diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 3d036b84..805d2585 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,5 @@ /.github @dani-garcia @BlackDex +/.github/** @dani-garcia @BlackDex /.github/CODEOWNERS @dani-garcia @BlackDex /.github/workflows/** @dani-garcia @BlackDex +/SECURITY.md @dani-garcia @BlackDex diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index da9b713b..43ec251f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -290,25 +290,25 @@ jobs: # Upload artifacts to Github Actions and Attest the binaries - name: "Upload amd64 artifact ${{ matrix.base_image }}" - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 #v4.6.1 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-amd64-${{ matrix.base_image }} path: vaultwarden-amd64-${{ matrix.base_image }} - name: "Upload arm64 artifact ${{ matrix.base_image }}" - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 #v4.6.1 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-arm64-${{ matrix.base_image }} path: vaultwarden-arm64-${{ matrix.base_image }} - name: "Upload armv7 artifact ${{ matrix.base_image }}" - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 #v4.6.1 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-armv7-${{ matrix.base_image }} path: vaultwarden-armv7-${{ matrix.base_image }} - name: "Upload armv6 artifact ${{ matrix.base_image }}" - uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 #v4.6.1 + uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 with: name: vaultwarden-${{ env.SOURCE_VERSION }}-linux-armv6-${{ matrix.base_image }} path: vaultwarden-armv6-${{ matrix.base_image }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 1d949b5a..e3c19e0b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: language: system args: ["--features", "sqlite,mysql,postgresql,enable_mimalloc", "--"] types_or: [rust, file] - files: (Cargo.toml|Cargo.lock|rust-toolchain|.*\.rs$) + files: (Cargo.toml|Cargo.lock|rust-toolchain.toml|rustfmt.toml|.*\.rs$) pass_filenames: false - id: cargo-clippy name: cargo clippy @@ -40,11 +40,11 @@ repos: language: system args: ["--features", "sqlite,mysql,postgresql,enable_mimalloc", "--", "-D", "warnings"] types_or: [rust, file] - files: (Cargo.toml|Cargo.lock|rust-toolchain|clippy.toml|.*\.rs$) + files: (Cargo.toml|Cargo.lock|rust-toolchain.toml|rustfmt.toml|.*\.rs$) pass_filenames: false - id: check-docker-templates name: check docker templates - desciption: Check if the Docker templates are updated + description: Check if the Docker templates are updated language: system entry: sh args: diff --git a/Cargo.lock b/Cargo.lock index bcc4fc19..c614797f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -654,9 +654,9 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.14" +version = "0.5.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "06ba6d68e24814cb8de6bb986db8222d3a027d15872cabc0d18817bc3c0e4471" +checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2" dependencies = [ "crossbeam-utils", ] @@ -1520,13 +1520,13 @@ dependencies = [ [[package]] name = "hostname" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f9c7c7c8ac16c798734b8a24560c1362120597c40d5e1459f09498f8f6c8f2ba" +checksum = "a56f203cd1c76362b69e3863fd987520ac36cf70a8c92627449b2f64a8cf7d65" dependencies = [ "cfg-if", "libc", - "windows 0.52.0", + "windows-link", ] [[package]] @@ -2034,9 +2034,9 @@ checksum = "8355be11b20d696c8f18f6cc018c4e372165b1fa8126cef092399c9951984ffa" [[package]] name = "libmimalloc-sys" -version = "0.1.40" +version = "0.1.42" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "07d0e07885d6a754b9c7993f2625187ad694ee985d60f23355ff0e7077261502" +checksum = "ec9d6fac27761dabcd4ee73571cdb06b7022dc99089acbe5435691edffaac0f4" dependencies = [ "cc", "libc", @@ -2061,9 +2061,9 @@ checksum = "d26c52dbd32dccf2d10cac7725f8eae5296885fb5703b261f7d0a0739ec807ab" [[package]] name = "linux-raw-sys" -version = "0.9.3" +version = "0.9.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fe7db12097d22ec582439daf8618b8fdd1a7bef6270e9af3b1ebcd30893cf413" +checksum = "cd945864f07fe9f5371a27ad7b52a172b4b499999f1d97574c9fa68373937e12" [[package]] name = "litemap" @@ -2170,9 +2170,9 @@ dependencies = [ [[package]] name = "mimalloc" -version = "0.1.44" +version = "0.1.46" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "99585191385958383e13f6b822e6b6d8d9cf928e7d286ceb092da92b43c87bc1" +checksum = "995942f432bbb4822a7e9c3faa87a695185b0d09273ba85f097b54f4e458f2af" dependencies = [ "libmimalloc-sys", ] @@ -2191,9 +2191,9 @@ checksum = "68354c5c6bd36d73ff3feceb05efa59b6acb7626617f4962be322a825e61f79a" [[package]] name = "miniz_oxide" -version = "0.8.7" +version = "0.8.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ff70ce3e48ae43fa075863cef62e8b43b71a4f2382229920e0df362592919430" +checksum = "3be647b768db090acb35d5ec5db2b0e1f1de11133ca123b9eacf5137868f892a" dependencies = [ "adler2", ] @@ -2249,11 +2249,12 @@ dependencies = [ [[package]] name = "mysqlclient-sys" -version = "0.4.4" +version = "0.4.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f29e21174d84e2622ceb7b0146a9187d36458a3a9ee9a66c9cac22e96493ef9" +checksum = "7fe45ac04fb301fa824ce6a3a0ef0171b52e92c6d25973c085cece9d88727bd7" dependencies = [ "pkg-config", + "semver", "vcpkg", ] @@ -2441,9 +2442,9 @@ checksum = "d05e27ee213611ffe7d6348b942e8f942b37114c00cc03cec254295a4a17852e" [[package]] name = "openssl-src" -version = "300.4.2+3.4.1" +version = "300.5.0+3.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "168ce4e058f975fe43e89d9ccf78ca668601887ae736090aacc23ae353c298e2" +checksum = "e8ce546f549326b0e6052b649198487d91320875da901e7bd11a06d1ee3f9c2f" dependencies = [ "cc", ] @@ -2910,9 +2911,9 @@ dependencies = [ [[package]] name = "redox_syscall" -version = "0.5.10" +version = "0.5.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0b8c0c260b63a8219631167be35e6a988e9554dbd323f8bd08439c8ed1302bd1" +checksum = "d2f103c6d277498fbceb16e84d317e2a400f160f46904d5f5410848c829511a3" dependencies = [ "bitflags", ] @@ -3240,7 +3241,7 @@ dependencies = [ "bitflags", "errno", "libc", - "linux-raw-sys 0.9.3", + "linux-raw-sys 0.9.4", "windows-sys 0.59.0", ] @@ -3832,9 +3833,9 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.44.1" +version = "1.44.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f382da615b842244d4b8738c82ed1275e6c5dd90c459a30941cd07080b06c91a" +checksum = "e6b88822cbe49de4185e3a4cbf8321dd487cf5fe0c5c65695fef6346371e9c48" dependencies = [ "backtrace", "bytes", @@ -4229,7 +4230,6 @@ dependencies = [ "job_scheduler_ng", "jsonwebtoken", "lettre", - "libmimalloc-sys", "libsqlite3-sys", "log", "macros", @@ -4436,13 +4436,13 @@ dependencies = [ [[package]] name = "which" -version = "7.0.2" +version = "7.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2774c861e1f072b3aadc02f8ba886c26ad6321567ecc294c935434cad06f1283" +checksum = "24d643ce3fd3e5b54854602a080f34fb10ab75e0b813ee32d00ca2b44fa74762" dependencies = [ "either", "env_home", - "rustix 0.38.44", + "rustix 1.0.5", "winsafe", ] @@ -4492,16 +4492,6 @@ dependencies = [ "windows-targets 0.48.5", ] -[[package]] -name = "windows" -version = "0.52.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e48a53791691ab099e5e2ad123536d0fff50652600abaf43bbf952894110d0be" -dependencies = [ - "windows-core 0.52.0", - "windows-targets 0.52.6", -] - [[package]] name = "windows" version = "0.58.0" @@ -4512,15 +4502,6 @@ dependencies = [ "windows-targets 0.52.6", ] -[[package]] -name = "windows-core" -version = "0.52.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33ab640c8d7e35bf8ba19b884ba838ceb4fba93a4e8c65a9059d08afcfc683d9" -dependencies = [ - "windows-targets 0.52.6", -] - [[package]] name = "windows-core" version = "0.58.0" @@ -4868,9 +4849,9 @@ checksum = "271414315aff87387382ec3d271b52d7ae78726f5d44ac98b4f4030c91880486" [[package]] name = "winnow" -version = "0.7.4" +version = "0.7.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0e97b544156e9bebe1a0ffbc03484fc1ffe3100cbce3ffb17eac35f7cdd7ab36" +checksum = "63d3fcd9bba44b03821e7d699eeee959f3126dcc4aa8e4ae18ec617c2a5cea10" dependencies = [ "memchr", ] diff --git a/Cargo.toml b/Cargo.toml index a06264ce..6745edd2 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,4 +1,5 @@ -workspace = { members = ["macros"] } +[workspace] +members = ["macros"] [package] name = "vaultwarden" @@ -71,7 +72,7 @@ dashmap = "6.1.0" # Async futures futures = "0.3.31" -tokio = { version = "1.44.1", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal", "net"] } +tokio = { version = "1.44.2", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal", "net"] } # A generic serialization/deserialization framework serde = { version = "1.0.219", features = ["derive"] } @@ -162,11 +163,9 @@ semver = "1.0.26" # Allow overriding the default memory allocator # Mainly used for the musl builds, since the default musl malloc is very slow -# Currently pinned to v0.1.44/v0.1.40 because of compile issues with musl - https://github.com/microsoft/mimalloc/issues/1056 -mimalloc = { version = "=0.1.44", features = ["secure"], default-features = false, optional = true } -libmimalloc-sys = { version = "=0.1.40", optional = true } +mimalloc = { version = "0.1.46", features = ["secure"], default-features = false, optional = true } -which = "7.0.2" +which = "7.0.3" # Argon2 library with support for the PHC format argon2 = "0.5.3" @@ -217,7 +216,7 @@ codegen-units = 16 # Linting config # https://doc.rust-lang.org/rustc/lints/groups.html -[lints.rust] +[workspace.lints.rust] # Forbid unsafe_code = "forbid" non_ascii_idents = "forbid" @@ -247,7 +246,7 @@ if_let_rescope = "allow" tail_expr_drop_order = "allow" # https://rust-lang.github.io/rust-clippy/stable/index.html -[lints.clippy] +[workspace.lints.clippy] # Warn dbg_macro = "warn" todo = "warn" @@ -285,3 +284,6 @@ unused_async = "deny" unused_self = "deny" verbose_file_reads = "deny" zero_sized_map_values = "deny" + +[lints] +workspace = true diff --git a/macros/Cargo.toml b/macros/Cargo.toml index 323f198d..eb4aeb7d 100644 --- a/macros/Cargo.toml +++ b/macros/Cargo.toml @@ -9,5 +9,8 @@ path = "src/lib.rs" proc-macro = true [dependencies] -quote = "1.0.38" -syn = "2.0.98" +quote = "1.0.40" +syn = "2.0.100" + +[lints] +workspace = true diff --git a/macros/src/lib.rs b/macros/src/lib.rs index ec8863bb..2d923ce1 100644 --- a/macros/src/lib.rs +++ b/macros/src/lib.rs @@ -1,5 +1,3 @@ -extern crate proc_macro; - use proc_macro::TokenStream; use quote::quote; @@ -12,7 +10,7 @@ pub fn derive_uuid_from_param(input: TokenStream) -> TokenStream { fn impl_derive_uuid_macro(ast: &syn::DeriveInput) -> TokenStream { let name = &ast.ident; - let gen = quote! { + let gen_derive = quote! { #[automatically_derived] impl<'r> rocket::request::FromParam<'r> for #name { type Error = (); @@ -27,7 +25,7 @@ fn impl_derive_uuid_macro(ast: &syn::DeriveInput) -> TokenStream { } } }; - gen.into() + gen_derive.into() } #[proc_macro_derive(IdFromParam)] @@ -39,7 +37,7 @@ pub fn derive_id_from_param(input: TokenStream) -> TokenStream { fn impl_derive_safestring_macro(ast: &syn::DeriveInput) -> TokenStream { let name = &ast.ident; - let gen = quote! { + let gen_derive = quote! { #[automatically_derived] impl<'r> rocket::request::FromParam<'r> for #name { type Error = (); @@ -54,5 +52,5 @@ fn impl_derive_safestring_macro(ast: &syn::DeriveInput) -> TokenStream { } } }; - gen.into() + gen_derive.into() } diff --git a/src/api/notifications.rs b/src/api/notifications.rs index de97be6f..2b325b70 100644 --- a/src/api/notifications.rs +++ b/src/api/notifications.rs @@ -495,7 +495,7 @@ impl WebSocketUsers { pub async fn send_auth_request( &self, user_id: &UserId, - auth_request_uuid: &String, + auth_request_uuid: &str, acting_device_id: &DeviceId, conn: &mut DbConn, ) { @@ -504,7 +504,7 @@ impl WebSocketUsers { return; } let data = create_update( - vec![("Id".into(), auth_request_uuid.clone().into()), ("UserId".into(), user_id.to_string().into())], + vec![("Id".into(), auth_request_uuid.to_owned().into()), ("UserId".into(), user_id.to_string().into())], UpdateType::AuthRequest, Some(acting_device_id.clone()), ); @@ -513,7 +513,7 @@ impl WebSocketUsers { } if CONFIG.push_enabled() { - push_auth_request(user_id.clone(), auth_request_uuid.to_string(), conn).await; + push_auth_request(user_id.clone(), auth_request_uuid.to_owned(), conn).await; } }