From be0e89b99b28f0d4b13a95c92272c24d27612bd5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 20 Jan 2024 08:53:15 +0100 Subject: [PATCH 1/3] Bump vite from 5.0.11 to 5.0.12 in /kitsune-fe (#472) Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 5.0.11 to 5.0.12. - [Release notes](https://github.com/vitejs/vite/releases) - [Changelog](https://github.com/vitejs/vite/blob/v5.0.12/packages/vite/CHANGELOG.md) - [Commits](https://github.com/vitejs/vite/commits/v5.0.12/packages/vite) --- updated-dependencies: - dependency-name: vite dependency-type: direct:development ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- kitsune-fe/package.json | 2 +- kitsune-fe/yarn.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/kitsune-fe/package.json b/kitsune-fe/package.json index 78135862d..a834de466 100644 --- a/kitsune-fe/package.json +++ b/kitsune-fe/package.json @@ -63,7 +63,7 @@ "sass": "^1.70.0", "typescript": "^5.3.3", "unplugin-fluent-vue": "^1.1.4", - "vite": "^5.0.11", + "vite": "^5.0.12", "vue-tsc": "^1.8.27" }, "resolutions": { diff --git a/kitsune-fe/yarn.lock b/kitsune-fe/yarn.lock index f118c51a3..7585126d0 100644 --- a/kitsune-fe/yarn.lock +++ b/kitsune-fe/yarn.lock @@ -4980,10 +4980,10 @@ value-or-promise@^1.0.11, value-or-promise@^1.0.12: resolved "https://registry.yarnpkg.com/value-or-promise/-/value-or-promise-1.0.12.tgz#0e5abfeec70148c78460a849f6b003ea7986f15c" integrity sha512-Z6Uz+TYwEqE7ZN50gwn+1LCVo9ZVrpxRPOhOLnncYkY1ZzOYtrX8Fwf/rFktZ8R5mJms6EZf5TqNOMeZmnPq9Q== -vite@^5.0.11: - version "5.0.11" - resolved "https://registry.yarnpkg.com/vite/-/vite-5.0.11.tgz#31562e41e004cb68e1d51f5d2c641ab313b289e4" - integrity sha512-XBMnDjZcNAw/G1gEiskiM1v6yzM4GE5aMGvhWTlHAYYhxb7S3/V1s3m2LDHa8Vh6yIWYYB0iJwsEaS523c4oYA== +vite@^5.0.12: + version "5.0.12" + resolved "https://registry.yarnpkg.com/vite/-/vite-5.0.12.tgz#8a2ffd4da36c132aec4adafe05d7adde38333c47" + integrity sha512-4hsnEkG3q0N4Tzf1+t6NdN9dg/L3BM+q8SWgbSPnJvrgH2kgdyzfVJwbR1ic69/4uMJJ/3dqDZZE5/WwqW8U1w== dependencies: esbuild "^0.19.3" postcss "^8.4.32" From 995286730ae63d22507bf73eb0cec50e03a5de4b Mon Sep 17 00:00:00 2001 From: aumetra Date: Sat, 20 Jan 2024 17:02:56 +0100 Subject: [PATCH 2/3] Revert back to Rust stable (#473) --- Cargo.lock | 42 +++++++++++++------- crates/kitsune-activitypub/Cargo.toml | 4 +- crates/kitsune-cache/Cargo.toml | 2 +- crates/kitsune-captcha/Cargo.toml | 2 +- crates/kitsune-db/Cargo.toml | 4 +- crates/kitsune-http-client/Cargo.toml | 2 +- crates/kitsune-http-signatures/Cargo.toml | 3 +- crates/kitsune-http-signatures/src/header.rs | 14 ++++--- crates/kitsune-http-signatures/src/lib.rs | 1 - crates/kitsune-mastodon/Cargo.toml | 2 +- crates/kitsune-messaging/Cargo.toml | 2 +- crates/kitsune-oidc/Cargo.toml | 2 +- crates/kitsune-service/Cargo.toml | 4 +- crates/kitsune-type/Cargo.toml | 2 +- crates/kitsune-util/src/lib.rs | 7 ++++ crates/kitsune-webfinger/Cargo.toml | 2 +- flake.nix | 6 +-- kitsune/Cargo.toml | 3 +- kitsune/src/http/pagination.rs | 13 +++--- kitsune/src/lib.rs | 2 - kitsune/src/oauth2/registrar.rs | 3 +- lib/athena/Cargo.toml | 2 +- lib/masto-id-convert/Cargo.toml | 4 +- lib/speedy-uuid/Cargo.toml | 4 +- lib/tower-x-clacks-overhead/Cargo.toml | 1 + lib/tower-x-clacks-overhead/src/lib.rs | 4 +- rust-toolchain.toml | 2 +- 27 files changed, 79 insertions(+), 60 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f821df11c..20bdb45ff 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1325,7 +1325,7 @@ dependencies = [ "criterion-plot", "futures", "is-terminal", - "itertools", + "itertools 0.10.5", "num-traits 0.2.17", "once_cell", "oorandom", @@ -1345,7 +1345,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6b50826342786a51a89e2da3a28f1c32b06e387201bc2d19791f622c673706b1" dependencies = [ "cast", - "itertools", + "itertools 0.10.5", ] [[package]] @@ -2993,6 +2993,15 @@ dependencies = [ "either", ] +[[package]] +name = "itertools" +version = "0.12.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "25db6b064527c5d482d0423354fcd07a89a2dfe07b67892e62411946db7f07b0" +dependencies = [ + "either", +] + [[package]] name = "itoa" version = "0.4.8" @@ -3056,6 +3065,7 @@ dependencies = [ "http 1.0.0", "http-body-util", "iso8601-timestamp", + "itertools 0.12.0", "kitsune-activitypub", "kitsune-blocking", "kitsune-cache", @@ -3378,6 +3388,7 @@ dependencies = [ "base64-simd", "derive_builder", "http 1.0.0", + "itertools 0.12.0", "kitsune-blocking", "pem", "pkcs8", @@ -4550,7 +4561,7 @@ dependencies = [ "ed25519-dalek", "hmac", "http 0.2.11", - "itertools", + "itertools 0.10.5", "log", "oauth2", "p256", @@ -4587,9 +4598,9 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.98" +version = "0.9.99" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c1665caf8ab2dc9aef43d1c0023bd904633a6a05cb30b0ad59bec2ae986e57a7" +checksum = "22e1bf214306098e4832460f797824c05d25aacdf896f64a985fb0fd992454ae" dependencies = [ "cc", "libc", @@ -5266,7 +5277,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e5d2d8d10f3c6ded6da8b05b5fb3b8a5082514344d56c9f871412d29b4e075b4" dependencies = [ "anyhow", - "itertools", + "itertools 0.10.5", "proc-macro2", "quote", "syn 1.0.109", @@ -6327,9 +6338,9 @@ dependencies = [ [[package]] name = "simd-json" -version = "0.13.7" +version = "0.13.8" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0a9511d2aa0b26dce65ea3860321cd680a8daeb6808b04f1e94429e0389ad952" +checksum = "2faf8f101b9bc484337a6a6b0409cf76c139f2fb70a9e3aee6b6774be7bfbf76" dependencies = [ "getrandom 0.2.12", "halfbrown", @@ -6402,9 +6413,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.12.0" +version = "1.13.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2593d31f82ead8df961d8bd23a64c2ccf2eb5dd34b0a34bfb4dd54011c72009e" +checksum = "e6ecd384b10a64542d77071bd64bd7b231f4ed5940fba55e98c3de13824cf3d7" [[package]] name = "smawk" @@ -6614,9 +6625,9 @@ dependencies = [ [[package]] name = "supports-unicode" -version = "2.0.0" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b6c2cb240ab5dd21ed4906895ee23fe5a48acdbd15a3ce388e7b62a9b66baf7" +checksum = "f850c19edd184a205e883199a261ed44471c81e39bd95b1357f5febbef00e77a" dependencies = [ "is-terminal", ] @@ -7138,6 +7149,7 @@ version = "0.0.1-pre.5" dependencies = [ "futures", "http 1.0.0", + "itertools 0.12.0", "pin-project-lite", "tower", "tower-layer", @@ -7443,9 +7455,9 @@ dependencies = [ [[package]] name = "uuid" -version = "1.6.1" +version = "1.7.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e395fcf16a7a3d8127ec99782007af141946b4795001f876d54fb0d55978560" +checksum = "f00cc9702ca12d3c81455259621e676d0f7251cec66a21e98fe2e9a37db93b2a" dependencies = [ "atomic", "getrandom 0.2.12", @@ -7961,7 +7973,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "103fa851fff70ea29af380e87c25c48ff7faac5c530c70bd0e65366d4e0c94e4" dependencies = [ "fancy-regex", - "itertools", + "itertools 0.10.5", "js-sys", "lazy_static", "quick-error", diff --git a/crates/kitsune-activitypub/Cargo.toml b/crates/kitsune-activitypub/Cargo.toml index da10f3e77..68fd5f591 100644 --- a/crates/kitsune-activitypub/Cargo.toml +++ b/crates/kitsune-activitypub/Cargo.toml @@ -7,7 +7,7 @@ version.workspace = true [dependencies] async-trait = "0.1.77" autometrics = { version = "1.0.0", default-features = false } -base64-simd = { version = "0.8.0", features = ["unstable"] } +base64-simd = "0.8.0" diesel = "2.1.4" diesel-async = "0.4.1" futures-util = "0.3.30" @@ -33,7 +33,7 @@ rsa = "0.9.6" scoped-futures = "0.1.3" serde = "1.0.195" sha2 = "0.10.8" -simd-json = { version = "0.13.7", features = ["hints"] } +simd-json = "0.13.8" speedy-uuid = { path = "../../lib/speedy-uuid" } thiserror = "1.0.56" tracing = "0.1.40" diff --git a/crates/kitsune-cache/Cargo.toml b/crates/kitsune-cache/Cargo.toml index 6b6b9a4da..c945730f4 100644 --- a/crates/kitsune-cache/Cargo.toml +++ b/crates/kitsune-cache/Cargo.toml @@ -10,7 +10,7 @@ enum_dispatch = "0.3.12" moka = { version = "0.12.3", features = ["sync"] } redis = "0.24.0" serde = "1.0.195" -simd-json = "0.13.7" +simd-json = "0.13.8" thiserror = "1.0.56" tracing = "0.1.40" typed-builder = "0.18.1" diff --git a/crates/kitsune-captcha/Cargo.toml b/crates/kitsune-captcha/Cargo.toml index c5068a26d..62a41157d 100644 --- a/crates/kitsune-captcha/Cargo.toml +++ b/crates/kitsune-captcha/Cargo.toml @@ -10,7 +10,7 @@ http = "1.0.0" kitsune-http-client = { path = "../kitsune-http-client" } serde = { version = "1.0.195", features = ["derive"] } serde_urlencoded = "0.7.1" -simd-json = "0.13.7" +simd-json = "0.13.8" strum = { version = "0.25.0", features = ["derive"] } thiserror = "1.0.56" typed-builder = "0.18.1" diff --git a/crates/kitsune-db/Cargo.toml b/crates/kitsune-db/Cargo.toml index a72c76bb5..a2c01e8d6 100644 --- a/crates/kitsune-db/Cargo.toml +++ b/crates/kitsune-db/Cargo.toml @@ -6,7 +6,7 @@ edition.workspace = true build = "build.rs" [dependencies] -diesel = { version = "2.1.4", features = ["nightly-error-messages", "uuid"] } +diesel = { version = "2.1.4", features = ["uuid"] } diesel-async = { version = "0.4.1", features = [ "async-connection-wrapper", "deadpool", @@ -23,7 +23,7 @@ miette = "5.10.0" num-derive = "0.4.1" num-traits = "0.2.17" serde = { version = "1.0.195", features = ["derive"] } -simd-json = "0.13.7" +simd-json = "0.13.8" speedy-uuid = { path = "../../lib/speedy-uuid", features = ["diesel"] } thiserror = "1.0.56" tracing-log = "0.2.0" diff --git a/crates/kitsune-http-client/Cargo.toml b/crates/kitsune-http-client/Cargo.toml index 2a8e3b4fc..0ddf78cf4 100644 --- a/crates/kitsune-http-client/Cargo.toml +++ b/crates/kitsune-http-client/Cargo.toml @@ -25,7 +25,7 @@ kitsune-http-signatures = { path = "../kitsune-http-signatures" } kitsune-type = { path = "../kitsune-type" } pin-project = "1.1.3" serde = "1.0.195" -simd-json = "0.13.7" +simd-json = "0.13.8" tower = { version = "0.4.13", features = ["util"] } tower-http = { version = "0.5.1", features = [ # Explicitly exclude `zstd` diff --git a/crates/kitsune-http-signatures/Cargo.toml b/crates/kitsune-http-signatures/Cargo.toml index bb5fd0093..729b65a7b 100644 --- a/crates/kitsune-http-signatures/Cargo.toml +++ b/crates/kitsune-http-signatures/Cargo.toml @@ -5,10 +5,11 @@ authors.workspace = true edition.workspace = true [dependencies] -base64-simd = { version = "0.8.0", features = ["unstable"] } +base64-simd = "0.8.0" derive_builder = "0.12.0" http = "1.0.0" kitsune-blocking = { path = "../kitsune-blocking" } +itertools = { version = "0.12.0", default-features = false } ring = { version = "0.17.7", features = ["std"] } time = { version = "0.3.31", default-features = false, features = [ "formatting", diff --git a/crates/kitsune-http-signatures/src/header.rs b/crates/kitsune-http-signatures/src/header.rs index b5e011526..9544adc8b 100644 --- a/crates/kitsune-http-signatures/src/header.rs +++ b/crates/kitsune-http-signatures/src/header.rs @@ -118,12 +118,14 @@ impl TryFrom> for String { fn try_from(value: SignatureHeader<'_>) -> Result { let signature = base64_simd::STANDARD.encode_to_string(value.signature); - let headers = value - .signature_components - .iter() - .map(SignatureComponent::as_str) - .intersperse(" ") - .collect::(); + let headers = itertools::intersperse( + value + .signature_components + .iter() + .map(SignatureComponent::as_str), + " ", + ) + .collect::(); let mut signature_header = format!( "keyId=\"{}\",signature=\"{signature}\",headers=\"{headers}\"", diff --git a/crates/kitsune-http-signatures/src/lib.rs b/crates/kitsune-http-signatures/src/lib.rs index a8966d84e..d55cacf47 100644 --- a/crates/kitsune-http-signatures/src/lib.rs +++ b/crates/kitsune-http-signatures/src/lib.rs @@ -4,7 +4,6 @@ //! Only supports asymmetric signing schemes (aka. no HMAC and such) //! -#![feature(iter_intersperse)] #![deny(missing_docs)] use crate::{header::SignatureHeader, util::UnixTimestampExt}; diff --git a/crates/kitsune-mastodon/Cargo.toml b/crates/kitsune-mastodon/Cargo.toml index 531f89224..a65c45ec8 100644 --- a/crates/kitsune-mastodon/Cargo.toml +++ b/crates/kitsune-mastodon/Cargo.toml @@ -21,7 +21,7 @@ kitsune-util = { path = "../kitsune-util" } mime = "0.3.17" scoped-futures = "0.1.3" serde = "1.0.195" -simd-json = "0.13.7" +simd-json = "0.13.8" smol_str = "0.2.1" speedy-uuid = { path = "../../lib/speedy-uuid" } thiserror = "1.0.56" diff --git a/crates/kitsune-messaging/Cargo.toml b/crates/kitsune-messaging/Cargo.toml index 9f47079d2..5da9858c7 100644 --- a/crates/kitsune-messaging/Cargo.toml +++ b/crates/kitsune-messaging/Cargo.toml @@ -16,7 +16,7 @@ redis = { version = "0.24.0", features = [ "tokio-rustls-comp", ] } serde = "1.0.195" -simd-json = "0.13.7" +simd-json = "0.13.8" tokio = { version = "1.35.1", features = ["macros", "rt", "sync"] } tokio-stream = { version = "0.1.14", features = ["sync"] } tracing = "0.1.40" diff --git a/crates/kitsune-oidc/Cargo.toml b/crates/kitsune-oidc/Cargo.toml index 9c9091ed8..aa3a4debf 100644 --- a/crates/kitsune-oidc/Cargo.toml +++ b/crates/kitsune-oidc/Cargo.toml @@ -21,7 +21,7 @@ openidconnect = { version = "3.4.0", default-features = false, features = [ ] } redis = "0.24.0" serde = { version = "1.0.195", features = ["derive"] } -simd-json = "0.13.7" +simd-json = "0.13.8" speedy-uuid = { path = "../../lib/speedy-uuid", features = ["serde"] } thiserror = "1.0.56" url = "2.5.0" diff --git a/crates/kitsune-service/Cargo.toml b/crates/kitsune-service/Cargo.toml index 83b66cb75..a9542853d 100644 --- a/crates/kitsune-service/Cargo.toml +++ b/crates/kitsune-service/Cargo.toml @@ -52,7 +52,7 @@ rsa = "0.9.6" rusty-s3 = { version = "0.5.0", default-features = false } scoped-futures = "0.1.3" serde = "1.0.195" -simd-json = "0.13.7" +simd-json = "0.13.8" smol_str = "0.2.1" speedy-uuid = { path = "../../lib/speedy-uuid" } thiserror = "1.0.56" @@ -66,7 +66,7 @@ zxcvbn = { version = "2.2.2", default-features = false } meilisearch = ["kitsune-search/meilisearch"] [dev-dependencies] -hex-simd = { version = "0.8.0", features = ["unstable"] } +hex-simd = "0.8.0" http-body-util = "0.1.0" hyper = "1.1.0" kitsune-activitypub = { path = "../kitsune-activitypub" } diff --git a/crates/kitsune-type/Cargo.toml b/crates/kitsune-type/Cargo.toml index 6ff39a043..fba0f6fb8 100644 --- a/crates/kitsune-type/Cargo.toml +++ b/crates/kitsune-type/Cargo.toml @@ -7,7 +7,7 @@ edition.workspace = true [dependencies] iso8601-timestamp = "0.2.16" serde = { version = "1.0.195", features = ["derive"] } -simd-json = "0.13.7" +simd-json = "0.13.8" smol_str = { version = "0.2.1", features = ["serde"] } speedy-uuid = { path = "../../lib/speedy-uuid", features = ["serde"] } utoipa = { version = "4.2.0", features = ["chrono", "uuid"] } diff --git a/crates/kitsune-util/src/lib.rs b/crates/kitsune-util/src/lib.rs index 659b052ee..314c0ced4 100644 --- a/crates/kitsune-util/src/lib.rs +++ b/crates/kitsune-util/src/lib.rs @@ -22,6 +22,13 @@ pub fn generate_secret() -> String { .collect() } +const _: () = { + assert!( + std::mem::size_of::>() <= std::mem::size_of::() * 2, + "Size guarantee violated (should have the size of two or less machine words)", + ); +}; + #[derive(Clone, Debug)] pub enum CowBox<'a, T> { Borrowed(&'a T), diff --git a/crates/kitsune-webfinger/Cargo.toml b/crates/kitsune-webfinger/Cargo.toml index 8b675a9c2..962ef37fb 100644 --- a/crates/kitsune-webfinger/Cargo.toml +++ b/crates/kitsune-webfinger/Cargo.toml @@ -21,7 +21,7 @@ tracing = "0.1.40" http-body-util = "0.1.0" hyper = "1.1.0" pretty_assertions = "1.4.0" -simd-json = { version = "0.13.7", features = ["hints"] } +simd-json = "0.13.8" tokio = { version = "1.35.1", features = ["macros"] } tower = { version = "0.4.13", default-features = false, features = ["util"] } diff --git a/flake.nix b/flake.nix index b5d380dc0..cada6ffe8 100644 --- a/flake.nix +++ b/flake.nix @@ -25,8 +25,8 @@ inherit overlays system; }; rustPlatform = pkgs.makeRustPlatform { - cargo = pkgs.rust-bin.nightly.latest.minimal; - rustc = pkgs.rust-bin.nightly.latest.minimal; + cargo = pkgs.rust-bin.stable.latest.minimal; + rustc = pkgs.rust-bin.stable.latest.minimal; }; baseDependencies = with pkgs; [ openssl @@ -128,7 +128,7 @@ packages = with pkgs; [ cargo-insta diesel-cli - rust-bin.nightly.latest.default + rust-bin.stable.latest.default ] ++ baseDependencies; diff --git a/kitsune/Cargo.toml b/kitsune/Cargo.toml index f507b0ddd..138ee4c99 100644 --- a/kitsune/Cargo.toml +++ b/kitsune/Cargo.toml @@ -42,6 +42,7 @@ headers = "0.4.0" http = "1.0.0" http-body-util = "0.1.0" iso8601-timestamp = "0.2.16" +itertools = { version = "0.12.0", default-features = false } kitsune-activitypub = { path = "../crates/kitsune-activitypub" } kitsune-blocking = { path = "../crates/kitsune-blocking" } kitsune-cache = { path = "../crates/kitsune-cache" } @@ -79,7 +80,7 @@ rust-embed = { version = "8.2.0", features = ["include-exclude"] } scoped-futures = "0.1.3" serde = { version = "1.0.195", features = ["derive"] } serde_urlencoded = "0.7.1" -simd-json = "0.13.7" +simd-json = "0.13.8" speedy-uuid = { path = "../lib/speedy-uuid" } strum = { version = "0.25.0", features = ["derive", "phf"] } tempfile = "3.9.0" diff --git a/kitsune/src/http/pagination.rs b/kitsune/src/http/pagination.rs index 2aea3bf33..113765b18 100644 --- a/kitsune/src/http/pagination.rs +++ b/kitsune/src/http/pagination.rs @@ -23,12 +23,13 @@ where type Error = Error; fn into_response_parts(self, mut res: ResponseParts) -> Result { - let value = self - .0 - .into_iter() - .map(|(key, value)| Cow::Owned(format!("<{value}>; rel=\"{key}\""))) - .intersperse(Cow::Borrowed(", ")) - .collect::(); + let value = itertools::intersperse( + self.0 + .into_iter() + .map(|(key, value)| Cow::Owned(format!("<{value}>; rel=\"{key}\""))), + Cow::Borrowed(", "), + ) + .collect::(); res.headers_mut().insert( "Link", diff --git a/kitsune/src/lib.rs b/kitsune/src/lib.rs index 35104db95..25aec1f57 100644 --- a/kitsune/src/lib.rs +++ b/kitsune/src/lib.rs @@ -1,5 +1,3 @@ -#![feature(iter_intersperse)] - #[macro_use] extern crate metrics; diff --git a/kitsune/src/oauth2/registrar.rs b/kitsune/src/oauth2/registrar.rs index 5064a2aa2..21e32e655 100644 --- a/kitsune/src/oauth2/registrar.rs +++ b/kitsune/src/oauth2/registrar.rs @@ -79,8 +79,7 @@ impl Registrar for OAuthRegistrar { if valid_scopes.peek().is_none() { OAuthScope::Read.as_ref().parse().unwrap() } else { - valid_scopes - .intersperse(" ") + itertools::intersperse(valid_scopes, " ") .collect::() .parse() .unwrap() diff --git a/lib/athena/Cargo.toml b/lib/athena/Cargo.toml index 83529845e..3a62ce6fc 100644 --- a/lib/athena/Cargo.toml +++ b/lib/athena/Cargo.toml @@ -23,7 +23,7 @@ redis = { version = "0.24.0", default-features = false, features = [ ] } retry-policies = "0.2.1" serde = { version = "1.0.195", features = ["derive"] } -simd-json = "0.13.7" +simd-json = "0.13.8" smol_str = "0.2.1" speedy-uuid = { path = "../speedy-uuid", features = ["redis", "serde"] } thiserror = "1.0.56" diff --git a/lib/masto-id-convert/Cargo.toml b/lib/masto-id-convert/Cargo.toml index 7833e38c5..565002fc3 100644 --- a/lib/masto-id-convert/Cargo.toml +++ b/lib/masto-id-convert/Cargo.toml @@ -13,7 +13,7 @@ atoi_radix10 = "0.0.1" nanorand = { version = "0.7.0", default-features = false, features = [ "wyrand", ] } -uuid = { version = "1.6.1", default-features = false } +uuid = { version = "1.7.0", default-features = false } [features] default = ["std"] @@ -22,7 +22,7 @@ std = [] [dev-dependencies] criterion = { version = "0.5.1", default-features = false } time = "0.3.31" -uuid = { version = "1.6.1", features = ["v7"] } +uuid = { version = "1.7.0", features = ["v7"] } [lints] workspace = true diff --git a/lib/speedy-uuid/Cargo.toml b/lib/speedy-uuid/Cargo.toml index 242486cd2..53ffe85c0 100644 --- a/lib/speedy-uuid/Cargo.toml +++ b/lib/speedy-uuid/Cargo.toml @@ -13,8 +13,8 @@ diesel = { version = "2.1.4", features = [ redis = { version = "0.24.0", default-features = false, optional = true } serde = { version = "1.0.195", optional = true } thiserror = "1.0.56" -uuid = { version = "1.6.1", features = ["fast-rng", "v7"] } -uuid-simd = { version = "0.8.0", features = ["unstable", "uuid"] } +uuid = { version = "1.7.0", features = ["fast-rng", "v7"] } +uuid-simd = { version = "0.8.0", features = ["uuid"] } [lints] workspace = true diff --git a/lib/tower-x-clacks-overhead/Cargo.toml b/lib/tower-x-clacks-overhead/Cargo.toml index 1b2fa9763..7f33e2994 100644 --- a/lib/tower-x-clacks-overhead/Cargo.toml +++ b/lib/tower-x-clacks-overhead/Cargo.toml @@ -6,6 +6,7 @@ version.workspace = true [dependencies] http = "1.0.0" +itertools = { version = "0.12.0", default-features = false } pin-project-lite = "0.2.13" tower-layer = "0.3.2" tower-service = "0.3.2" diff --git a/lib/tower-x-clacks-overhead/src/lib.rs b/lib/tower-x-clacks-overhead/src/lib.rs index 6edbc1423..657c71be0 100644 --- a/lib/tower-x-clacks-overhead/src/lib.rs +++ b/lib/tower-x-clacks-overhead/src/lib.rs @@ -1,5 +1,3 @@ -#![feature(iter_intersperse)] - use http::{header::InvalidHeaderValue, HeaderName, HeaderValue, Response}; use pin_project_lite::pin_project; use std::{ @@ -20,7 +18,7 @@ where { let names = format!( "GNU {}", - names.into_iter().intersperse(", ").collect::() + itertools::intersperse(names, ", ").collect::() ) .parse()?; diff --git a/rust-toolchain.toml b/rust-toolchain.toml index 837b197ab..003754923 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,4 +1,4 @@ [toolchain] -channel = "nightly" +channel = "stable" components = ["clippy", "rustfmt"] profile = "default" From 4ea10e930fe71076bf0c4d2105001ed46a1ac3b2 Mon Sep 17 00:00:00 2001 From: aumetra Date: Sat, 20 Jan 2024 18:56:23 +0100 Subject: [PATCH 3/3] Add ability to connect to database with TLS (#475) * Add TLS capability * Add default annotation * add tls config docs --- Cargo.lock | 79 +++++++++++++++++++-------- Cargo.toml | 3 + crates/kitsune-config/src/database.rs | 2 + crates/kitsune-db/Cargo.toml | 10 ++++ crates/kitsune-db/src/lib.rs | 20 +++++-- crates/kitsune-db/src/tls.rs | 38 +++++++++++++ crates/kitsune-test/Cargo.toml | 1 + crates/kitsune-test/src/lib.rs | 11 +++- docs/src/configuring/database.md | 17 +++++- kitsune-cli/Cargo.toml | 1 + kitsune-cli/src/config.rs | 2 + kitsune-cli/src/main.rs | 9 ++- kitsune-job-runner/src/main.rs | 6 +- kitsune/src/main.rs | 9 +-- 14 files changed, 164 insertions(+), 44 deletions(-) create mode 100644 crates/kitsune-db/src/tls.rs diff --git a/Cargo.lock b/Cargo.lock index 20bdb45ff..d45cf73c3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -777,6 +777,16 @@ dependencies = [ "serde", ] +[[package]] +name = "bcder" +version = "0.7.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c627747a6774aab38beb35990d88309481378558875a41da1a4b2e373c906ef0" +dependencies = [ + "bytes", + "smallvec", +] + [[package]] name = "beef" version = "0.5.2" @@ -1610,19 +1620,6 @@ version = "2.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7e962a19be5cfc3f3bf6dd8f61eb50107f356ad6270fbb3ed41476571db78be5" -[[package]] -name = "deadpool" -version = "0.9.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "421fe0f90f2ab22016f32a9881be5134fdd71c65298917084b0c7477cbc3856e" -dependencies = [ - "async-trait", - "deadpool-runtime", - "num_cpus", - "retain_mut", - "tokio", -] - [[package]] name = "deadpool" version = "0.10.0" @@ -1641,7 +1638,7 @@ version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "36f2381b0e993d06a1f6d49f486b33bc4004085bf980340fc05726bacc681fff" dependencies = [ - "deadpool 0.10.0", + "deadpool", "redis", ] @@ -1756,11 +1753,10 @@ dependencies = [ [[package]] name = "diesel-async" version = "0.4.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "acada1517534c92d3f382217b485db8a8638f111b0e3f2a2a8e26165050f77be" +source = "git+https://github.com/weiznich/diesel_async.git?rev=017ebe2fb7a2709ab5db92148dea5ce812a35e09#017ebe2fb7a2709ab5db92148dea5ce812a35e09" dependencies = [ "async-trait", - "deadpool 0.9.5", + "deadpool", "diesel", "futures-util", "scoped-futures", @@ -3230,6 +3226,7 @@ dependencies = [ "diesel-async", "dotenvy", "envy", + "kitsune-config", "kitsune-db", "miette", "serde", @@ -3274,20 +3271,27 @@ dependencies = [ "diesel-async", "diesel_full_text_search", "diesel_migrations", + "futures-util", "iso8601-timestamp", "kitsune-blocking", + "kitsune-config", "kitsune-language", "kitsune-test", "kitsune-type", "miette", "num-derive", "num-traits 0.2.17", + "rustls 0.22.2", + "rustls-native-certs 0.7.0", "serde", "serial_test", "simd-json", "speedy-uuid", "thiserror", "tokio", + "tokio-postgres", + "tokio-postgres-rustls", + "tracing", "tracing-log", "typed-builder", ] @@ -3681,6 +3685,7 @@ dependencies = [ "futures-util", "http 1.0.0", "http-body-util", + "kitsune-config", "kitsune-db", "pin-project-lite", "redis", @@ -5588,12 +5593,6 @@ dependencies = [ "bytecheck", ] -[[package]] -name = "retain_mut" -version = "0.1.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4389f1d5789befaf6029ebd9f7dac4af7f7e3d61b69d4f30e2ac02b57e7712b0" - [[package]] name = "retry-policies" version = "0.2.1" @@ -6885,6 +6884,21 @@ dependencies = [ "whoami", ] +[[package]] +name = "tokio-postgres-rustls" +version = "0.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0ea13f22eda7127c827983bdaf0d7fff9df21c8817bab02815ac277a21143677" +dependencies = [ + "futures", + "ring 0.17.7", + "rustls 0.22.2", + "tokio", + "tokio-postgres", + "tokio-rustls 0.25.0", + "x509-certificate", +] + [[package]] name = "tokio-retry" version = "0.3.0" @@ -7872,6 +7886,25 @@ dependencies = [ "tap", ] +[[package]] +name = "x509-certificate" +version = "0.23.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "66534846dec7a11d7c50a74b7cdb208b9a581cad890b7866430d438455847c85" +dependencies = [ + "bcder", + "bytes", + "chrono", + "der", + "hex", + "pem", + "ring 0.17.7", + "signature", + "spki", + "thiserror", + "zeroize", +] + [[package]] name = "xmlparser" version = "0.13.6" diff --git a/Cargo.toml b/Cargo.toml index fd0430ed1..1ab587845 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -97,3 +97,6 @@ targets = [ ] # Publish jobs to run in CI pr-run-mode = "plan" + +[patch.crates-io] +diesel-async = { git = "https://github.com/weiznich/diesel_async.git", rev = "017ebe2fb7a2709ab5db92148dea5ce812a35e09" } diff --git a/crates/kitsune-config/src/database.rs b/crates/kitsune-config/src/database.rs index 817dbd93e..fafd0ed87 100644 --- a/crates/kitsune-config/src/database.rs +++ b/crates/kitsune-config/src/database.rs @@ -6,4 +6,6 @@ use smol_str::SmolStr; pub struct Configuration { pub url: SmolStr, pub max_connections: u32, + #[serde(default)] + pub use_tls: bool, } diff --git a/crates/kitsune-db/Cargo.toml b/crates/kitsune-db/Cargo.toml index a2c01e8d6..86c67c733 100644 --- a/crates/kitsune-db/Cargo.toml +++ b/crates/kitsune-db/Cargo.toml @@ -15,17 +15,27 @@ diesel-async = { version = "0.4.1", features = [ ] } diesel_full_text_search = { version = "2.1.1", default-features = false } diesel_migrations = "2.1.0" +futures-util = { version = "0.3.30", default-features = false, features = [ + "alloc", +] } iso8601-timestamp = { version = "0.2.16", features = ["diesel-pg"] } kitsune-blocking = { path = "../kitsune-blocking" } +kitsune-config = { path = "../kitsune-config" } kitsune-language = { path = "../kitsune-language" } kitsune-type = { path = "../kitsune-type" } miette = "5.10.0" num-derive = "0.4.1" num-traits = "0.2.17" +rustls = "0.22.2" +rustls-native-certs = "0.7.0" serde = { version = "1.0.195", features = ["derive"] } simd-json = "0.13.8" speedy-uuid = { path = "../../lib/speedy-uuid", features = ["diesel"] } thiserror = "1.0.56" +tokio = { version = "1.35.1", features = ["rt"] } +tokio-postgres = "0.7.10" +tokio-postgres-rustls = "0.11.1" +tracing = "0.1.40" tracing-log = "0.2.0" typed-builder = "0.18.1" diff --git a/crates/kitsune-db/src/lib.rs b/crates/kitsune-db/src/lib.rs index 04b56f0ed..e172d9110 100644 --- a/crates/kitsune-db/src/lib.rs +++ b/crates/kitsune-db/src/lib.rs @@ -1,3 +1,6 @@ +#[macro_use] +extern crate tracing; + use diesel::Connection; use diesel_async::{ async_connection_wrapper::AsyncConnectionWrapper, @@ -5,6 +8,7 @@ use diesel_async::{ AsyncPgConnection, }; use diesel_migrations::{embed_migrations, EmbeddedMigrations, MigrationHarness}; +use kitsune_config::database::Configuration as DatabaseConfig; use tracing_log::LogTracer; pub use crate::{ @@ -14,6 +18,7 @@ pub use crate::{ mod error; mod pool; +mod tls; pub mod activity; pub mod function; @@ -27,11 +32,11 @@ pub mod schema; pub const MIGRATIONS: EmbeddedMigrations = embed_migrations!(); /// Connect to the database and run any pending migrations -pub async fn connect(conn_str: &str, max_pool_size: usize) -> Result { +pub async fn connect(config: &DatabaseConfig) -> Result { LogTracer::init().ok(); kitsune_blocking::io({ - let conn_str = conn_str.to_string(); + let conn_str = config.url.clone(); move || { let mut migration_conn = @@ -46,9 +51,14 @@ pub async fn connect(conn_str: &str, max_pool_size: usize) -> Result { }) .await??; - let config = AsyncDieselConnectionManager::::new(conn_str); - let pool = Pool::builder(config) - .max_size(max_pool_size) + let pool_config = if config.use_tls { + AsyncDieselConnectionManager::new_with_config(config.url.as_str(), self::tls::pool_config()) + } else { + AsyncDieselConnectionManager::new(config.url.as_str()) + }; + + let pool = Pool::builder(pool_config) + .max_size(config.max_connections as usize) .build() .unwrap(); diff --git a/crates/kitsune-db/src/tls.rs b/crates/kitsune-db/src/tls.rs new file mode 100644 index 000000000..fabbce109 --- /dev/null +++ b/crates/kitsune-db/src/tls.rs @@ -0,0 +1,38 @@ +use diesel::{ConnectionError, ConnectionResult}; +use diesel_async::{pooled_connection::ManagerConfig, AsyncPgConnection}; +use futures_util::{future::BoxFuture, FutureExt}; + +pub fn pool_config() -> ManagerConfig { + let mut config = ManagerConfig::default(); + config.custom_setup = Box::new(establish_conn); + config +} + +fn establish_conn(config: &str) -> BoxFuture<'_, ConnectionResult> { + async { + let rustls_config = rustls::ClientConfig::builder() + .with_root_certificates(load_certs()) + .with_no_client_auth(); + let tls = tokio_postgres_rustls::MakeRustlsConnect::new(rustls_config); + let (client, conn) = tokio_postgres::connect(config, tls) + .await + .map_err(|err| ConnectionError::BadConnection(err.to_string()))?; + + tokio::spawn(async move { + if let Err(err) = conn.await { + error!("Database connection error: {err}"); + } + }); + + AsyncPgConnection::try_from(client).await + } + .boxed() +} + +fn load_certs() -> rustls::RootCertStore { + let mut roots = rustls::RootCertStore::empty(); + let certs = + rustls_native_certs::load_native_certs().expect("Failed to load native certificates"); + roots.add_parsable_certificates(certs); + roots +} diff --git a/crates/kitsune-test/Cargo.toml b/crates/kitsune-test/Cargo.toml index 904f3bafa..e9f38177d 100644 --- a/crates/kitsune-test/Cargo.toml +++ b/crates/kitsune-test/Cargo.toml @@ -12,6 +12,7 @@ diesel-async = "0.4.1" futures-util = "0.3.30" http = "1.0.0" http-body-util = "0.1.0" +kitsune-config = { path = "../kitsune-config" } kitsune-db = { path = "../kitsune-db" } pin-project-lite = "0.2.13" redis = "0.24.0" diff --git a/crates/kitsune-test/src/lib.rs b/crates/kitsune-test/src/lib.rs index 828336509..9460ea3d0 100644 --- a/crates/kitsune-test/src/lib.rs +++ b/crates/kitsune-test/src/lib.rs @@ -4,6 +4,7 @@ use diesel_async::RunQueryDsl; use futures_util::Future; use http::header::CONTENT_TYPE; use http_body_util::Full; +use kitsune_config::database::Configuration as DatabaseConfig; use kitsune_db::PgPool; use scoped_futures::ScopedFutureExt; use std::{env, error::Error, panic}; @@ -28,9 +29,13 @@ where Fut: Future, { let db_url = env::var("DATABASE_URL").expect("Missing database URL"); - let pool = kitsune_db::connect(&db_url, 10) - .await - .expect("Failed to connect to database"); + let pool = kitsune_db::connect(&DatabaseConfig { + url: db_url.into(), + max_connections: 10, + use_tls: false, + }) + .await + .expect("Failed to connect to database"); let out = CatchPanic::new(func(pool.clone())).await; diff --git a/docs/src/configuring/database.md b/docs/src/configuring/database.md index 0cc439c20..7dbb18d6e 100644 --- a/docs/src/configuring/database.md +++ b/docs/src/configuring/database.md @@ -11,6 +11,7 @@ You can find instructions on creating a database (along with password-protected ``` postgres://[Username]:[Password]@[DBMS host]:[Port]/[Database name] ``` + ### Example URL ``` @@ -19,7 +20,21 @@ postgres://database-user:password-here@localhost:5432/db-name-here ## Maximum connections -The `max-connections` setting defines how many connections the globally shared connection pool will open to the database server *at maximum*. +The `max-connections` setting defines how many connections the globally shared connection pool will open to the database server _at maximum_. What you should set this value to depends on many factors. > We currently do not report any pool metrics via the Prometheus endpoint. This might be added in the future. + +## TLS support + +If you want to connect to a database using TLS, set the parameter `use-tls` to `true`. +This setting is equivalent to `ssl_mode=full-verify` if you are looking for a PostgreSQL equivalent. + +### Example + +```toml +[database] +url = "postgres://kitsune:verysecure@localhost/kitsune_prod" +max-connections = 25 +use-tls = true +``` diff --git a/kitsune-cli/Cargo.toml b/kitsune-cli/Cargo.toml index 320e579c6..6cde7c973 100644 --- a/kitsune-cli/Cargo.toml +++ b/kitsune-cli/Cargo.toml @@ -17,6 +17,7 @@ diesel = "2.1.4" diesel-async = "0.4.1" dotenvy = "0.15.7" envy = "0.4.2" +kitsune-config = { path = "../crates/kitsune-config" } kitsune-db = { path = "../crates/kitsune-db" } miette = { version = "5.10.0", features = ["fancy"] } serde = { version = "1.0.195", features = ["derive"] } diff --git a/kitsune-cli/src/config.rs b/kitsune-cli/src/config.rs index e023396b7..e0620e34d 100644 --- a/kitsune-cli/src/config.rs +++ b/kitsune-cli/src/config.rs @@ -3,4 +3,6 @@ use serde::Deserialize; #[derive(Deserialize)] pub struct Configuration { pub database_url: String, + #[serde(default)] + pub database_use_tls: bool, } diff --git a/kitsune-cli/src/main.rs b/kitsune-cli/src/main.rs index 61e71555e..01690ec8d 100644 --- a/kitsune-cli/src/main.rs +++ b/kitsune-cli/src/main.rs @@ -1,6 +1,7 @@ use self::{config::Configuration, role::RoleSubcommand}; use clap::{Parser, Subcommand}; use diesel_async::scoped_futures::ScopedFutureExt; +use kitsune_config::database::Configuration as DatabaseConfig; use miette::{IntoDiagnostic, Result}; mod config; @@ -28,7 +29,13 @@ async fn main() -> Result<()> { tracing_subscriber::fmt::init(); let config: Configuration = envy::from_env().into_diagnostic()?; - let db_conn = kitsune_db::connect(&config.database_url, 1).await?; + let db_conn = kitsune_db::connect(&DatabaseConfig { + url: config.database_url.into(), + max_connections: 1, + use_tls: config.database_use_tls, + }) + .await?; + let cmd = App::parse(); db_conn diff --git a/kitsune-job-runner/src/main.rs b/kitsune-job-runner/src/main.rs index ecddfad18..7b7961010 100644 --- a/kitsune-job-runner/src/main.rs +++ b/kitsune-job-runner/src/main.rs @@ -29,11 +29,7 @@ async fn main() -> miette::Result<()> { kitsune_observability::initialise(env!("CARGO_PKG_NAME"), &config)?; - let db_pool = kitsune_db::connect( - &config.database.url, - config.database.max_connections as usize, - ) - .await?; + let db_pool = kitsune_db::connect(&config.database).await?; let job_queue = kitsune_job_runner::prepare_job_queue(db_pool.clone(), &config.job_queue) .into_diagnostic()?; diff --git a/kitsune/src/main.rs b/kitsune/src/main.rs index ecca5b496..6f889b715 100644 --- a/kitsune/src/main.rs +++ b/kitsune/src/main.rs @@ -25,12 +25,9 @@ async fn boot() -> miette::Result<()> { let config = Configuration::load(args.config).await?; kitsune_observability::initialise(env!("CARGO_PKG_NAME"), &config)?; - let conn = kitsune_db::connect( - &config.database.url, - config.database.max_connections as usize, - ) - .await - .wrap_err("Failed to connect to and migrate the database")?; + let conn = kitsune_db::connect(&config.database) + .await + .wrap_err("Failed to connect to and migrate the database")?; let job_queue = kitsune_job_runner::prepare_job_queue(conn.clone(), &config.job_queue) .into_diagnostic()