mirror of
https://forgejo.ellis.link/continuwuation/continuwuity.git
synced 2026-05-26 20:49:55 +00:00
chore: replace serde-yml with serde-saphyr
- serde-yml has an un-addressed [security issue][sec-issue] - [saphyr][saphyr] is a pretty recent and active crate that deals with YAML parsing - based on that, someone recently created [serde-saphyr][serde-saphyr] --- The change was pretty straightforward and mostly "just a search and replace". The new crate has it's `Error` type split into serialization and derserialization errors. Hence I created one Continuwuity-Error variant for each instead of just having a single `Yaml` variant. This was already done previously with the `Toml` errors so I thought this would be rather acceptable. [sec-issue]: https://github.com/advisories/GHSA-gfxp-f68g-8x78 [saphyr]: https://github.com/saphyr-rs/saphyr [serde-saphyr]: https://github.com/saphyr-rs/saphyr/issues/66#issuecomment-3353212289
This commit is contained in:
aviac
Generated
+85
-42
@@ -141,6 +141,12 @@ dependencies = [
|
|||||||
"password-hash",
|
"password-hash",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "arraydeque"
|
||||||
|
version = "0.5.1"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "7d902e3d592a523def97af8f317b08ce16b7ab854c1985a0c671e6f15cebc236"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "arrayvec"
|
name = "arrayvec"
|
||||||
version = "0.7.6"
|
version = "0.7.6"
|
||||||
@@ -719,7 +725,7 @@ version = "0.15.8"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "d067ad48b8650848b989a59a86c6c36a995d02d2bf778d45c3c5d57bc2718f02"
|
checksum = "d067ad48b8650848b989a59a86c6c36a995d02d2bf778d45c3c5d57bc2718f02"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"target-lexicon",
|
"target-lexicon",
|
||||||
]
|
]
|
||||||
|
|
||||||
@@ -920,8 +926,8 @@ dependencies = [
|
|||||||
"futures",
|
"futures",
|
||||||
"log",
|
"log",
|
||||||
"ruma",
|
"ruma",
|
||||||
|
"serde-saphyr",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"serde_yml",
|
|
||||||
"tokio",
|
"tokio",
|
||||||
"tracing",
|
"tracing",
|
||||||
"tracing-subscriber",
|
"tracing-subscriber",
|
||||||
@@ -1010,11 +1016,11 @@ dependencies = [
|
|||||||
"ruma",
|
"ruma",
|
||||||
"sanitize-filename",
|
"sanitize-filename",
|
||||||
"serde",
|
"serde",
|
||||||
|
"serde-saphyr",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"serde_regex",
|
"serde_regex",
|
||||||
"serde_yml",
|
|
||||||
"smallstr",
|
"smallstr",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"thiserror 2.0.17",
|
"thiserror 2.0.17",
|
||||||
"tikv-jemalloc-ctl",
|
"tikv-jemalloc-ctl",
|
||||||
"tikv-jemalloc-sys",
|
"tikv-jemalloc-sys",
|
||||||
@@ -1123,8 +1129,8 @@ dependencies = [
|
|||||||
"rustyline-async",
|
"rustyline-async",
|
||||||
"sd-notify",
|
"sd-notify",
|
||||||
"serde",
|
"serde",
|
||||||
|
"serde-saphyr",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"serde_yml",
|
|
||||||
"sha2",
|
"sha2",
|
||||||
"termimad",
|
"termimad",
|
||||||
"tokio",
|
"tokio",
|
||||||
@@ -1691,7 +1697,7 @@ dependencies = [
|
|||||||
"lebe",
|
"lebe",
|
||||||
"miniz_oxide",
|
"miniz_oxide",
|
||||||
"rayon-core",
|
"rayon-core",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"zune-inflate",
|
"zune-inflate",
|
||||||
]
|
]
|
||||||
|
|
||||||
@@ -1784,6 +1790,12 @@ version = "1.0.7"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
|
checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "foldhash"
|
||||||
|
version = "0.1.5"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "d9c4f5dac5e15c24eb999c26181a6ca40b39fe946cbe4c263c7209467bc83af2"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "form_urlencoded"
|
name = "form_urlencoded"
|
||||||
version = "1.2.2"
|
version = "1.2.2"
|
||||||
@@ -2019,12 +2031,30 @@ version = "0.12.3"
|
|||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
|
checksum = "8a9ee70c43aaf417c914396645a0fa852624801b24ebb7ae78fe8272889ac888"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "hashbrown"
|
||||||
|
version = "0.15.5"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "9229cfe53dfd69f0609a49f65461bd93001ea1ef889cd5529dd176593f5338a1"
|
||||||
|
dependencies = [
|
||||||
|
"foldhash",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "hashbrown"
|
name = "hashbrown"
|
||||||
version = "0.16.0"
|
version = "0.16.0"
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d"
|
checksum = "5419bdc4f6a9207fbeba6d11b604d481addf78ecd10c11ad51e76c2f6482748d"
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "hashlink"
|
||||||
|
version = "0.10.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "7382cf6263419f2d8df38c55d7da83da5c18aef87fc7a7fc1fb1e344edfe14c1"
|
||||||
|
dependencies = [
|
||||||
|
"hashbrown 0.15.5",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "hdrhistogram"
|
name = "hdrhistogram"
|
||||||
version = "7.5.4"
|
version = "7.5.4"
|
||||||
@@ -2122,7 +2152,7 @@ dependencies = [
|
|||||||
"rand 0.9.2",
|
"rand 0.9.2",
|
||||||
"resolv-conf",
|
"resolv-conf",
|
||||||
"serde",
|
"serde",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"thiserror 2.0.17",
|
"thiserror 2.0.17",
|
||||||
"tokio",
|
"tokio",
|
||||||
"tracing",
|
"tracing",
|
||||||
@@ -2241,7 +2271,7 @@ dependencies = [
|
|||||||
"itoa",
|
"itoa",
|
||||||
"pin-project-lite",
|
"pin-project-lite",
|
||||||
"pin-utils",
|
"pin-utils",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"tokio",
|
"tokio",
|
||||||
"want",
|
"want",
|
||||||
]
|
]
|
||||||
@@ -2338,7 +2368,7 @@ dependencies = [
|
|||||||
"icu_normalizer_data",
|
"icu_normalizer_data",
|
||||||
"icu_properties",
|
"icu_properties",
|
||||||
"icu_provider",
|
"icu_provider",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"zerovec",
|
"zerovec",
|
||||||
]
|
]
|
||||||
|
|
||||||
@@ -2394,7 +2424,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de"
|
checksum = "3b0875f23caa03898994f6ddc501886a45c7d3d62d04d2d90788d47be1b1e4de"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"idna_adapter",
|
"idna_adapter",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"utf8_iter",
|
"utf8_iter",
|
||||||
]
|
]
|
||||||
|
|
||||||
@@ -2713,16 +2743,6 @@ dependencies = [
|
|||||||
"windows-link 0.2.1",
|
"windows-link 0.2.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "libyml"
|
|
||||||
version = "0.0.5"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "3302702afa434ffa30847a83305f0a69d6abd74293b6554c18ec85c7ef30c980"
|
|
||||||
dependencies = [
|
|
||||||
"anyhow",
|
|
||||||
"version_check",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "libz-sys"
|
name = "libz-sys"
|
||||||
version = "1.1.22"
|
version = "1.1.22"
|
||||||
@@ -2972,7 +2992,7 @@ dependencies = [
|
|||||||
"parking_lot",
|
"parking_lot",
|
||||||
"portable-atomic",
|
"portable-atomic",
|
||||||
"rustc_version",
|
"rustc_version",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"tagptr",
|
"tagptr",
|
||||||
"uuid",
|
"uuid",
|
||||||
]
|
]
|
||||||
@@ -3005,6 +3025,12 @@ dependencies = [
|
|||||||
"libc",
|
"libc",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "nohash-hasher"
|
||||||
|
version = "0.2.0"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "2bf50223579dc7cdcfb3bfcacf7069ff68243f8c363f62ffa99cf000a6b9c451"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "nom"
|
name = "nom"
|
||||||
version = "7.1.3"
|
version = "7.1.3"
|
||||||
@@ -3305,7 +3331,7 @@ dependencies = [
|
|||||||
"libc",
|
"libc",
|
||||||
"petgraph",
|
"petgraph",
|
||||||
"redox_syscall",
|
"redox_syscall",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"windows-link 0.2.1",
|
"windows-link 0.2.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
@@ -4074,7 +4100,7 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
"serde_html_form",
|
"serde_html_form",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"thiserror 2.0.17",
|
"thiserror 2.0.17",
|
||||||
"time",
|
"time",
|
||||||
"tracing",
|
"tracing",
|
||||||
@@ -4101,7 +4127,7 @@ dependencies = [
|
|||||||
"ruma-macros",
|
"ruma-macros",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"thiserror 2.0.17",
|
"thiserror 2.0.17",
|
||||||
"tracing",
|
"tracing",
|
||||||
"url",
|
"url",
|
||||||
@@ -4357,6 +4383,16 @@ dependencies = [
|
|||||||
"regex",
|
"regex",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "saphyr-parser"
|
||||||
|
version = "0.0.6"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "4fb771b59f6b1985d1406325ec28f97cfb14256abcec4fdfb37b36a1766d6af7"
|
||||||
|
dependencies = [
|
||||||
|
"arraydeque",
|
||||||
|
"hashlink",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "schannel"
|
name = "schannel"
|
||||||
version = "0.1.28"
|
version = "0.1.28"
|
||||||
@@ -4553,6 +4589,22 @@ dependencies = [
|
|||||||
"serde_derive",
|
"serde_derive",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "serde-saphyr"
|
||||||
|
version = "0.0.7"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "fd76af9505b2498740576f95f60b3b4e2c469b5b677a8d2dd1d2da18b58193de"
|
||||||
|
dependencies = [
|
||||||
|
"base64 0.22.1",
|
||||||
|
"nohash-hasher",
|
||||||
|
"num-traits",
|
||||||
|
"ryu",
|
||||||
|
"saphyr-parser",
|
||||||
|
"serde",
|
||||||
|
"serde_json",
|
||||||
|
"smallvec 2.0.0-alpha.11",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "serde_core"
|
name = "serde_core"
|
||||||
version = "1.0.228"
|
version = "1.0.228"
|
||||||
@@ -4650,21 +4702,6 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
|
||||||
name = "serde_yml"
|
|
||||||
version = "0.0.12"
|
|
||||||
source = "registry+https://github.com/rust-lang/crates.io-index"
|
|
||||||
checksum = "59e2dd588bf1597a252c3b920e0143eb99b0f76e4e082f4c92ce34fbc9e71ddd"
|
|
||||||
dependencies = [
|
|
||||||
"indexmap 2.11.4",
|
|
||||||
"itoa",
|
|
||||||
"libyml",
|
|
||||||
"memchr",
|
|
||||||
"ryu",
|
|
||||||
"serde",
|
|
||||||
"version_check",
|
|
||||||
]
|
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "sha1"
|
name = "sha1"
|
||||||
version = "0.10.6"
|
version = "0.10.6"
|
||||||
@@ -4775,7 +4812,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
|
|||||||
checksum = "862077b1e764f04c251fe82a2ef562fd78d7cadaeb072ca7c2bcaf7217b1ff3b"
|
checksum = "862077b1e764f04c251fe82a2ef562fd78d7cadaeb072ca7c2bcaf7217b1ff3b"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"serde",
|
"serde",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
]
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
@@ -4787,6 +4824,12 @@ dependencies = [
|
|||||||
"serde",
|
"serde",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "smallvec"
|
||||||
|
version = "2.0.0-alpha.11"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "87b96efa4bd6bdd2ff0c6615cc36fc4970cbae63cfd46ddff5cee35a1b4df570"
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "socket2"
|
name = "socket2"
|
||||||
version = "0.5.10"
|
version = "0.5.10"
|
||||||
@@ -5474,7 +5517,7 @@ dependencies = [
|
|||||||
"once_cell",
|
"once_cell",
|
||||||
"opentelemetry",
|
"opentelemetry",
|
||||||
"opentelemetry_sdk",
|
"opentelemetry_sdk",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"tracing",
|
"tracing",
|
||||||
"tracing-core",
|
"tracing-core",
|
||||||
"tracing-log",
|
"tracing-log",
|
||||||
@@ -5492,7 +5535,7 @@ dependencies = [
|
|||||||
"once_cell",
|
"once_cell",
|
||||||
"regex",
|
"regex",
|
||||||
"sharded-slab",
|
"sharded-slab",
|
||||||
"smallvec",
|
"smallvec 1.15.1",
|
||||||
"thread_local",
|
"thread_local",
|
||||||
"tracing",
|
"tracing",
|
||||||
"tracing-core",
|
"tracing-core",
|
||||||
|
|||||||
+2
-2
@@ -166,8 +166,8 @@ default-features = false
|
|||||||
features = ["raw_value"]
|
features = ["raw_value"]
|
||||||
|
|
||||||
# Used for appservice registration files
|
# Used for appservice registration files
|
||||||
[workspace.dependencies.serde_yml]
|
[workspace.dependencies.serde-saphyr]
|
||||||
version = "0.0.12"
|
version = "0.0.7"
|
||||||
|
|
||||||
# Used to load forbidden room/user regex from config
|
# Used to load forbidden room/user regex from config
|
||||||
[workspace.dependencies.serde_regex]
|
[workspace.dependencies.serde_regex]
|
||||||
|
|||||||
@@ -85,7 +85,7 @@ futures.workspace = true
|
|||||||
log.workspace = true
|
log.workspace = true
|
||||||
ruma.workspace = true
|
ruma.workspace = true
|
||||||
serde_json.workspace = true
|
serde_json.workspace = true
|
||||||
serde_yml.workspace = true
|
serde-saphyr.workspace = true
|
||||||
tokio.workspace = true
|
tokio.workspace = true
|
||||||
tracing-subscriber.workspace = true
|
tracing-subscriber.workspace = true
|
||||||
tracing.workspace = true
|
tracing.workspace = true
|
||||||
|
|||||||
@@ -16,7 +16,7 @@ pub(super) async fn register(&self) -> Result {
|
|||||||
|
|
||||||
let range = 1..checked!(body_len - 1)?;
|
let range = 1..checked!(body_len - 1)?;
|
||||||
let appservice_config_body = body[range].join("\n");
|
let appservice_config_body = body[range].join("\n");
|
||||||
let parsed_config = serde_yml::from_str(&appservice_config_body);
|
let parsed_config = serde_saphyr::from_str(&appservice_config_body);
|
||||||
match parsed_config {
|
match parsed_config {
|
||||||
| Err(e) => return Err!("Could not parse appservice config as YAML: {e}"),
|
| Err(e) => return Err!("Could not parse appservice config as YAML: {e}"),
|
||||||
| Ok(registration) => match self
|
| Ok(registration) => match self
|
||||||
@@ -57,7 +57,7 @@ pub(super) async fn show_appservice_config(&self, appservice_identifier: String)
|
|||||||
{
|
{
|
||||||
| None => return Err!("Appservice does not exist."),
|
| None => return Err!("Appservice does not exist."),
|
||||||
| Some(config) => {
|
| Some(config) => {
|
||||||
let config_str = serde_yml::to_string(&config)?;
|
let config_str = serde_saphyr::to_string(&config)?;
|
||||||
write!(self, "Config for {appservice_identifier}:\n\n```yaml\n{config_str}\n```")
|
write!(self, "Config for {appservice_identifier}:\n\n```yaml\n{config_str}\n```")
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|||||||
+1
-1
@@ -92,7 +92,7 @@ ruma.workspace = true
|
|||||||
sanitize-filename.workspace = true
|
sanitize-filename.workspace = true
|
||||||
serde_json.workspace = true
|
serde_json.workspace = true
|
||||||
serde_regex.workspace = true
|
serde_regex.workspace = true
|
||||||
serde_yml.workspace = true
|
serde-saphyr.workspace = true
|
||||||
serde.workspace = true
|
serde.workspace = true
|
||||||
smallvec.workspace = true
|
smallvec.workspace = true
|
||||||
smallstr.workspace = true
|
smallstr.workspace = true
|
||||||
|
|||||||
@@ -83,7 +83,9 @@ pub enum Error {
|
|||||||
#[error(transparent)]
|
#[error(transparent)]
|
||||||
TypedHeader(#[from] axum_extra::typed_header::TypedHeaderRejection),
|
TypedHeader(#[from] axum_extra::typed_header::TypedHeaderRejection),
|
||||||
#[error(transparent)]
|
#[error(transparent)]
|
||||||
Yaml(#[from] serde_yml::Error),
|
YamlDe(#[from] serde_saphyr::Error),
|
||||||
|
#[error(transparent)]
|
||||||
|
YamlSer(#[from] serde_saphyr::ser_error::Error),
|
||||||
|
|
||||||
// ruma/conduwuit
|
// ruma/conduwuit
|
||||||
#[error("Arithmetic operation failed: {0}")]
|
#[error("Arithmetic operation failed: {0}")]
|
||||||
|
|||||||
@@ -108,7 +108,7 @@ rustyline-async.workspace = true
|
|||||||
rustyline-async.optional = true
|
rustyline-async.optional = true
|
||||||
serde_json.workspace = true
|
serde_json.workspace = true
|
||||||
serde.workspace = true
|
serde.workspace = true
|
||||||
serde_yml.workspace = true
|
serde-saphyr.workspace = true
|
||||||
sha2.workspace = true
|
sha2.workspace = true
|
||||||
termimad.workspace = true
|
termimad.workspace = true
|
||||||
termimad.optional = true
|
termimad.optional = true
|
||||||
|
|||||||
@@ -271,7 +271,7 @@ impl Service {
|
|||||||
.id_appserviceregistrations
|
.id_appserviceregistrations
|
||||||
.get(id)
|
.get(id)
|
||||||
.await
|
.await
|
||||||
.and_then(|ref bytes| serde_yml::from_slice(bytes).map_err(Into::into))
|
.and_then(|ref bytes| serde_saphyr::from_slice(bytes).map_err(Into::into))
|
||||||
.map_err(|e| err!(Database("Invalid appservice {id:?} registration: {e:?}")))
|
.map_err(|e| err!(Database("Invalid appservice {id:?} registration: {e:?}")))
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user