Lock file maintenance

[iliana]

beep boop i am renovate bot

cargo update output

    Updating aes v0.8.3 -> v0.8.4
    Updating ahash v0.8.8 -> v0.8.11
    Updating aho-corasick v1.1.2 -> v1.1.3
    Updating allocator-api2 v0.2.16 -> v0.2.18
    Updating anstream v0.6.11 -> v0.6.14
    Updating anstyle-parse v0.2.1 -> v0.2.4
    Updating anstyle-query v1.0.0 -> v1.0.3
    Updating anstyle-wincon v3.0.2 -> v3.0.3
    Updating arc-swap v1.6.0 -> v1.7.1
    Updating atomic-polyfill v0.1.11 -> v1.0.3
    Updating atomic-waker v1.1.1 -> v1.1.2
    Updating autocfg v1.1.0 -> v1.3.0
    Updating backtrace v0.3.69 -> v0.3.71
    Updating bindgen v0.69.2 -> v0.69.4
    Updating bitflags v2.4.2 -> v2.5.0
    Updating blake2b_simd v1.0.1 -> v1.0.2
    Updating blake3 v1.5.0 -> v1.5.1
    Updating bstr v1.9.0 -> v1.9.1
    Updating bumpalo v3.13.0 -> v3.16.0
    Updating bytecount v0.6.3 -> v0.6.8
    Updating cargo-platform v0.1.3 -> v0.1.8
    Updating cc v1.0.83 -> v1.0.97
    Updating cfg-expr v0.15.6 -> v0.15.8
    Updating clang-sys v1.6.1 -> v1.7.0
    Updating clipboard-win v5.0.0 -> v5.3.1
    Updating colorchoice v1.0.0 -> v1.0.1
    Removing constant_time_eq v0.2.6
    Updating core-foundation v0.9.3 -> v0.9.4
    Updating core-foundation-sys v0.8.4 -> v0.8.6
    Updating crc v3.0.1 -> v3.2.1
    Updating crc-any v2.4.3 -> v2.5.0
    Updating crc-catalog v2.2.0 -> v2.4.0
    Updating crc32fast v1.3.2 -> v1.4.0
    Updating crossbeam-channel v0.5.8 -> v0.5.12
    Updating crossbeam-deque v0.8.3 -> v0.8.5
    Updating crypto-bigint v0.5.2 -> v0.5.5
    Updating curve25519-dalek-derive v0.1.0 -> v0.1.1
    Updating darling v0.20.8 -> v0.20.9
    Updating darling_core v0.20.8 -> v0.20.9
    Updating darling_macro v0.20.8 -> v0.20.9
    Updating data-encoding v2.4.0 -> v2.6.0
    Updating defmt v0.3.5 -> v0.3.8
    Updating defmt-macros v0.3.6 -> v0.3.9
    Updating defmt-parser v0.3.3 -> v0.3.4
    Updating der v0.7.8 -> v0.7.9
    Updating diesel_derives v2.1.2 -> v2.1.4
    Updating dropshot v0.10.1-dev (https://github.com/oxidecomputer/dropshot?branch=main#283d8978) -> #2fdf3718
    Updating dropshot_endpoint v0.10.1-dev (https://github.com/oxidecomputer/dropshot?branch=main#283d8978) -> #2fdf3718
    Updating ed25519 v2.2.2 -> v2.2.3
    Updating ed25519-dalek v2.0.0 -> v2.1.1
    Updating either v1.11.0 -> v1.12.0
    Updating ena v0.14.2 -> v0.14.3
    Updating encoding_rs v0.8.33 -> v0.8.34
    Updating env_logger v0.10.0 -> v0.10.2
    Updating errno v0.3.8 -> v0.3.9
    Updating error-code v3.0.0 -> v3.2.0
    Updating fastrand v2.0.1 -> v2.1.0
    Updating fiat-crypto v0.2.1 -> v0.2.9
      Adding finl_unicode v1.2.0
    Updating flagset v0.4.3 -> v0.4.5
    Updating futures-timer v3.0.2 -> v3.0.3
    Updating getrandom v0.2.12 -> v0.2.14
    Updating ghash v0.5.0 -> v0.5.1
    Updating gimli v0.28.0 -> v0.28.1
    Updating globset v0.4.13 -> v0.4.14
    Updating goblin v0.8.0 -> v0.8.2
    Updating half v2.3.1 -> v2.4.1
    Updating hashbrown v0.14.3 -> v0.14.5
    Updating heapless v0.7.16 -> v0.7.17
    Updating hermit-abi v0.3.2 -> v0.3.9
    Updating home v0.5.5 -> v0.5.9
    Updating http v1.0.0 -> v1.1.0
    Updating http-body v0.4.5 -> v0.4.6
    Updating hubtools v0.4.1 (https://github.com/oxidecomputer/hubtools.git?branch=main#73cd5a84) -> #943c4bbe
    Updating hyper v1.1.0 -> v1.3.1
    Updating hyper-util v0.1.2 -> v0.1.3
    Updating iana-time-zone v0.1.57 -> v0.1.60
    Updating indoc v2.0.3 -> v2.0.5
    Updating is-terminal v0.4.9 -> v0.4.12
      Adding is_terminal_polyfill v1.70.0
    Updating itoa v1.0.9 -> v1.0.11
    Updating js-sys v0.3.64 -> v0.3.69
    Updating keccak v0.1.4 -> v0.1.5
    Updating libloading v0.7.4 -> v0.8.3
    Updating libm v0.2.7 -> v0.2.8
    Updating libnet v0.1.0 (https://github.com/oxidecomputer/netadm-sys?branch=main#d44d9e08) -> #4ceaf96e
    Updating libnet v0.1.0 (https://github.com/oxidecomputer/netadm-sys#f114bd0d) -> #4ceaf96e
      Adding libredox v0.1.3
    Updating libtest-mimic v0.7.2 -> v0.7.3
    Updating lock_api v0.4.10 -> v0.4.12
    Updating lpc55_areas v0.2.4 (https://github.com/oxidecomputer/lpc55_support#96f064ea) -> #131520fc
    Updating lpc55_sign v0.3.3 (https://github.com/oxidecomputer/lpc55_support#96f064ea) -> #131520fc
    Updating lru v0.12.1 -> v0.12.3
    Updating md-5 v0.10.5 -> v0.10.6
    Updating memchr v2.7.1 -> v2.7.2
    Updating memmap2 v0.7.1 -> v0.9.4
    Updating miniz_oxide v0.7.1 -> v0.7.2
    Updating new_debug_unreachable v1.0.4 -> v1.0.6
    Updating num-bigint v0.4.4 -> v0.4.5
    Updating num-derive v0.4.0 -> v0.4.2
    Updating num_threads v0.1.6 -> v0.1.7
    Updating object v0.32.1 -> v0.32.2
    Updating opaque-debug v0.3.0 -> v0.3.1
    Updating parking_lot v0.12.1 -> v0.12.2
    Updating parking_lot_core v0.9.8 -> v0.9.10
    Removing peeking_take_while v0.1.2
    Updating pest v2.7.6 -> v2.7.10
    Updating pest_derive v2.7.6 -> v2.7.10
    Updating pest_generator v2.7.6 -> v2.7.10
    Updating pest_meta v2.7.6 -> v2.7.10
    Updating pin-project v1.1.3 -> v1.1.5
    Updating pin-project-internal v1.1.3 -> v1.1.5
    Updating pin-project-lite v0.2.13 -> v0.2.14
    Updating pkg-config v0.3.27 -> v0.3.30
    Updating platforms v3.0.2 -> v3.4.0
    Updating polyval v0.6.1 -> v0.6.2
    Updating portable-atomic v1.4.3 -> v1.6.0
    Updating progenitor v0.6.0 (https://github.com/oxidecomputer/progenitor?branch=main#0aeb3a72) -> #c59c6d64
    Updating progenitor-client v0.6.0 (https://github.com/oxidecomputer/progenitor?branch=main#0aeb3a72) -> #c59c6d64
    Updating progenitor-impl v0.6.0 (https://github.com/oxidecomputer/progenitor?branch=main#0aeb3a72) -> #c59c6d64
    Updating progenitor-macro v0.6.0 (https://github.com/oxidecomputer/progenitor?branch=main#0aeb3a72) -> #c59c6d64
    Updating redox_syscall v0.3.5 -> v0.5.1
    Updating redox_users v0.4.3 -> v0.4.5
    Updating regex-automata v0.4.5 -> v0.4.6
    Updating regex-syntax v0.8.2 -> v0.8.3
    Updating relative-path v1.9.0 -> v1.9.3
    Updating rsa v0.9.2 -> v0.9.6
    Updating rtoolbox v0.0.1 -> v0.0.2
    Updating russh-cryptovec v0.7.0 -> v0.7.2
    Updating rustc-demangle v0.1.23 -> v0.1.24
    Updating rustix v0.38.31 -> v0.38.34
    Updating rustls v0.21.9 -> v0.21.12
    Updating rustls-pemfile v1.0.3 -> v1.0.4
    Updating rustls-pki-types v1.3.0 -> v1.7.0
    Updating rustls-webpki v0.102.1 -> v0.102.4
    Updating rustversion v1.0.14 -> v1.0.17
    Updating ryu v1.0.15 -> v1.0.18
    Updating schannel v0.1.22 -> v0.1.23
    Updating schemars v0.8.17 -> v0.8.19
    Updating schemars_derive v0.8.17 -> v0.8.19
    Updating sct v0.7.0 -> v0.7.1
    Updating security-framework v2.9.2 -> v2.11.0
    Updating security-framework-sys v2.9.1 -> v2.11.0
    Updating serde v1.0.201 -> v1.0.202
    Updating serde_derive v1.0.201 -> v1.0.202
    Updating serde_derive_internals v0.29.0 -> v0.29.1
    Updating serde_repr v0.1.16 -> v0.1.19
    Updating serde_spanned v0.6.5 -> v0.6.6
    Updating serde_with v3.7.0 -> v3.8.1
    Updating serde_with_macros v3.7.0 -> v3.8.1
    Updating serde_yaml v0.9.25 -> v0.9.34+deprecated
    Updating signal-hook-registry v1.4.1 -> v1.4.2
    Updating signature v2.1.0 -> v2.2.0
    Updating similar v2.4.0 -> v2.5.0
    Updating smallvec v1.13.1 -> v1.13.2
    Updating smawk v0.3.1 -> v0.3.2
    Removing socket2 v0.4.9
    Removing socket2 v0.5.6
      Adding socket2 v0.4.10
      Adding socket2 v0.5.7
    Updating spki v0.7.2 -> v0.7.3
    Updating stringprep v0.1.3 -> v0.1.4
    Removing strsim v0.10.0
    Removing strsim v0.11.0
      Adding strsim v0.11.1
    Removing strum_macros v0.25.2
    Removing strum_macros v0.26.1
      Adding strum_macros v0.25.3
      Adding strum_macros v0.26.2
    Updating syn v2.0.60 -> v2.0.64
    Updating target-lexicon v0.12.13 -> v0.12.14
    Updating termcolor v1.2.0 -> v1.4.1
    Updating thread-id v4.2.0 -> v4.2.1
    Updating thread_local v1.1.7 -> v1.1.8
    Updating time v0.3.34 -> v0.3.36
    Updating time-macros v0.2.17 -> v0.2.18
      Adding tls_codec v0.4.1
      Adding tls_codec_derive v0.4.1
    Updating tokio-util v0.7.10 -> v0.7.11
    Updating toml v0.8.12 -> v0.8.13
    Updating toml_datetime v0.6.5 -> v0.6.6
    Updating toml_edit v0.22.12 -> v0.22.13
    Updating try-lock v0.2.4 -> v0.2.5
    Updating trybuild v1.0.91 -> v1.0.96
    Updating typed-path v0.7.0 -> v0.7.1
    Updating typenum v1.16.0 -> v1.17.0
    Updating typify v0.0.16 (https://github.com/oxidecomputer/typify#336a042b) -> #ad1296f6
    Updating typify-impl v0.0.16 (https://github.com/oxidecomputer/typify#336a042b) -> #ad1296f6
    Updating typify-macro v0.0.16 (https://github.com/oxidecomputer/typify#336a042b) -> #ad1296f6
    Updating unicode-normalization v0.1.22 -> v0.1.23
    Updating unicode-segmentation v1.10.1 -> v1.11.0
    Updating unicode-width v0.1.11 -> v0.1.12
    Updating unsafe-libyaml v0.2.10 -> v0.2.11
    Updating wasm-bindgen v0.2.87 -> v0.2.92
    Updating wasm-bindgen-backend v0.2.87 -> v0.2.92
    Updating wasm-bindgen-futures v0.4.37 -> v0.4.42
    Updating wasm-bindgen-macro v0.2.87 -> v0.2.92
    Updating wasm-bindgen-macro-support v0.2.87 -> v0.2.92
    Updating wasm-bindgen-shared v0.2.87 -> v0.2.92
    Updating web-sys v0.3.64 -> v0.3.69
    Updating webpki-roots v0.25.2 -> v0.25.4
    Updating which v4.4.0 -> v4.4.2
    Updating widestring v1.0.2 -> v1.1.0
    Updating winapi-util v0.1.5 -> v0.1.8
    Removing windows v0.48.0
    Updating windows-targets v0.52.0 -> v0.52.5
    Updating windows_aarch64_gnullvm v0.52.0 -> v0.52.5
    Updating windows_aarch64_msvc v0.52.0 -> v0.52.5
    Updating windows_i686_gnu v0.52.0 -> v0.52.5
      Adding windows_i686_gnullvm v0.52.5
    Updating windows_i686_msvc v0.52.0 -> v0.52.5
    Updating windows_x86_64_gnu v0.52.0 -> v0.52.5
    Updating windows_x86_64_gnullvm v0.52.0 -> v0.52.5
    Updating windows_x86_64_msvc v0.52.0 -> v0.52.5
    Removing winnow v0.5.15
    Removing winnow v0.6.1
      Adding winnow v0.5.40
      Adding winnow v0.6.8
    Updating x509-cert v0.2.4 -> v0.2.5
    Updating xattr v1.0.1 -> v1.3.1
    Removing zerocopy v0.3.0
    Removing zerocopy v0.7.32
      Adding zerocopy v0.3.2
      Adding zerocopy v0.7.34
    Updating zerocopy-derive v0.7.32 -> v0.7.34

[david-crespo]

notable?

[iliana]

Unsure! Let me see if I can find out why this changed.

[sunshowers]

First guess would be the schemars update.

[iliana]

Yeah, it seems to have been the one PR in 0.8.18, which caused other breakage: oxidecomputer/dropshot#995

I don't know whether removing "default": null is problematic on its own.

[iliana]

The Progenitor-generated oxide-client (that we have in this repo to use for end-to-end tests) doesn't have any differences from main to this branch (per cargo expand).

The generated API in the console does have this difference:

diff --git a/app/api/__generated__/validate.ts b/app/api/__generated__/validate.ts
index fcb58fb1..07fe33d0 100644
--- a/app/api/__generated__/validate.ts
+++ b/app/api/__generated__/validate.ts
@@ -2327,7 +2327,7 @@ export const SamlIdentityProviderCreate = z.preprocess(
     idpEntityId: z.string(),
     idpMetadataSource: IdpMetadataSource,
     name: Name,
-    signingKeypair: DerEncodedKeyPair.default(null).optional(),
+    signingKeypair: DerEncodedKeyPair.optional(),
     sloUrl: z.string(),
     spClientId: z.string(),
     technicalContactEmail: z.string(),

which seems to not introduce any typechecking issues.

[david-crespo]

You would think the default value of a nullable would be null by default anyway! Thanks for checking the TS. That particular bit isn’t load-bearing anyway — we currently only use the generated validators in the mock server so we can 400 on bad request bodies.

[iliana]

Should we merge? I can also back out the dropshot/schemars updates (they need to go together, as dropshot bumped its dep to the most recent schemars recently).

[david-crespo]

I'm like 95% confident it's fine but I'd want @ahl to confirm.

[ahl]

Without objection; have we done any looking at the specific updates or "SBOM lol"? I'm good either way.

[iliana]

I looked at most of the cryptography-related updates and saw nothing of concern. I think medium-term we should build some tooling around auditing crate updates and splitting the load of that.