded pest_meta v2.8.3 + Downloaded num-order v1.2.0 + Downloaded opendal v0.54.1 + Downloaded multer v3.1.0 + Downloaded diesel v2.3.3 + Downloaded jetscii v0.5.3 + Downloaded thiserror-impl v1.0.69 + Downloaded thiserror v1.0.69 + Downloaded quoted_printable v0.5.1 + Downloaded pico-args v0.5.0 + Downloaded phf_shared v0.11.3 + Downloaded phf_generator v0.11.3 + Downloaded phf v0.11.3 + Downloaded pear v0.2.9 + Downloaded oid-registry v0.7.1 + Downloaded num_cpus v1.17.0 + Downloaded num-iter v0.1.45 + Downloaded num-integer v0.1.46 + Downloaded num-derive v0.4.2 + Downloaded migrations_macros v2.3.0 + Downloaded md-5 v0.10.6 + Downloaded kv-log-macro v1.0.7 + Downloaded job_scheduler_ng v2.4.0 + Downloaded rocket v0.5.1 + Downloaded primeorder v0.13.6 + Downloaded phf_macros v0.11.3 + Downloaded phf v0.12.1 + Downloaded pem v3.0.6 + Downloaded nonzero_ext v0.3.0 + Downloaded serde_with v3.15.1 + Downloaded proc-macro2-diagnostics v0.10.1 + Downloaded chrono v0.4.42 + Downloaded half v2.7.1 + Downloaded rocket_codegen v0.5.1 + Downloaded raw-cpuid v11.6.0 + Downloaded uuid v1.18.1 + Downloaded tungstenite v0.21.0 + Downloaded schemars v1.1.0 + Downloaded brotli-decompressor v5.0.0 + Downloaded xml-rs v0.8.28 + Downloaded tokio-tungstenite v0.21.0 + Downloaded tokio-stream v0.1.17 + Downloaded threadpool v1.8.1 + Downloaded rsa v0.9.8 + Downloaded piper v0.2.4 + Downloaded state v0.6.0 + Downloaded rocket_http v0.5.1 + Downloaded ubyte v0.10.4 + Downloaded triomphe v0.1.15 + Downloaded tokio-native-tls v0.3.1 + Downloaded tokio-macros v2.6.0 + Downloaded spinning_top v0.3.0 + Downloaded spin v0.9.8 + Downloaded socket2 v0.5.10 + Downloaded sct v0.7.1 + Downloaded openssl-macros v0.1.1 + Downloaded num_threads v0.1.7 + Downloaded is-terminal v0.4.17 + Downloaded ed25519-dalek v2.2.0 + Downloaded utf-8 v0.7.6 + Downloaded tokio-rustls v0.24.1 + Downloaded syslog v7.0.0 + Downloaded stable-pattern v0.1.0 + Downloaded spki v0.7.3 + Downloaded serde_cbor_2 v0.13.0 + Downloaded quick-error v2.0.1 + Downloaded quanta v0.12.6 + Downloaded password-hash v0.5.0 + Downloaded migrations_internals v2.3.0 + Downloaded inlinable_string v0.1.15 + Downloaded svg-hush v0.9.5 + Downloaded stacker v0.1.22 + Downloaded pastey v0.1.1 + Downloaded ordered-float v2.10.1 + Downloaded signature v2.2.0 + Downloaded serde_plain v1.0.2 + Downloaded serde_path_to_error v0.1.20 + Downloaded chumsky v0.9.3 + Downloaded scheduled-thread-pool v0.2.7 + Downloaded rusticata-macros v4.1.0 + Downloaded rustc_version v0.4.1 + Downloaded rtoolbox v0.0.3 + Downloaded rmpv v1.3.0 + Downloaded rand v0.8.5 + Downloaded psl-types v2.0.11 + Downloaded phf_shared v0.12.1 + Downloaded pear_codegen v0.2.9 + Downloaded parking v2.2.1 + Downloaded async-compression v0.4.33 + Downloaded asn1-rs v0.6.2 + Downloaded reopen v1.0.3 + Downloaded ref-cast-impl v1.0.25 + Downloaded ref-cast v1.0.25 + Downloaded derive_more-impl v2.0.1 + Downloaded der v0.7.10 + Downloaded crypto-bigint v0.5.5 + Downloaded figment v0.10.19 + Downloaded elliptic-curve v0.13.8 + Downloaded der-parser v9.0.0 + Downloaded darling_core v0.20.11 + Downloaded cached v0.56.0 + Downloaded event-listener v5.4.1 + Downloaded darling v0.20.11 + Downloaded const-oid v0.9.6 + Downloaded hex v0.4.3 + Downloaded ed25519 v2.2.3 + Downloaded cookie_store v0.22.0 + Downloaded compression-codecs v0.4.32 + Downloaded downcast-rs v2.0.2 + Downloaded derive_builder_core v0.20.2 + Downloaded cookie_store v0.21.1 + Downloaded ff v0.13.1 + Downloaded darling v0.21.3 + Downloaded async-io v2.6.0 + Downloaded ahash v0.8.12 + Downloaded email_address v0.2.9 + Downloaded concurrent-queue v2.5.0 + Downloaded async-trait v0.1.89 + Downloaded async-process v2.5.0 + Downloaded glob v0.3.3 + Downloaded enum-as-inner v0.6.1 + Downloaded document-features v0.2.12 + Downloaded diesel_migrations v2.3.0 + Downloaded devise_core v0.4.2 + Downloaded devise v0.4.2 + Downloaded data-encoding v2.9.0 + Downloaded curve25519-dalek-derive v0.1.1 + Downloaded cron v0.15.0 + Downloaded cached_proc_macro v0.25.0 + Downloaded httpdate v1.0.3 + Downloaded http-body v0.4.6 + Downloaded futures-lite v2.6.1 + Downloaded dotenvy v0.15.7 + Downloaded diesel_table_macro_syntax v0.3.0 + Downloaded critical-section v1.2.0 + Downloaded codemap v0.1.3 + Downloaded base16ct v0.2.0 + Downloaded atomic v0.5.3 + Downloaded async-global-executor v2.4.1 + Downloaded async-channel v2.5.0 + Downloaded asn1-rs-derive v0.5.1 + Downloaded foreign-types-shared v0.1.1 + Downloaded ecdsa v0.16.9 + Downloaded derive_builder v0.20.2 + Downloaded backon v1.6.0 + Downloaded async-stream v0.3.6 + Downloaded async-signal v0.2.13 + Downloaded async-lock v3.4.1 + Downloaded diesel-derive-newtype v2.1.2 + Downloaded compression-core v0.4.30 + Downloaded cached_proc_macro_types v0.1.1 + Downloaded darling_macro v0.21.3 + Downloaded ar_archive_writer v0.2.0 + Downloaded derive_builder_macro v0.20.2 + Downloaded dashmap v6.1.0 + Downloaded blocking v1.6.2 + Downloaded base64ct v1.8.0 + Downloaded env_home v0.1.0 + Downloaded binascii v0.1.4 + Downloaded async-task v4.7.1 + Downloaded async-executor v1.13.3 + Downloaded async-channel v1.9.0 + Downloaded argon2 v0.5.3 + Compiling proc-macro2 v1.0.103 + Compiling unicode-ident v1.0.22 + Compiling quote v1.0.42 + Compiling libc v0.2.177 + Compiling cfg-if v1.0.4 + Compiling version_check v0.9.5 + Compiling serde_core v1.0.228 + Compiling memchr v2.7.6 + Compiling smallvec v1.15.1 + Compiling find-msvc-tools v0.1.4 + Compiling shlex v1.3.0 + Compiling serde v1.0.228 + Compiling pin-project-lite v0.2.16 + Compiling itoa v1.0.15 + Compiling zeroize v1.8.2 + Compiling portable-atomic v1.11.1 +error: linker `cc` not found + | + = note: No such file or directory (os error 2) + +error: could not compile `serde` (build script) due to 1 previous error +warning: build failed, waiting for other jobs to finish... +error: could not compile `proc-macro2` (build script) due to 1 previous error +error: could not compile `quote` (build script) due to 1 previous error +error: could not compile `serde_core` (build script) due to 1 previous error +error: could not compile `libc` (build script) due to 1 previous error +error: could not compile `portable-atomic` (build script) due to 1 previous error diff --git a/docker/audit/output/native_build.out b/docker/audit/output/native_build.out new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/native_deny.err b/docker/audit/output/native_deny.err new file mode 100644 index 00000000..554f1ffb --- /dev/null +++ b/docker/audit/output/native_deny.err @@ -0,0 +1,8 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"base64urlsafedata","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true}]}]}],"labels":[{"column":12,"line":35,"message":"","span":"MPL-2.0"},{"column":12,"line":35,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":30,"message":"","span":"MPL-2.0"},{"column":12,"line":30,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}],"labels":[{"column":12,"line":39,"message":"","span":"MPL-2.0"},{"column":12,"line":39,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webpki-roots","version":"1.0.4"},"parents":[{"Krate":{"name":"hyper-rustls","version":"0.27.7"},"parents":[{"Krate":{"name":"reqwest","version":"0.12.24"},"parents":[{"Krate":{"name":"oauth2","version":"5.0.0"},"parents":[{"Krate":{"name":"openidconnect","version":"4.0.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]},{"Krate":{"name":"opendal","version":"0.54.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]},{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"yubico_ng","version":"0.14.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"reqwest","version":"0.12.24"},"repeat":true}]}],"labels":[{"column":12,"line":26,"message":"","span":"CDLA-Permissive-2.0"},{"column":12,"line":26,"message":"rejected: license is not explicitly allowed","span":"CDLA-Permissive-2.0"}],"message":"failed to satisfy license requirements","notes":["CDLA-Permissive-2.0 - Community Data License Agreement Permissive 2.0:"," - No additional metadata available for license"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":7,"helps":530,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/native_deny.json b/docker/audit/output/native_deny.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/openid.done b/docker/audit/output/openid.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/openid.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/openid_build.err b/docker/audit/output/openid_build.err new file mode 100644 index 00000000..a50e77d0 --- /dev/null +++ b/docker/audit/output/openid_build.err @@ -0,0 +1,302 @@ + Downloading crates ... + Downloaded ar_archive_writer v0.2.0 + Downloaded futures-timer v3.0.3 + Downloaded codemap v0.1.3 + Downloaded futures-lite v2.6.1 + Downloaded derive_builder_macro v0.20.2 + Downloaded data-url v0.3.2 + Downloaded diesel_table_macro_syntax v0.3.0 + Downloaded dsl_auto_type v0.2.0 + Downloaded kv-log-macro v1.0.7 + Downloaded jsonwebtoken v9.3.1 + Downloaded mini-moka v0.10.3 + Downloaded migrations_internals v2.3.0 + Downloaded native-tls v0.2.14 + Downloaded nonzero_ext v0.3.0 + Downloaded migrations_macros v2.3.0 + Downloaded hex v0.4.3 + Downloaded hyper-tls v0.6.0 + Downloaded async-global-executor v2.4.1 + Downloaded data-encoding v2.9.0 + Downloaded indexmap v1.9.3 + Downloaded md-5 v0.10.6 + Downloaded glob v0.3.3 + Downloaded hmac v0.12.1 + Downloaded compression-codecs v0.4.32 + Downloaded futures v0.3.31 + Downloaded multer v3.1.0 + Downloaded ff v0.13.1 + Downloaded dotenvy v0.15.7 + Downloaded futures-executor v0.3.31 + Downloaded async-compression v0.4.33 + Downloaded elliptic-curve v0.13.8 + Downloaded env_home v0.1.0 + Downloaded brotli-decompressor v5.0.0 + Downloaded dashmap v6.1.0 + Downloaded darling_core v0.21.3 + Downloaded darling_core v0.20.11 + Downloaded ref-cast-impl v1.0.25 + Downloaded ref-cast v1.0.25 + Downloaded crypto-bigint v0.5.5 + Downloaded oid-registry v0.7.1 + Downloaded pkcs8 v0.10.2 + Downloaded phf_shared v0.11.3 + Downloaded phf_macros v0.11.3 + Downloaded parking v2.2.1 + Downloaded der v0.7.10 + Downloaded num-integer v0.1.46 + Downloaded litrs v1.0.0 + Downloaded rustc_version v0.4.1 + Downloaded rustls-pemfile v1.0.4 + Downloaded rusticata-macros v4.1.0 + Downloaded sct v0.7.1 + Downloaded serde-value v0.7.0 + Downloaded async-std v1.13.2 + Downloaded thiserror-impl v1.0.69 + Downloaded tokio-macros v2.6.0 + Downloaded tokio-tungstenite v0.21.0 + Downloaded utf-8 v0.7.6 + Downloaded tungstenite v0.21.0 + Downloaded hyper v0.14.32 + Downloaded handlebars v6.3.2 + Downloaded pear v0.2.9 + Downloaded schemars v0.9.0 + Downloaded triomphe v0.1.15 + Downloaded yubico_ng v0.14.1 + Downloaded webauthn-attestation-ca v0.5.3 + Downloaded grass_compiler v0.13.4 + Downloaded web-time v1.1.0 + Downloaded uncased v0.9.10 + Downloaded minimal-lexical v0.2.1 + Downloaded rocket v0.5.1 + Downloaded portable-atomic v1.11.1 + Downloaded num-bigint v0.4.6 + Downloaded quick-error v2.0.1 + Downloaded pico-args v0.5.0 + Downloaded vcpkg v0.2.15 + Downloaded zerocopy-derive v0.8.27 + Downloaded p384 v0.13.1 + Downloaded oauth2 v5.0.0 + Downloaded webauthn-rs-core v0.5.3 + Downloaded object v0.32.2 + Downloaded hickory-proto v0.25.2 + Downloaded publicsuffix v2.3.0 + Downloaded openidconnect v4.0.1 + Downloaded num-bigint-dig v0.8.5 + Downloaded nom v8.0.0 + Downloaded moka v0.12.11 + Downloaded libm v0.2.15 + Downloaded lasso v0.7.3 + Downloaded http v0.2.12 + Downloaded html5gum v0.8.0 + Downloaded hkdf v0.12.4 + Downloaded hickory-resolver v0.25.2 + Downloaded which v8.0.0 + Downloaded webauthn-rs-proto v0.5.3 + Downloaded value-bag v1.11.1 + Downloaded totp-lite v2.0.1 + Downloaded opendal v0.54.1 + Downloaded threadpool v1.8.1 + Downloaded tagptr v0.2.0 + Downloaded syslog v7.0.0 + Downloaded syn v2.0.110 + Downloaded svg-hush v0.9.5 + Downloaded state v0.6.0 + Downloaded stacker v0.1.22 + Downloaded stable-pattern v0.1.0 + Downloaded scheduled-thread-pool v0.2.7 + Downloaded quick-xml v0.38.3 + Downloaded pest_meta v2.8.3 + Downloaded resolv-conf v0.7.5 + Downloaded openssl-sys v0.9.111 + Downloaded quanta v0.12.6 + Downloaded openssl v0.10.75 + Downloaded itertools v0.10.5 + Downloaded diesel v2.3.3 + Downloaded chrono-tz v0.10.4 + Downloaded pest v2.8.3 + Downloaded ubyte v0.10.4 + Downloaded spinning_top v0.3.0 + Downloaded schemars v1.1.0 + Downloaded rsa v0.9.8 + Downloaded rpassword v7.4.0 + Downloaded rocket_http v0.5.1 + Downloaded rocket_codegen v0.5.1 + Downloaded raw-cpuid v11.6.0 + Downloaded r2d2 v0.8.10 + Downloaded quoted_printable v0.5.1 + Downloaded psm v0.1.28 + Downloaded psl-types v2.0.11 + Downloaded proc-macro2-diagnostics v0.10.1 + Downloaded piper v0.2.4 + Downloaded phf_shared v0.12.1 + Downloaded phf v0.12.1 + Downloaded pest_generator v2.8.3 + Downloaded pest_derive v2.8.3 + Downloaded pear_codegen v0.2.9 + Downloaded yansi v1.0.1 + Downloaded xml-rs v0.8.28 + Downloaded x509-parser v0.16.0 + Downloaded winnow v0.6.26 + Downloaded webauthn-rs v0.5.3 + Downloaded uuid v1.18.1 + Downloaded serde_with_macros v3.15.1 + Downloaded serde_with v3.15.1 + Downloaded serde_plain v1.0.2 + Downloaded serde_cbor_2 v0.13.0 + Downloaded rustls v0.21.12 + Downloaded rtoolbox v0.0.3 + Downloaded rocket_ws v0.1.1 + Downloaded rmpv v1.3.0 + Downloaded rfc6979 v0.4.0 + Downloaded figment v0.10.19 + Downloaded diesel_derives v2.3.4 + Downloaded derive_more-impl v2.0.1 + Downloaded derive_more v2.0.1 + Downloaded tokio-native-tls v0.3.1 + Downloaded sec1 v0.7.3 + Downloaded rustls-webpki v0.101.7 + Downloaded lettre v0.11.19 + Downloaded pastey v0.1.1 + Downloaded password-hash v0.5.0 + Downloaded p256 v0.13.2 + Downloaded ordered-float v2.10.1 + Downloaded num_threads v0.1.7 + Downloaded num-order v1.2.0 + Downloaded num-modular v0.6.1 + Downloaded num-iter v0.1.45 + Downloaded num-derive v0.4.2 + Downloaded hashbrown v0.12.3 + Downloaded ucd-trie v0.1.7 + Downloaded tokio-stream v0.1.17 + Downloaded tokio-rustls v0.24.1 + Downloaded nom v7.1.3 + Downloaded hashbrown v0.14.5 + Downloaded governor v0.10.1 + Downloaded rand v0.8.5 + Downloaded iana-time-zone v0.1.64 + Downloaded cached v0.56.0 + Downloaded brotli v8.0.2 + Downloaded bigdecimal v0.4.9 + Downloaded reopen v1.0.3 + Downloaded pem-rfc7468 v0.7.0 + Downloaded num_cpus v1.17.0 + Downloaded half v2.7.1 + Downloaded chumsky v0.9.3 + Downloaded thiserror v1.0.69 + Downloaded spki v0.7.3 + Downloaded spin v0.9.8 + Downloaded socket2 v0.5.10 + Downloaded siphasher v1.0.1 + Downloaded simple_asn1 v0.6.3 + Downloaded signature v2.2.0 + Downloaded serde_path_to_error v0.1.20 + Downloaded primeorder v0.13.6 + Downloaded polling v3.11.0 + Downloaded phf_generator v0.11.3 + Downloaded pem v3.0.6 + Downloaded openssl-macros v0.1.1 + Downloaded event-listener v5.4.1 + Downloaded document-features v0.2.12 + Downloaded pkcs1 v0.7.5 + Downloaded phf v0.11.3 + Downloaded curve25519-dalek v4.1.3 + Downloaded ed25519-dalek v2.2.0 + Downloaded rand_core v0.6.4 + Downloaded rand_chacha v0.3.1 + Downloaded chrono v0.4.42 + Downloaded base64 v0.21.7 + Downloaded asn1-rs v0.6.2 + Downloaded dashmap v5.5.3 + Downloaded cron v0.15.0 + Downloaded critical-section v1.2.0 + Downloaded cookie v0.18.1 + Downloaded foreign-types-shared v0.1.1 + Downloaded event-listener-strategy v0.5.4 + Downloaded event-listener v2.5.3 + Downloaded email-encoding v0.4.1 + Downloaded ecdsa v0.16.9 + Downloaded compression-core v0.4.30 + Downloaded const-oid v0.9.6 + Downloaded async-lock v3.4.1 + Downloaded async-channel v2.5.0 + Downloaded async-channel v1.9.0 + Downloaded argon2 v0.5.3 + Downloaded httpdate v1.0.3 + Downloaded group v0.13.0 + Downloaded email_address v0.2.9 + Downloaded der-parser v9.0.0 + Downloaded futures-macro v0.3.31 + Downloaded enum-as-inner v0.6.1 + Downloaded ed25519 v2.2.3 + Downloaded dyn-clone v1.0.20 + Downloaded darling v0.20.11 + Downloaded base64ct v1.8.0 + Downloaded derive_builder_core v0.20.2 + Downloaded derive_builder v0.20.2 + Downloaded async-trait v0.1.89 + Downloaded darling v0.21.3 + Downloaded concurrent-queue v2.5.0 + Downloaded ahash v0.8.12 + Downloaded job_scheduler_ng v2.4.0 + Downloaded jetscii v0.5.3 + Downloaded is-terminal v0.4.17 + Downloaded inlinable_string v0.1.15 + Downloaded http-body v0.4.6 + Downloaded hostname v0.4.1 + Downloaded foreign-types v0.3.2 + Downloaded curve25519-dalek-derive v0.1.1 + Downloaded atomic v0.5.3 + Downloaded async-stream v0.3.6 + Downloaded downcast-rs v2.0.2 + Downloaded diesel_migrations v2.3.0 + Downloaded diesel-derive-newtype v2.1.2 + Downloaded devise_core v0.4.2 + Downloaded devise_codegen v0.4.2 + Downloaded devise v0.4.2 + Downloaded darling_macro v0.21.3 + Downloaded cookie_store v0.22.0 + Downloaded cookie_store v0.21.1 + Downloaded darling_macro v0.20.11 + Downloaded base16ct v0.2.0 + Downloaded async-stream-impl v0.3.6 + Downloaded asn1-rs-impl v0.2.0 + Downloaded asn1-rs-derive v0.5.1 + Downloaded alloc-stdlib v0.2.2 + Downloaded alloc-no-stdlib v2.0.4 + Downloaded cached_proc_macro_types v0.1.1 + Downloaded cached_proc_macro v0.25.0 + Downloaded blocking v1.6.2 + Downloaded blake2 v0.10.6 + Downloaded binascii v0.1.4 + Downloaded backon v1.6.0 + Downloaded base64urlsafedata v0.5.3 + Downloaded async-task v4.7.1 + Downloaded async-signal v0.2.13 + Downloaded async-process v2.5.0 + Downloaded async-io v2.6.0 + Downloaded async-executor v1.13.3 + Compiling proc-macro2 v1.0.103 + Compiling unicode-ident v1.0.22 + Compiling quote v1.0.42 + Compiling libc v0.2.177 + Compiling cfg-if v1.0.4 + Compiling version_check v0.9.5 + Compiling serde_core v1.0.228 + Compiling memchr v2.7.6 + Compiling smallvec v1.15.1 + Compiling shlex v1.3.0 + Compiling find-msvc-tools v0.1.4 + Compiling pin-project-lite v0.2.16 + Compiling serde v1.0.228 +error: linker `cc` not found + | + = note: No such file or directory (os error 2) + + Compiling itoa v1.0.15 +error: could not compile `serde_core` (build script) due to 1 previous error +warning: build failed, waiting for other jobs to finish... +error: could not compile `quote` (build script) due to 1 previous error +error: could not compile `proc-macro2` (build script) due to 1 previous error +error: could not compile `libc` (build script) due to 1 previous error +error: could not compile `serde` (build script) due to 1 previous error diff --git a/docker/audit/output/openid_build.out b/docker/audit/output/openid_build.out new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/openid_deny.err b/docker/audit/output/openid_deny.err new file mode 100644 index 00000000..a56cf83b --- /dev/null +++ b/docker/audit/output/openid_deny.err @@ -0,0 +1,2 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":1,"helps":536,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/openid_deny.json b/docker/audit/output/openid_deny.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/req_exp.done b/docker/audit/output/req_exp.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/req_exp.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/reqwest-tree_post_native.err b/docker/audit/output/reqwest-tree_post_native.err new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/reqwest-tree_post_native.txt b/docker/audit/output/reqwest-tree_post_native.txt new file mode 100644 index 00000000..840b0bea --- /dev/null +++ b/docker/audit/output/reqwest-tree_post_native.txt @@ -0,0 +1,9 @@ +reqwest v0.12.24 +├── oauth2 v5.0.0 +│ └── openidconnect v4.0.1 +│ └── vaultwarden v1.0.0 (/workspace) +├── opendal v0.54.1 +│ └── vaultwarden v1.0.0 (/workspace) +├── vaultwarden v1.0.0 (/workspace) +└── yubico_ng v0.14.1 + └── vaultwarden v1.0.0 (/workspace) diff --git a/docker/audit/output/upgrade.done b/docker/audit/output/upgrade.done new file mode 100644 index 00000000..19f86f49 --- /dev/null +++ b/docker/audit/output/upgrade.done @@ -0,0 +1 @@ +done diff --git a/docker/audit/output/upgrade.log b/docker/audit/output/upgrade.log new file mode 100644 index 00000000..6e5a1b02 --- /dev/null +++ b/docker/audit/output/upgrade.log @@ -0,0 +1,4 @@ +1: starting updates +2: updated reqwest +3: updated hyper-rustls +4: attempted webauthn update diff --git a/docker/audit/output/upgrade_build.err b/docker/audit/output/upgrade_build.err new file mode 100644 index 00000000..6293f2cd --- /dev/null +++ b/docker/audit/output/upgrade_build.err @@ -0,0 +1,309 @@ + Downloading crates ... + Downloaded async-stream-impl v0.3.6 + Downloaded alloc-stdlib v0.2.2 + Downloaded darling_macro v0.21.3 + Downloaded devise_codegen v0.4.2 + Downloaded derive_builder_macro v0.20.2 + Downloaded binascii v0.1.4 + Downloaded foreign-types-shared v0.1.1 + Downloaded blocking v1.6.2 + Downloaded async-stream v0.3.6 + Downloaded glob v0.3.3 + Downloaded futures-timer v3.0.3 + Downloaded event-listener v2.5.3 + Downloaded devise v0.4.2 + Downloaded darling_macro v0.20.11 + Downloaded diesel_table_macro_syntax v0.3.0 + Downloaded async-global-executor v2.4.1 + Downloaded inlinable_string v0.1.15 + Downloaded alloc-no-stdlib v2.0.4 + Downloaded async-channel v1.9.0 + Downloaded pear_codegen v0.2.9 + Downloaded dashmap v5.5.3 + Downloaded ff v0.13.1 + Downloaded md-5 v0.10.6 + Downloaded hyper-tls v0.6.0 + Downloaded is-terminal v0.4.17 + Downloaded async-io v2.6.0 + Downloaded num-iter v0.1.45 + Downloaded piper v0.2.4 + Downloaded rand_chacha v0.3.1 + Downloaded num_threads v0.1.7 + Downloaded ahash v0.8.12 + Downloaded futures v0.3.31 + Downloaded cookie v0.18.1 + Downloaded migrations_internals v2.3.0 + Downloaded openssl-macros v0.1.1 + Downloaded darling v0.20.11 + Downloaded rfc6979 v0.4.0 + Downloaded rustc_version v0.4.1 + Downloaded crypto-bigint v0.5.5 + Downloaded serde-value v0.7.0 + Downloaded der-parser v9.0.0 + Downloaded quick-error v2.0.1 + Downloaded psl-types v2.0.11 + Downloaded rmpv v1.3.0 + Downloaded sec1 v0.7.3 + Downloaded asn1-rs-derive v0.5.1 + Downloaded siphasher v1.0.1 + Downloaded stacker v0.1.22 + Downloaded thiserror v1.0.69 + Downloaded tokio-native-tls v0.3.1 + Downloaded syslog v7.0.0 + Downloaded signature v2.2.0 + Downloaded asn1-rs v0.6.2 + Downloaded tagptr v0.2.0 + Downloaded threadpool v1.8.1 + Downloaded serde_with_macros v3.15.1 + Downloaded ubyte v0.10.4 + Downloaded primeorder v0.13.6 + Downloaded serde_path_to_error v0.1.20 + Downloaded num-integer v0.1.46 + Downloaded sct v0.7.1 + Downloaded phf_shared v0.12.1 + Downloaded tokio-tungstenite v0.21.0 + Downloaded darling_core v0.21.3 + Downloaded rand v0.8.5 + Downloaded yubico_ng v0.14.1 + Downloaded diesel_derives v2.3.4 + Downloaded value-bag v1.11.1 + Downloaded webauthn-rs v0.5.3 + Downloaded which v8.0.0 + Downloaded utf-8 v0.7.6 + Downloaded rocket_http v0.5.1 + Downloaded webauthn-attestation-ca v0.5.3 + Downloaded bigdecimal v0.4.9 + Downloaded phf_macros v0.11.3 + Downloaded ucd-trie v0.1.7 + Downloaded darling_core v0.20.11 + Downloaded xml-rs v0.8.28 + Downloaded spin v0.9.8 + Downloaded webauthn-rs-proto v0.5.3 + Downloaded web-time v1.1.0 + Downloaded serde_plain v1.0.2 + Downloaded schemars v1.0.4 + Downloaded yansi v1.0.1 + Downloaded x509-parser v0.16.0 + Downloaded rocket_codegen v0.5.1 + Downloaded zerocopy-derive v0.8.27 + Downloaded webauthn-rs-core v0.5.3 + Downloaded tokio-util v0.7.16 + Downloaded winnow v0.6.26 + Downloaded jetscii v0.5.3 + Downloaded serde_with v3.15.1 + Downloaded pkcs8 v0.10.2 + Downloaded vcpkg v0.2.15 + Downloaded totp-lite v2.0.1 + Downloaded tokio-macros v2.6.0 + Downloaded webpki-roots v1.0.3 + Downloaded syn v2.0.108 + Downloaded pest_derive v2.8.3 + Downloaded password-hash v0.5.0 + Downloaded indexmap v1.9.3 + Downloaded group v0.13.0 + Downloaded diesel v2.3.3 + Downloaded jsonwebtoken v9.3.1 + Downloaded half v2.7.1 + Downloaded litrs v1.0.0 + Downloaded native-tls v0.2.14 + Downloaded rustls v0.21.12 + Downloaded rocket v0.5.1 + Downloaded triomphe v0.1.15 + Downloaded tokio-rustls v0.24.1 + Downloaded state v0.6.0 + Downloaded polling v3.11.0 + Downloaded handlebars v6.3.2 + Downloaded quote v1.0.41 + Downloaded lasso v0.7.3 + Downloaded publicsuffix v2.3.0 + Downloaded brotli v8.0.2 + Downloaded pest_meta v2.8.3 + Downloaded hickory-resolver v0.25.2 + Downloaded chrono-tz v0.10.4 + Downloaded hashbrown v0.12.3 + Downloaded pest_generator v2.8.3 + Downloaded mini-moka v0.10.3 + Downloaded socket2 v0.5.10 + Downloaded p256 v0.13.2 + Downloaded quanta v0.12.6 + Downloaded psm v0.1.28 + Downloaded pkcs1 v0.7.5 + Downloaded phf_generator v0.11.3 + Downloaded pem-rfc7468 v0.7.0 + Downloaded pear v0.2.9 + Downloaded num-order v1.2.0 + Downloaded num-modular v0.6.1 + Downloaded multer v3.1.0 + Downloaded curve25519-dalek v4.1.3 + Downloaded tungstenite v0.21.0 + Downloaded http v0.2.12 + Downloaded num-bigint v0.4.6 + Downloaded html5gum v0.8.0 + Downloaded oauth2 v5.0.0 + Downloaded openssl-sys v0.9.110 + Downloaded uuid v1.18.1 + Downloaded rsa v0.9.8 + Downloaded itertools v0.10.5 + Downloaded minimal-lexical v0.2.1 + Downloaded hashbrown v0.14.5 + Downloaded hex v0.4.3 + Downloaded rusticata-macros v4.1.0 + Downloaded hostname v0.4.1 + Downloaded rustls-webpki v0.101.7 + Downloaded raw-cpuid v11.6.0 + Downloaded nom v7.1.3 + Downloaded num-bigint-dig v0.8.4 + Downloaded chrono v0.4.42 + Downloaded async-std v1.13.2 + Downloaded pest v2.8.3 + Downloaded governor v0.10.1 + Downloaded lettre v0.11.19 + Downloaded phf v0.12.1 + Downloaded brotli-decompressor v5.0.0 + Downloaded nom v8.0.0 + Downloaded libm v0.2.15 + Downloaded hyper v0.14.32 + Downloaded openidconnect v4.0.1 + Downloaded hkdf v0.12.4 + Downloaded portable-atomic v1.11.1 + Downloaded grass_compiler v0.13.4 + Downloaded p384 v0.13.1 + Downloaded quick-xml v0.38.3 + Downloaded iri-string v0.7.8 + Downloaded rtoolbox v0.0.3 + Downloaded rpassword v7.4.0 + Downloaded r2d2 v0.8.10 + Downloaded iana-time-zone v0.1.64 + Downloaded moka v0.12.11 + Downloaded schemars v0.9.0 + Downloaded object v0.32.2 + Downloaded openssl v0.10.74 + Downloaded rustls-pemfile v1.0.4 + Downloaded nonzero_ext v0.3.0 + Downloaded hmac v0.12.1 + Downloaded base64 v0.21.7 + Downloaded rustls v0.23.34 + Downloaded pico-args v0.5.0 + Downloaded hickory-proto v0.25.2 + Downloaded oid-registry v0.7.1 + Downloaded cc v1.2.43 + Downloaded tokio-stream v0.1.17 + Downloaded thiserror-impl v1.0.69 + Downloaded svg-hush v0.9.5 + Downloaded spinning_top v0.3.0 + Downloaded pem v3.0.6 + Downloaded ordered-float v2.10.1 + Downloaded uncased v0.9.10 + Downloaded quoted_printable v0.5.1 + Downloaded proc-macro2-diagnostics v0.10.1 + Downloaded phf v0.11.3 + Downloaded pastey v0.1.1 + Downloaded num_cpus v1.17.0 + Downloaded serde_cbor_2 v0.13.0 + Downloaded parking v2.2.1 + Downloaded kv-log-macro v1.0.7 + Downloaded stable-pattern v0.1.0 + Downloaded spki v0.7.3 + Downloaded job_scheduler_ng v2.4.0 + Downloaded event-listener-strategy v0.5.4 + Downloaded simple_asn1 v0.6.3 + Downloaded opendal v0.54.1 + Downloaded scheduled-thread-pool v0.2.7 + Downloaded rocket_ws v0.1.1 + Downloaded num-derive v0.4.2 + Downloaded ed25519-dalek v2.2.0 + Downloaded der v0.7.10 + Downloaded env_home v0.1.0 + Downloaded elliptic-curve v0.13.8 + Downloaded data-encoding v2.9.0 + Downloaded cookie_store v0.21.1 + Downloaded async-task v4.7.1 + Downloaded const-oid v0.9.6 + Downloaded async-lock v3.4.1 + Downloaded migrations_macros v2.3.0 + Downloaded http-body v0.4.6 + Downloaded futures-lite v2.6.1 + Downloaded devise_core v0.4.2 + Downloaded derive_more-impl v2.0.1 + Downloaded chumsky v0.9.3 + Downloaded resolv-conf v0.7.5 + Downloaded reopen v1.0.3 + Downloaded ref-cast-impl v1.0.25 + Downloaded ref-cast v1.0.25 + Downloaded rand_core v0.6.4 + Downloaded ed25519 v2.2.3 + Downloaded figment v0.10.19 + Downloaded derive_more v2.0.1 + Downloaded cached v0.56.0 + Downloaded argon2 v0.5.3 + Downloaded ar_archive_writer v0.2.0 + Downloaded base64ct v1.8.0 + Downloaded atomic v0.5.3 + Downloaded asn1-rs-impl v0.2.0 + Downloaded foreign-types v0.3.2 + Downloaded dyn-clone v1.0.20 + Downloaded darling v0.21.3 + Downloaded base64urlsafedata v0.5.3 + Downloaded event-listener v5.4.1 + Downloaded ecdsa v0.16.9 + Downloaded backon v1.6.0 + Downloaded phf_shared v0.11.3 + Downloaded httpdate v1.0.3 + Downloaded derive_builder v0.20.2 + Downloaded dashmap v6.1.0 + Downloaded cookie_store v0.22.0 + Downloaded futures-macro v0.3.31 + Downloaded diesel-derive-newtype v2.1.2 + Downloaded derive_builder_core v0.20.2 + Downloaded data-url v0.3.2 + Downloaded cached_proc_macro v0.25.0 + Downloaded blake2 v0.10.6 + Downloaded async-channel v2.5.0 + Downloaded email_address v0.2.9 + Downloaded email-encoding v0.4.1 + Downloaded downcast-rs v2.0.2 + Downloaded concurrent-queue v2.5.0 + Downloaded cached_proc_macro_types v0.1.1 + Downloaded futures-executor v0.3.31 + Downloaded dsl_auto_type v0.2.0 + Downloaded document-features v0.2.12 + Downloaded base16ct v0.2.0 + Downloaded async-trait v0.1.89 + Downloaded async-process v2.5.0 + Downloaded async-executor v1.13.3 + Downloaded enum-as-inner v0.6.1 + Downloaded dotenvy v0.15.7 + Downloaded diesel_migrations v2.3.0 + Downloaded curve25519-dalek-derive v0.1.1 + Downloaded critical-section v1.2.0 + Downloaded codemap v0.1.3 + Downloaded async-signal v0.2.13 + Downloaded cron v0.15.0 + Compiling proc-macro2 v1.0.103 + Compiling quote v1.0.41 + Compiling unicode-ident v1.0.22 + Compiling libc v0.2.177 + Compiling cfg-if v1.0.4 + Compiling version_check v0.9.5 + Compiling serde_core v1.0.228 + Compiling memchr v2.7.6 + Compiling smallvec v1.15.1 + Compiling shlex v1.3.0 + Compiling find-msvc-tools v0.1.4 + Compiling serde v1.0.228 + Compiling pin-project-lite v0.2.16 + Compiling itoa v1.0.15 + Compiling zeroize v1.8.2 + Compiling portable-atomic v1.11.1 +error: linker `cc` not found + | + = note: No such file or directory (os error 2) + + Compiling fnv v1.0.7 +error: could not compile `proc-macro2` (build script) due to 1 previous error +warning: build failed, waiting for other jobs to finish... +error: could not compile `serde` (build script) due to 1 previous error +error: could not compile `serde_core` (build script) due to 1 previous error +error: could not compile `quote` (build script) due to 1 previous error +error: could not compile `libc` (build script) due to 1 previous error +error: could not compile `portable-atomic` (build script) due to 1 previous error diff --git a/docker/audit/output/upgrade_build.out b/docker/audit/output/upgrade_build.out new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/upgrade_deny.err b/docker/audit/output/upgrade_deny.err new file mode 100644 index 00000000..c1ac372f --- /dev/null +++ b/docker/audit/output/upgrade_deny.err @@ -0,0 +1,8 @@ +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"ar_archive_writer","version":"0.2.0"},"parents":[{"Krate":{"kind":"build","name":"psm","version":"0.1.28"},"parents":[{"Krate":{"name":"stacker","version":"0.1.22"},"parents":[{"Krate":{"name":"chumsky","version":"0.9.3"},"parents":[{"Krate":{"name":"lettre","version":"0.11.19"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]}]}]}]}],"labels":[{"column":12,"line":22,"message":"","span":"Apache-2.0 WITH LLVM-exception"},{"column":12,"line":22,"message":"rejected: license is not explicitly allowed","span":"Apache-2.0 WITH LLVM-exception"}],"message":"failed to satisfy license requirements","notes":["Apache-2.0 - Apache License 2.0:"," - OSI approved"," - FSF Free/Libre"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"base64urlsafedata","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true},{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"repeat":true}]}]}],"labels":[{"column":12,"line":35,"message":"","span":"MPL-2.0"},{"column":12,"line":35,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-attestation-ca","version":"0.5.3"},"parents":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":30,"message":"","span":"MPL-2.0"},{"column":12,"line":30,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}],"labels":[{"column":12,"line":39,"message":"","span":"MPL-2.0"},{"column":12,"line":39,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webauthn-rs-proto","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}},{"Krate":{"name":"webauthn-rs-core","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"webauthn-rs","version":"0.5.3"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]}],"labels":[{"column":12,"line":38,"message":"","span":"MPL-2.0"},{"column":12,"line":38,"message":"rejected: license is not explicitly allowed","span":"MPL-2.0"}],"message":"failed to satisfy license requirements","notes":["MPL-2.0 - Mozilla Public License 2.0:"," - OSI approved"," - FSF Free/Libre"," - Copyleft"],"severity":"error"},"type":"diagnostic"} +{"fields":{"code":"rejected","graphs":[{"Krate":{"name":"webpki-roots","version":"1.0.3"},"parents":[{"Krate":{"name":"hyper-rustls","version":"0.27.7"},"parents":[{"Krate":{"name":"reqwest","version":"0.12.24"},"parents":[{"Krate":{"name":"oauth2","version":"5.0.0"},"parents":[{"Krate":{"name":"openidconnect","version":"4.0.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"}}]}]},{"Krate":{"name":"opendal","version":"0.54.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]},{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true},{"Krate":{"name":"yubico_ng","version":"0.14.1"},"parents":[{"Krate":{"name":"vaultwarden","version":"1.0.0"},"repeat":true}]}]}]},{"Krate":{"name":"reqwest","version":"0.12.24"},"repeat":true}]}],"labels":[{"column":12,"line":26,"message":"","span":"CDLA-Permissive-2.0"},{"column":12,"line":26,"message":"rejected: license is not explicitly allowed","span":"CDLA-Permissive-2.0"}],"message":"failed to satisfy license requirements","notes":["CDLA-Permissive-2.0 - Community Data License Agreement Permissive 2.0:"," - No additional metadata available for license"],"severity":"error"},"type":"diagnostic"} +{"fields":{"licenses":{"errors":7,"helps":530,"notes":0,"warnings":0}},"type":"summary"} diff --git a/docker/audit/output/upgrade_deny.json b/docker/audit/output/upgrade_deny.json new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/webauthn_search.err b/docker/audit/output/webauthn_search.err new file mode 100644 index 00000000..ff82dc9a --- /dev/null +++ b/docker/audit/output/webauthn_search.err @@ -0,0 +1,7 @@ +info: syncing channel updates for '1.91.0-x86_64-unknown-linux-gnu' +info: latest update on 2025-10-30, rust version 1.91.0 (f8297e351 2025-10-28) +info: downloading component 'clippy' +info: downloading component 'rustfmt' +info: installing component 'clippy' +info: installing component 'rustfmt' +note: to learn more about a package, run `cargo info ` diff --git a/docker/audit/output/webauthn_search.txt b/docker/audit/output/webauthn_search.txt new file mode 100644 index 00000000..f364caad --- /dev/null +++ b/docker/audit/output/webauthn_search.txt @@ -0,0 +1,9 @@ +webauthn-rs = "0.5.3" # Webauthn Framework for Rust Web Servers +cable-tunnel-server-common = "0.1.0" # Common components for webauthn-rs' caBLE tunnel server backend and frontend +cable-tunnel-server-backend = "0.1.0" # webauthn-rs caBLE tunnel server backend +cable-tunnel-server-frontend = "0.1.0" # webauthn-rs caBLE tunnel server frontend +webauthn-rs-proto = "0.5.3" # Webauthn Specification Bindings +webauthn-rs-core = "0.5.3" # Webauthn Cryptographic Operation Handling +tmuntaner-webauthn = "0.1.0-alpha.18" # A webauthn client +webauthn-rp-proxy = "0.5.0" # Webauthn RP CLI Proxy +webauthn-rs-device-catalog = "0.5.0-20230418" # Webauthn RS Device Catalog diff --git a/docker/audit/output/webpki-tree_post_native.err b/docker/audit/output/webpki-tree_post_native.err new file mode 100644 index 00000000..e69de29b diff --git a/docker/audit/output/webpki-tree_post_native.txt b/docker/audit/output/webpki-tree_post_native.txt new file mode 100644 index 00000000..1aae12b6 --- /dev/null +++ b/docker/audit/output/webpki-tree_post_native.txt @@ -0,0 +1,12 @@ +webpki-roots v1.0.3 +├── hyper-rustls v0.27.7 +│ └── reqwest v0.12.24 +│ ├── oauth2 v5.0.0 +│ │ └── openidconnect v4.0.1 +│ │ └── vaultwarden v1.0.0 (/workspace) +│ ├── opendal v0.54.1 +│ │ └── vaultwarden v1.0.0 (/workspace) +│ ├── vaultwarden v1.0.0 (/workspace) +│ └── yubico_ng v0.14.1 +│ └── vaultwarden v1.0.0 (/workspace) +└── reqwest v0.12.24 (*) diff --git a/docker/audit/run-audit.ps1 b/docker/audit/run-audit.ps1 index 56a08fe7..2cd487eb 100644 --- a/docker/audit/run-audit.ps1 +++ b/docker/audit/run-audit.ps1 @@ -9,35 +9,19 @@ try { docker build -t $ImageName . Write-Host "Running audit container... outputs will be written to: $Workspace" - - # Create a small LF-only shell script to avoid CRLF issues when passing - # multi-line commands into bash on Linux containers from Windows hosts. - $auditScriptPath = Join-Path $PSScriptRoot 'audit.sh' - $scriptContent = @' -set -euo pipefail -export PATH="/usr/local/cargo/bin:/usr/local/bin:$PATH" -echo "=== cargo-audit --version ===" -/usr/local/cargo/bin/cargo-audit --version || true -echo "=== cargo-audit report ===" -# Run cargo-audit on the workspace Cargo.lock if present; local crate otherwise -/usr/local/cargo/bin/cargo-audit || true -echo "=== cargo-deny --version ===" -/usr/local/cargo/bin/cargo-deny --version || true -echo "=== cargo-deny advisories ===" -# Use --manifest-path as a global option and run check advisories and licenses -/usr/local/cargo/bin/cargo-deny --manifest-path Cargo.toml check advisories || true -echo "=== cargo-deny licenses ===" -/usr/local/cargo/bin/cargo-deny --manifest-path Cargo.toml check licenses || true -'@ - - # Ensure the script uses LF-only line endings by replacing CRLF with LF - $scriptContent = $scriptContent -replace "`r`n", "`n" - # Write bytes directly to ensure exact newlines (UTF8 without BOM) - $bytes = [System.Text.Encoding]::UTF8.GetBytes($scriptContent) - [System.IO.File]::WriteAllBytes($auditScriptPath, $bytes) - - # Run the audit script inside the container by mounting it read-only - docker run --rm -v "${Workspace}:/workspace" -v "${auditScriptPath}:/audit.sh:ro" -w /workspace $ImageName bash -lc 'bash /audit.sh' + docker run --rm -v "${Workspace}:/workspace" -w /workspace $ImageName bash -lc ' + set -euo pipefail + echo "=== cargo-audit --version ===" + /usr/local/cargo/bin/cargo-audit --version || true + echo "=== cargo-audit report ===" + /usr/local/cargo/bin/cargo-audit -q || true + echo "=== cargo-deny --version ===" + /usr/local/cargo/bin/cargo-deny --version || true + echo "=== cargo-deny advisories ===" + /usr/local/cargo/bin/cargo-deny check advisories --manifest-path Cargo.toml || true + echo "=== cargo-deny licenses ===" + /usr/local/cargo/bin/cargo-deny check licenses --manifest-path Cargo.toml || true + ' } finally { Pop-Location