chore(deps): update rust crate secrecy to 0.10
This commit is contained in:
parent
7bd6347dd8
commit
6a0e0580dc
9 changed files with 38 additions and 28 deletions
19
Cargo.lock
generated
19
Cargo.lock
generated
|
@ -1121,7 +1121,7 @@ dependencies = [
|
||||||
"ratatui",
|
"ratatui",
|
||||||
"regex",
|
"regex",
|
||||||
"rstest",
|
"rstest",
|
||||||
"secrecy",
|
"secrecy 0.10.3",
|
||||||
"sendmail",
|
"sendmail",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"standardwebhooks",
|
"standardwebhooks",
|
||||||
|
@ -1154,7 +1154,7 @@ dependencies = [
|
||||||
"pike",
|
"pike",
|
||||||
"pretty_assertions",
|
"pretty_assertions",
|
||||||
"rand",
|
"rand",
|
||||||
"secrecy",
|
"secrecy 0.10.3",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"take-until",
|
"take-until",
|
||||||
|
@ -1175,7 +1175,7 @@ dependencies = [
|
||||||
"git-next-core",
|
"git-next-core",
|
||||||
"kxio",
|
"kxio",
|
||||||
"rand",
|
"rand",
|
||||||
"secrecy",
|
"secrecy 0.10.3",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"tokio",
|
"tokio",
|
||||||
|
@ -1195,7 +1195,7 @@ dependencies = [
|
||||||
"hmac",
|
"hmac",
|
||||||
"kxio",
|
"kxio",
|
||||||
"rand",
|
"rand",
|
||||||
"secrecy",
|
"secrecy 0.10.3",
|
||||||
"serde",
|
"serde",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
"sha2",
|
"sha2",
|
||||||
|
@ -2611,7 +2611,7 @@ dependencies = [
|
||||||
"http 1.1.0",
|
"http 1.1.0",
|
||||||
"path-clean",
|
"path-clean",
|
||||||
"reqwest",
|
"reqwest",
|
||||||
"secrecy",
|
"secrecy 0.8.0",
|
||||||
"serde",
|
"serde",
|
||||||
"serde-xml-rs",
|
"serde-xml-rs",
|
||||||
"serde_json",
|
"serde_json",
|
||||||
|
@ -3683,6 +3683,15 @@ dependencies = [
|
||||||
"zeroize",
|
"zeroize",
|
||||||
]
|
]
|
||||||
|
|
||||||
|
[[package]]
|
||||||
|
name = "secrecy"
|
||||||
|
version = "0.10.3"
|
||||||
|
source = "registry+https://github.com/rust-lang/crates.io-index"
|
||||||
|
checksum = "e891af845473308773346dc847b2c23ee78fe442e0472ac50e22a18a93d3ae5a"
|
||||||
|
dependencies = [
|
||||||
|
"zeroize",
|
||||||
|
]
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "security-framework"
|
name = "security-framework"
|
||||||
version = "2.11.1"
|
version = "2.11.1"
|
||||||
|
|
|
@ -68,7 +68,7 @@ serde_json = "1.0"
|
||||||
toml = "0.8"
|
toml = "0.8"
|
||||||
|
|
||||||
# Secrets and Password
|
# Secrets and Password
|
||||||
secrecy = "0.8"
|
secrecy = "0.10"
|
||||||
|
|
||||||
# Conventional Commit check
|
# Conventional Commit check
|
||||||
git-conventional = "0.12"
|
git-conventional = "0.12"
|
||||||
|
|
|
@ -6,7 +6,7 @@ use git_next_core::{
|
||||||
ApiToken, ForgeType, GitDir, Hostname, RepoBranches, RepoConfig, RepoConfigSource, RepoPath,
|
ApiToken, ForgeType, GitDir, Hostname, RepoBranches, RepoConfig, RepoConfigSource, RepoPath,
|
||||||
StoragePathType, User,
|
StoragePathType, User,
|
||||||
};
|
};
|
||||||
use secrecy::Secret;
|
use secrecy::SecretString;
|
||||||
|
|
||||||
type Result<T> = std::result::Result<T, Box<dyn std::error::Error>>;
|
type Result<T> = std::result::Result<T, Box<dyn std::error::Error>>;
|
||||||
|
|
||||||
|
@ -59,7 +59,7 @@ fn repo_details_find_default_push_remote_finds_correct_remote() -> Result<()> {
|
||||||
repo_details.forge = repo_details
|
repo_details.forge = repo_details
|
||||||
.forge
|
.forge
|
||||||
.with_user(User::new("git".to_string()))
|
.with_user(User::new("git".to_string()))
|
||||||
.with_token(ApiToken::new(Secret::new(String::new())))
|
.with_token(ApiToken::new(SecretString::from(String::new())))
|
||||||
.with_hostname(Hostname::new("git.kemitix.net"));
|
.with_hostname(Hostname::new("git.kemitix.net"));
|
||||||
repo_details.repo_path = RepoPath::new("kemitix/git-next".to_string());
|
repo_details.repo_path = RepoPath::new("kemitix/git-next".to_string());
|
||||||
let Ok(open_repository) = git::repository::factory::real().open(&repo_details) else {
|
let Ok(open_repository) = git::repository::factory::real().open(&repo_details) else {
|
||||||
|
@ -95,7 +95,7 @@ fn gitdir_validate_should_pass_a_valid_git_repo() -> Result<()> {
|
||||||
repo_details.forge = repo_details
|
repo_details.forge = repo_details
|
||||||
.forge
|
.forge
|
||||||
.with_user(User::new("git".to_string()))
|
.with_user(User::new("git".to_string()))
|
||||||
.with_token(ApiToken::new(Secret::new(String::new())))
|
.with_token(ApiToken::new(SecretString::from(String::new())))
|
||||||
.with_hostname(Hostname::new("git.kemitix.net"));
|
.with_hostname(Hostname::new("git.kemitix.net"));
|
||||||
tracing::debug!("opening...");
|
tracing::debug!("opening...");
|
||||||
let Ok(repository) = git::repository::factory::real().open(&repo_details) else {
|
let Ok(repository) = git::repository::factory::real().open(&repo_details) else {
|
||||||
|
@ -129,7 +129,7 @@ fn gitdir_validate_should_fail_a_git_repo_with_wrong_remote() {
|
||||||
repo_details.forge = repo_details
|
repo_details.forge = repo_details
|
||||||
.forge
|
.forge
|
||||||
.with_user(User::new("git".to_string()))
|
.with_user(User::new("git".to_string()))
|
||||||
.with_token(ApiToken::new(Secret::new(String::new())))
|
.with_token(ApiToken::new(SecretString::from(String::new())))
|
||||||
.with_hostname(Hostname::new("git.kemitix.net"));
|
.with_hostname(Hostname::new("git.kemitix.net"));
|
||||||
let Ok(repository) = git::repository::factory::real().open(&repo_details) else {
|
let Ok(repository) = git::repository::factory::real().open(&repo_details) else {
|
||||||
// .git directory may not be present on dev environment
|
// .git directory may not be present on dev environment
|
||||||
|
|
|
@ -2,10 +2,10 @@
|
||||||
/// `ForgeJo`: <https://{hostname}/user/settings/applications>
|
/// `ForgeJo`: <https://{hostname}/user/settings/applications>
|
||||||
/// `Github`: <https://github.com/settings/tokens>
|
/// `Github`: <https://github.com/settings/tokens>
|
||||||
#[derive(Clone, Debug, derive_more::Constructor)]
|
#[derive(Clone, Debug, derive_more::Constructor)]
|
||||||
pub struct ApiToken(secrecy::Secret<String>);
|
pub struct ApiToken(secrecy::SecretString);
|
||||||
/// The API Token is in effect a password, so it must be explicitly exposed to access its value
|
/// The API Token is in effect a password, so it must be explicitly exposed to access its value
|
||||||
impl secrecy::ExposeSecret<String> for ApiToken {
|
impl secrecy::ExposeSecret<str> for ApiToken {
|
||||||
fn expose_secret(&self) -> &String {
|
fn expose_secret(&self) -> &str {
|
||||||
self.0.expose_secret()
|
self.0.expose_secret()
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -10,7 +10,7 @@ use std::{
|
||||||
|
|
||||||
use derive_more::{Constructor, Display};
|
use derive_more::{Constructor, Display};
|
||||||
use kxio::fs::FileSystem;
|
use kxio::fs::FileSystem;
|
||||||
use secrecy::Secret;
|
use secrecy::SecretString;
|
||||||
use serde::{Deserialize, Serialize};
|
use serde::{Deserialize, Serialize};
|
||||||
use tracing::info;
|
use tracing::info;
|
||||||
|
|
||||||
|
@ -242,8 +242,11 @@ impl Shout {
|
||||||
self.webhook.clone().map(|x| x.url)
|
self.webhook.clone().map(|x| x.url)
|
||||||
}
|
}
|
||||||
|
|
||||||
pub fn webhook_secret(&self) -> Option<Secret<String>> {
|
pub fn webhook_secret(&self) -> Option<SecretString> {
|
||||||
self.webhook.clone().map(|x| x.secret).map(Secret::new)
|
self.webhook
|
||||||
|
.clone()
|
||||||
|
.map(|x| x.secret)
|
||||||
|
.map(SecretString::from)
|
||||||
}
|
}
|
||||||
|
|
||||||
#[must_use]
|
#[must_use]
|
||||||
|
@ -278,8 +281,8 @@ impl OutboundWebhook {
|
||||||
self.url.as_ref()
|
self.url.as_ref()
|
||||||
}
|
}
|
||||||
#[must_use]
|
#[must_use]
|
||||||
pub fn secret(&self) -> Secret<String> {
|
pub fn secret(&self) -> SecretString {
|
||||||
Secret::new(self.secret.clone())
|
SecretString::from(self.secret.clone())
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -539,7 +539,7 @@ mod server {
|
||||||
let shout_webhook_url = shout.webhook_url().unwrap_or_default();
|
let shout_webhook_url = shout.webhook_url().unwrap_or_default();
|
||||||
let shout_webhook_secret = shout
|
let shout_webhook_secret = shout
|
||||||
.webhook_secret()
|
.webhook_secret()
|
||||||
.map(|secret| secret.expose_secret().clone())
|
.map(|secret| secret.expose_secret().to_string())
|
||||||
.unwrap_or_default();
|
.unwrap_or_default();
|
||||||
let_assert!(Some(shout_email) = shout.email());
|
let_assert!(Some(shout_email) = shout.email());
|
||||||
let shout_email_from = shout_email.from();
|
let shout_email_from = shout_email.from();
|
||||||
|
|
|
@ -11,7 +11,7 @@ use crate::{
|
||||||
|
|
||||||
use std::sync::{Arc, RwLock};
|
use std::sync::{Arc, RwLock};
|
||||||
|
|
||||||
use secrecy::{ExposeSecret, Secret};
|
use secrecy::{ExposeSecret, SecretString};
|
||||||
use tracing::instrument;
|
use tracing::instrument;
|
||||||
|
|
||||||
/// The derived information about a repo, used to interact with it
|
/// The derived information about a repo, used to interact with it
|
||||||
|
@ -53,7 +53,7 @@ impl RepoDetails {
|
||||||
),
|
),
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
pub(crate) fn origin(&self) -> secrecy::Secret<String> {
|
pub(crate) fn origin(&self) -> secrecy::SecretString {
|
||||||
let repo_details = self;
|
let repo_details = self;
|
||||||
let user = &repo_details.forge.user();
|
let user = &repo_details.forge.user();
|
||||||
let hostname = &repo_details.forge.hostname();
|
let hostname = &repo_details.forge.hostname();
|
||||||
|
@ -78,7 +78,7 @@ impl RepoDetails {
|
||||||
}
|
}
|
||||||
|
|
||||||
// url is a secret as it contains auth token
|
// url is a secret as it contains auth token
|
||||||
pub(crate) fn url(&self) -> Secret<String> {
|
pub(crate) fn url(&self) -> SecretString {
|
||||||
let user = self.forge.user();
|
let user = self.forge.user();
|
||||||
let token = self.forge.token().expose_secret();
|
let token = self.forge.token().expose_secret();
|
||||||
let auth_delim = if token.is_empty() { "" } else { ":" };
|
let auth_delim = if token.is_empty() { "" } else { ":" };
|
||||||
|
|
|
@ -60,10 +60,8 @@ impl RepositoryFactory for RealRepositoryFactory {
|
||||||
|
|
||||||
fn git_clone(&self, repo_details: &RepoDetails) -> Result<Box<dyn OpenRepositoryLike>> {
|
fn git_clone(&self, repo_details: &RepoDetails) -> Result<Box<dyn OpenRepositoryLike>> {
|
||||||
tracing::info!("creating");
|
tracing::info!("creating");
|
||||||
let (gix_repo, _outcome) = gix::prepare_clone_bare(
|
let (gix_repo, _outcome) =
|
||||||
repo_details.origin().expose_secret().as_str(),
|
gix::prepare_clone_bare(repo_details.origin().expose_secret(), &*repo_details.gitdir)?
|
||||||
&*repo_details.gitdir,
|
|
||||||
)?
|
|
||||||
.fetch_only(gix::progress::Discard, &AtomicBool::new(false))?;
|
.fetch_only(gix::progress::Discard, &AtomicBool::new(false))?;
|
||||||
tracing::info!("created");
|
tracing::info!("created");
|
||||||
let repo = RealOpenRepository::new(
|
let repo = RealOpenRepository::new(
|
||||||
|
|
|
@ -112,7 +112,7 @@ impl super::OpenRepositoryLike for RealOpenRepository {
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
// INFO: never log the command as it contains the API token within the 'origin'
|
// INFO: never log the command as it contains the API token within the 'origin'
|
||||||
let command: secrecy::Secret<String> = format!(
|
let command: secrecy::SecretString = format!(
|
||||||
"/usr/bin/git push {} {to_commit}:{branch_name} {force}",
|
"/usr/bin/git push {} {to_commit}:{branch_name} {force}",
|
||||||
origin.expose_secret()
|
origin.expose_secret()
|
||||||
)
|
)
|
||||||
|
|
Loading…
Reference in a new issue