diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index df29d39c3..97f89013f 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -25,6 +25,21 @@ jobs: - run: rustup update - run: cargo fmt --all --check + cargo-deny: + runs-on: ubuntu-latest + strategy: + matrix: + checks: + - advisories + - bans licenses sources + # Prevent sudden announcement of a new advisory from failing ci: + continue-on-error: ${{ matrix.checks == 'advisories' }} + steps: + - uses: actions/checkout@v3 + - uses: EmbarkStudios/cargo-deny-action@e0a440755b184aa50374330fa75cca0f84fcb59a + with: + command: check ${{ matrix.checks }} + rust-analyzer-compat: runs-on: ubuntu-latest steps: diff --git a/Cargo.lock b/Cargo.lock index 773021192..a5e9c48a3 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -69,19 +69,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8" [[package]] -name = "block-buffer" -version = "0.9.0" +name = "base64" +version = "0.21.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] +checksum = "a4a4ddaa51a5bc52a6948f74c06d20aaaddb71924eab79b8c97a8c556e942d6a" [[package]] name = "block-buffer" -version = "0.10.4" +version = "0.9.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" dependencies = [ "generic-array", ] @@ -100,14 +97,14 @@ checksum = "14c189c53d098945499cdfa7ecc63567cf3886b3332b312a5b4585d8d3a6a610" [[package]] name = "bytes-lit" -version = "0.0.4" +version = "0.0.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c181bca161a49348b90fa75f9a54fe11b7138098eed90d841a1055d574b4250" +checksum = "0adabf37211a5276e46335feabcbb1530c95eb3fdf85f324c7db942770aa025d" dependencies = [ "num-bigint", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] @@ -171,16 +168,6 @@ dependencies = [ "serde_json", ] -[[package]] -name = "crypto-common" -version = "0.1.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3" -dependencies = [ - "generic-array", - "typenum", -] - [[package]] name = "ctor" version = "0.1.26" @@ -198,8 +185,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "90f9d052967f590a76e62eb387bd0bbb1b000182c3cefe5364db6b7211651bc0" dependencies = [ "byteorder", - "digest 0.9.0", - "rand_core 0.5.1", + "digest", + "rand_core", "subtle", "zeroize", ] @@ -250,9 +237,9 @@ dependencies = [ [[package]] name = "darling" -version = "0.14.4" +version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7b750cb3417fd1b327431a470f388520309479ab0bf5e323505daf0290cd3850" +checksum = "e7c99d16b88c92aef47e58dadd53e87b4bd234c29934947a6cec8b466300f99b" dependencies = [ "darling_core", "darling_macro", @@ -260,27 +247,27 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.14.4" +version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "109c1ca6e6b7f82cc233a97004ea8ed7ca123a9af07a8230878fcfda9b158bf0" +checksum = "2ea05d2fcb27b53f7a98faddaf5f2914760330ab7703adfc9df13332b42189f9" dependencies = [ "fnv", "ident_case", "proc-macro2", "quote", "strsim", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] name = "darling_macro" -version = "0.14.4" +version = "0.20.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4aab4dbc9f7611d8b55048a3a16d2d010c2c8334e46304b40ac1cc14bf3b48e" +checksum = "7bfb82b62b1b8a2a9808fb4caf844ede819a76cfc23b2827d7f94eefb49551eb" dependencies = [ "darling_core", "quote", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] @@ -309,16 +296,6 @@ dependencies = [ "generic-array", ] -[[package]] -name = "digest" -version = "0.10.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8168378f4e5023e7218c89c891c0fd8ecdb5e5e4f18cb78f38cf245dd021e76f" -dependencies = [ - "block-buffer 0.10.4", - "crypto-common", -] - [[package]] name = "downcast-rs" version = "1.2.0" @@ -348,9 +325,9 @@ checksum = "c762bae6dcaf24c4c84667b8579785430908723d5c889f469d76a41d59cc7a9d" dependencies = [ "curve25519-dalek", "ed25519", - "rand 0.7.3", + "rand", "serde", - "sha2 0.9.9", + "sha2", "zeroize", ] @@ -390,18 +367,7 @@ checksum = "8fc3cb4d91f53b50155bdcfd23f6a4c39ae1969c2ae85982b135750cccaf5fce" dependencies = [ "cfg-if", "libc", - "wasi 0.9.0+wasi-snapshot-preview1", -] - -[[package]] -name = "getrandom" -version = "0.2.9" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c85e1d9ab2eadba7e5040d4e09cbd6d072b76a557ad64e797c2cb9d4da21d7e4" -dependencies = [ - "cfg-if", - "libc", - "wasi 0.11.0+wasi-snapshot-preview1", + "wasi", ] [[package]] @@ -650,12 +616,12 @@ dependencies = [ [[package]] name = "prettyplease" -version = "0.1.25" +version = "0.2.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6c8646e95016a7a6c4adea95bafa8a16baab64b583356217f2c85db4a39d9a86" +checksum = "1ceca8aaf45b5c46ec7ed39fff75f57290368c1846d33d24a122ca81416ab058" dependencies = [ "proc-macro2", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] @@ -682,24 +648,13 @@ version = "0.7.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "6a6b1679d49b24bbfe0c803429aa1874472f50d9b363131f0e89fc356b544d03" dependencies = [ - "getrandom 0.1.16", + "getrandom", "libc", - "rand_chacha 0.2.2", - "rand_core 0.5.1", + "rand_chacha", + "rand_core", "rand_hc", ] -[[package]] -name = "rand" -version = "0.8.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404" -dependencies = [ - "libc", - "rand_chacha 0.3.1", - "rand_core 0.6.4", -] - [[package]] name = "rand_chacha" version = "0.2.2" @@ -707,17 +662,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f4c8ed856279c9737206bf725bf36935d8666ead7aa69b52be55af369d193402" dependencies = [ "ppv-lite86", - "rand_core 0.5.1", -] - -[[package]] -name = "rand_chacha" -version = "0.3.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88" -dependencies = [ - "ppv-lite86", - "rand_core 0.6.4", + "rand_core", ] [[package]] @@ -726,16 +671,7 @@ version = "0.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "90bde5296fc891b0cef12a6d03ddccc162ce7b2aff54160af9338f8d40df6d19" dependencies = [ - "getrandom 0.1.16", -] - -[[package]] -name = "rand_core" -version = "0.6.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" -dependencies = [ - "getrandom 0.2.9", + "getrandom", ] [[package]] @@ -744,7 +680,7 @@ version = "0.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ca3129af7b92a17112d59ad498c6f81eaf463253766b90396d39ea7a39d6613c" dependencies = [ - "rand_core 0.5.1", + "rand_core", ] [[package]] @@ -798,11 +734,11 @@ dependencies = [ [[package]] name = "serde_with" -version = "2.3.2" +version = "3.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "331bb8c3bf9b92457ab7abecf07078c13f7d270ba490103e84e8b014490cd0b0" +checksum = "9f02d8aa6e3c385bf084924f660ce2a3a6bd333ba55b35e8590b321f35d88513" dependencies = [ - "base64", + "base64 0.21.0", "chrono", "hex", "indexmap", @@ -814,14 +750,14 @@ dependencies = [ [[package]] name = "serde_with_macros" -version = "2.3.2" +version = "3.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "859011bddcc11f289f07f467cc1fe01c7a941daa4d8f6c40d4d1c92eb6d9319c" +checksum = "edc7d5d3932fb12ce722ee5e64dd38c504efba37567f0c402f6ca728c3b8b070" dependencies = [ "darling", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] @@ -830,24 +766,13 @@ version = "0.9.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" dependencies = [ - "block-buffer 0.9.0", + "block-buffer", "cfg-if", "cpufeatures", - "digest 0.9.0", + "digest", "opaque-debug", ] -[[package]] -name = "sha2" -version = "0.10.6" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" -dependencies = [ - "cfg-if", - "cpufeatures", - "digest 0.10.6", -] - [[package]] name = "signature" version = "1.6.4" @@ -865,7 +790,7 @@ dependencies = [ [[package]] name = "soroban-env-common" version = "0.0.15" -source = "git+https://github.com/stellar/rs-soroban-env?rev=bad318a9805cf25ae64afb5122cb37af67a2edbd#bad318a9805cf25ae64afb5122cb37af67a2edbd" +source = "git+https://github.com/stellar/rs-soroban-env?rev=b5858ea645558da7bc865e80f47df16570552395#b5858ea645558da7bc865e80f47df16570552395" dependencies = [ "arbitrary", "crate-git-revision", @@ -880,7 +805,7 @@ dependencies = [ [[package]] name = "soroban-env-guest" version = "0.0.15" -source = "git+https://github.com/stellar/rs-soroban-env?rev=bad318a9805cf25ae64afb5122cb37af67a2edbd#bad318a9805cf25ae64afb5122cb37af67a2edbd" +source = "git+https://github.com/stellar/rs-soroban-env?rev=b5858ea645558da7bc865e80f47df16570552395#b5858ea645558da7bc865e80f47df16570552395" dependencies = [ "soroban-env-common", "static_assertions", @@ -889,7 +814,7 @@ dependencies = [ [[package]] name = "soroban-env-host" version = "0.0.15" -source = "git+https://github.com/stellar/rs-soroban-env?rev=bad318a9805cf25ae64afb5122cb37af67a2edbd#bad318a9805cf25ae64afb5122cb37af67a2edbd" +source = "git+https://github.com/stellar/rs-soroban-env?rev=b5858ea645558da7bc865e80f47df16570552395#b5858ea645558da7bc865e80f47df16570552395" dependencies = [ "backtrace", "curve25519-dalek", @@ -900,7 +825,7 @@ dependencies = [ "num-derive", "num-integer", "num-traits", - "sha2 0.9.9", + "sha2", "soroban-env-common", "soroban-native-sdk-macros", "soroban-wasmi", @@ -911,7 +836,7 @@ dependencies = [ [[package]] name = "soroban-env-macros" version = "0.0.15" -source = "git+https://github.com/stellar/rs-soroban-env?rev=bad318a9805cf25ae64afb5122cb37af67a2edbd#bad318a9805cf25ae64afb5122cb37af67a2edbd" +source = "git+https://github.com/stellar/rs-soroban-env?rev=b5858ea645558da7bc865e80f47df16570552395#b5858ea645558da7bc865e80f47df16570552395" dependencies = [ "itertools", "proc-macro2", @@ -937,7 +862,7 @@ dependencies = [ [[package]] name = "soroban-native-sdk-macros" version = "0.0.15" -source = "git+https://github.com/stellar/rs-soroban-env?rev=bad318a9805cf25ae64afb5122cb37af67a2edbd#bad318a9805cf25ae64afb5122cb37af67a2edbd" +source = "git+https://github.com/stellar/rs-soroban-env?rev=b5858ea645558da7bc865e80f47df16570552395#b5858ea645558da7bc865e80f47df16570552395" dependencies = [ "itertools", "proc-macro2", @@ -952,7 +877,7 @@ dependencies = [ "bytes-lit", "ed25519-dalek", "hex", - "rand 0.8.5", + "rand", "soroban-env-guest", "soroban-env-host", "soroban-ledger-snapshot", @@ -970,18 +895,18 @@ dependencies = [ "itertools", "proc-macro2", "quote", - "sha2 0.10.6", + "sha2", "soroban-env-common", "soroban-spec", "stellar-xdr", - "syn 1.0.109", + "syn 2.0.15", ] [[package]] name = "soroban-spec" version = "0.7.0" dependencies = [ - "base64", + "base64 0.13.1", "darling", "itertools", "pretty_assertions", @@ -991,9 +916,9 @@ dependencies = [ "serde", "serde_derive", "serde_json", - "sha2 0.10.6", + "sha2", "stellar-xdr", - "syn 1.0.109", + "syn 2.0.15", "thiserror", "wasmparser", ] @@ -1051,10 +976,10 @@ dependencies = [ [[package]] name = "stellar-xdr" version = "0.0.15" -source = "git+https://github.com/stellar/rs-stellar-xdr?rev=df3a145bfaf75504bc85f20eceb49b4536836e18#df3a145bfaf75504bc85f20eceb49b4536836e18" +source = "git+https://github.com/stellar/rs-stellar-xdr?rev=6de4f094bbc6d866b51926895829160d91a1dbc5#6de4f094bbc6d866b51926895829160d91a1dbc5" dependencies = [ "arbitrary", - "base64", + "base64 0.13.1", "crate-git-revision", "hex", "serde", @@ -1294,12 +1219,6 @@ version = "0.9.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cccddf32554fecc6acb585f82a32a72e28b48f8c4c1883ddfeeeaa96f7d8e519" -[[package]] -name = "wasi" -version = "0.11.0+wasi-snapshot-preview1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" - [[package]] name = "wasm-bindgen" version = "0.2.84" diff --git a/Cargo.toml b/Cargo.toml index ceb6367e0..a38e5f4bf 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -38,17 +38,17 @@ soroban-token-sdk = { version = "0.7.0", path = "soroban-token-sdk" } [workspace.dependencies.soroban-env-common] version = "0.0.15" git = "https://github.com/stellar/rs-soroban-env" -rev = "bad318a9805cf25ae64afb5122cb37af67a2edbd" +rev = "b5858ea645558da7bc865e80f47df16570552395" [workspace.dependencies.soroban-env-guest] version = "0.0.15" git = "https://github.com/stellar/rs-soroban-env" -rev = "bad318a9805cf25ae64afb5122cb37af67a2edbd" +rev = "b5858ea645558da7bc865e80f47df16570552395" [workspace.dependencies.soroban-env-host] version = "0.0.15" git = "https://github.com/stellar/rs-soroban-env" -rev = "bad318a9805cf25ae64afb5122cb37af67a2edbd" +rev = "b5858ea645558da7bc865e80f47df16570552395" [workspace.dependencies.stellar-strkey] version = "0.0.7" @@ -57,7 +57,7 @@ git = "https://github.com/stellar/rs-stellar-strkey" [workspace.dependencies.stellar-xdr] version = "0.0.15" git = "https://github.com/stellar/rs-stellar-xdr" -rev = "df3a145bfaf75504bc85f20eceb49b4536836e18" +rev = "6de4f094bbc6d866b51926895829160d91a1dbc5" default-features = false #[patch."https://github.com/stellar/rs-soroban-env"] diff --git a/deny.toml b/deny.toml new file mode 100644 index 000000000..cf01a3427 --- /dev/null +++ b/deny.toml @@ -0,0 +1,283 @@ +# This template contains all of the possible sections and their default values + +# Note that all fields that take a lint level have these possible values: +# * deny - An error will be produced and the check will fail +# * warn - A warning will be produced, but the check will not fail +# * allow - No warning or error will be produced, though in some cases a note +# will be + +# The values provided in this template are the default values that will be used +# when any section or field is not specified in your own configuration + +# Root options + +# If 1 or more target triples (and optionally, target_features) are specified, +# only the specified targets will be checked when running `cargo deny check`. +# This means, if a particular package is only ever used as a target specific +# dependency, such as, for example, the `nix` crate only being used via the +# `target_family = "unix"` configuration, that only having windows targets in +# this list would mean the nix crate, as well as any of its exclusive +# dependencies not shared by any other crates, would be ignored, as the target +# list here is effectively saying which targets you are building for. +targets = [ + { triple = "x86_64-unknown-linux-gnu" }, + { triple = "wasm32-unknown-unknown" } + # The triple can be any string, but only the target triples built in to + # rustc (as of 1.40) can be checked against actual config expressions + #{ triple = "x86_64-unknown-linux-musl" }, + # You can also specify which target_features you promise are enabled for a + # particular target. target_features are currently not validated against + # the actual valid features supported by the target architecture. + #{ triple = "wasm32-unknown-unknown", features = ["atomics"] }, +] +# When creating the dependency graph used as the source of truth when checks are +# executed, this field can be used to prune crates from the graph, removing them +# from the view of cargo-deny. This is an extremely heavy hammer, as if a crate +# is pruned from the graph, all of its dependencies will also be pruned unless +# they are connected to another crate in the graph that hasn't been pruned, +# so it should be used with care. The identifiers are [Package ID Specifications] +# (https://doc.rust-lang.org/cargo/reference/pkgid-spec.html) + +exclude = [ + # for the time being some metaprogramming crates haven't updated to syn 2. The + # only way to deal with these is to prune them from the tree. + "derive_arbitrary", + "num-derive", + +] + +# If true, metadata will be collected with `--all-features`. Note that this can't +# be toggled off if true, if you want to conditionally enable `--all-features` it +# is recommended to pass `--all-features` on the cmd line instead +all-features = true +# If true, metadata will be collected with `--no-default-features`. The same +# caveat with `all-features` applies +no-default-features = false +# If set, these feature will be enabled when collecting metadata. If `--features` +# is specified on the cmd line they will take precedence over this option. +#features = [] +# When outputting inclusion graphs in diagnostics that include features, this +# option can be used to specify the depth at which feature edges will be added. +# This option is included since the graphs can be quite large and the addition +# of features from the crate(s) to all of the graph roots can be far too verbose. +# This option can be overridden via `--feature-depth` on the cmd line +feature-depth = 1 + +# This section is considered when running `cargo deny check advisories` +# More documentation for the advisories section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html +[advisories] +# The path where the advisory database is cloned/fetched into +db-path = "~/.cargo/advisory-db" +# The url(s) of the advisory databases to use +db-urls = ["https://github.com/rustsec/advisory-db"] +# The lint level for security vulnerabilities +vulnerability = "deny" +# The lint level for unmaintained crates +unmaintained = "warn" +# The lint level for crates that have been yanked from their source registry +yanked = "warn" +# The lint level for crates with security notices. Note that as of +# 2019-12-17 there are no security notice advisories in +# https://github.com/rustsec/advisory-db +notice = "warn" +# A list of advisory IDs to ignore. Note that ignored advisories will still +# output a note when they are encountered. +ignore = [ + #"RUSTSEC-0000-0000", +] +# Threshold for security vulnerabilities, any vulnerability with a CVSS score +# lower than the range specified will be ignored. Note that ignored advisories +# will still output a note when they are encountered. +# * None - CVSS Score 0.0 +# * Low - CVSS Score 0.1 - 3.9 +# * Medium - CVSS Score 4.0 - 6.9 +# * High - CVSS Score 7.0 - 8.9 +# * Critical - CVSS Score 9.0 - 10.0 +#severity-threshold = + +# If this is true, then cargo deny will use the git executable to fetch advisory database. +# If this is false, then it uses a built-in git library. +# Setting this to true can be helpful if you have special authentication requirements that cargo-deny does not support. +# See Git Authentication for more information about setting up git authentication. +#git-fetch-with-cli = true + +# This section is considered when running `cargo deny check licenses` +# More documentation for the licenses section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html +[licenses] +# The lint level for crates which do not have a detectable license +unlicensed = "deny" +# List of explicitly allowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. +allow = [ + "MIT", + "Apache-2.0", + "BSD-3-Clause", + "Apache-2.0 WITH LLVM-exception", + "Unicode-DFS-2016", + "MPL-2.0" +] +# List of explicitly disallowed licenses +# See https://spdx.org/licenses/ for list of possible licenses +# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. +deny = [ + #"Nokia", +] +# Lint level for licenses considered copyleft +copyleft = "deny" +# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses +# * both - The license will be approved if it is both OSI-approved *AND* FSF +# * either - The license will be approved if it is either OSI-approved *OR* FSF +# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF +# * fsf-only - The license will be approved if is FSF *AND NOT* OSI-approved +# * neither - This predicate is ignored and the default lint level is used +allow-osi-fsf-free = "neither" +# Lint level used when no other predicates are matched +# 1. License isn't in the allow or deny lists +# 2. License isn't copyleft +# 3. License isn't OSI/FSF, or allow-osi-fsf-free = "neither" +default = "deny" +# The confidence threshold for detecting a license from license text. +# The higher the value, the more closely the license text must be to the +# canonical license text of a valid SPDX license file. +# [possible values: any between 0.0 and 1.0]. +confidence-threshold = 0.8 +# Allow 1 or more licenses on a per-crate basis, so that particular licenses +# aren't accepted for every possible crate as with the normal allow list +exceptions = [ + # Each entry is the crate and version constraint, and its specific allow + # list + #{ allow = ["Zlib"], name = "adler32", version = "*" }, +] + +# Some crates don't have (easily) machine readable licensing information, +# adding a clarification entry for it allows you to manually specify the +# licensing information +#[[licenses.clarify]] +# The name of the crate the clarification applies to +#name = "ring" +# The optional version constraint for the crate +#version = "*" +# The SPDX expression for the license requirements of the crate +#expression = "MIT AND ISC AND OpenSSL" +# One or more files in the crate's source used as the "source of truth" for +# the license expression. If the contents match, the clarification will be used +# when running the license check, otherwise the clarification will be ignored +# and the crate will be checked normally, which may produce warnings or errors +# depending on the rest of your configuration +#license-files = [ + # Each entry is a crate relative path, and the (opaque) hash of its contents + #{ path = "LICENSE", hash = 0xbd0eed23 } +#] + +[licenses.private] +# If true, ignores workspace crates that aren't published, or are only +# published to private registries. +# To see how to mark a crate as unpublished (to the official registry), +# visit https://doc.rust-lang.org/cargo/reference/manifest.html#the-publish-field. +ignore = true +# One or more private registries that you might publish crates to, if a crate +# is only published to private registries, and ignore is true, the crate will +# not have its license(s) checked +registries = [ + #"https://sekretz.com/registry +] + +# This section is considered when running `cargo deny check bans`. +# More documentation about the 'bans' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/bans/cfg.html +[bans] +# Lint level for when multiple versions of the same crate are detected +multiple-versions = "deny" +# Lint level for when a crate version requirement is `*` +wildcards = "deny" +allow-wildcard-paths = true +# The graph highlighting used when creating dotgraphs for crates +# with multiple versions +# * lowest-version - The path to the lowest versioned duplicate is highlighted +# * simplest-path - The path to the version with the fewest edges is highlighted +# * all - Both lowest-version and simplest-path are used +highlight = "all" +# The default lint level for `default` features for crates that are members of +# the workspace that is being checked. This can be overriden by allowing/denying +# `default` on a crate-by-crate basis if desired. +workspace-default-features = "allow" +# The default lint level for `default` features for external crates that are not +# members of the workspace. This can be overriden by allowing/denying `default` +# on a crate-by-crate basis if desired. +external-default-features = "allow" +# List of crates that are allowed. Use with care! +allow = [ + #{ name = "ansi_term", version = "=0.11.0" }, +] +# List of crates to deny +deny = [ + # Each entry the name of a crate and a version range. If version is + # not specified, all versions will be matched. + #{ name = "ansi_term", version = "=0.11.0" }, + # + # Wrapper crates can optionally be specified to allow the crate when it + # is a direct dependency of the otherwise banned crate + #{ name = "ansi_term", version = "=0.11.0", wrappers = [] }, +] + +# List of features to allow/deny +# Each entry the name of a crate and a version range. If version is +# not specified, all versions will be matched. +#[[bans.features]] +#name = "reqwest" +# Features to not allow +#deny = ["json"] +# Features to allow +#allow = [ +# "rustls", +# "__rustls", +# "__tls", +# "hyper-rustls", +# "rustls", +# "rustls-pemfile", +# "rustls-tls-webpki-roots", +# "tokio-rustls", +# "webpki-roots", +#] +# If true, the allowed features must exactly match the enabled feature set. If +# this is set there is no point setting `deny` +#exact = true + +# Certain crates/versions that will be skipped when doing duplicate detection. +skip = [ + #{ name = "ansi_term", version = "=0.11.0" }, +] +# Similarly to `skip` allows you to skip certain crates during duplicate +# detection. Unlike skip, it also includes the entire tree of transitive +# dependencies starting at the specified crate, up to a certain depth, which is +# by default infinite. +skip-tree = [ + # { name = "textplots" }, +] + +# This section is considered when running `cargo deny check sources`. +# More documentation about the 'sources' section can be found here: +# https://embarkstudios.github.io/cargo-deny/checks/sources/cfg.html +[sources] +# Lint level for what to happen when a crate from a crate registry that is not +# in the allow list is encountered +unknown-registry = "deny" +# Lint level for what to happen when a crate from a git repository that is not +# in the allow list is encountered +unknown-git = "deny" +# List of URLs for allowed crate registries. Defaults to the crates.io index +# if not specified. If it is specified but empty, no registries are allowed. +allow-registry = ["https://github.com/rust-lang/crates.io-index"] +# List of URLs for allowed Git repositories +allow-git = [] + +[sources.allow-org] +# 1 or more github.com organizations to allow git sources for +github = ["stellar"] +# 1 or more gitlab.com organizations to allow git sources for +# gitlab = [""] +# 1 or more bitbucket.org organizations to allow git sources for +# bitbucket = [""] diff --git a/soroban-sdk-macros/Cargo.toml b/soroban-sdk-macros/Cargo.toml index f7762f0d0..7b97358d0 100644 --- a/soroban-sdk-macros/Cargo.toml +++ b/soroban-sdk-macros/Cargo.toml @@ -18,9 +18,9 @@ doctest = false soroban-spec = { workspace = true } soroban-env-common = { workspace = true } stellar-xdr = { workspace = true, features = ["next", "std"] } -syn = {version="1.0",features=["full"]} +syn = {version="2.0",features=["full"]} quote = "1.0" proc-macro2 = "1.0" itertools = "0.10.3" -darling = "0.14.1" -sha2 = "0.10.2" +darling = "0.20.0" +sha2 = "0.9.9" diff --git a/soroban-sdk-macros/src/derive_fn.rs b/soroban-sdk-macros/src/derive_fn.rs index da4465905..ddf9e3ed4 100644 --- a/soroban-sdk-macros/src/derive_fn.rs +++ b/soroban-sdk-macros/src/derive_fn.rs @@ -143,7 +143,7 @@ pub fn derive_fn( pub fn derive_contract_function_set<'a>( crate_path: &Path, ty: &Type, - methods: impl Iterator, + methods: impl Iterator, ) -> TokenStream2 { let (idents, wrap_idents, attrs): (Vec<_>, Vec<_>, Vec<_>) = methods .map(|m| { @@ -153,7 +153,7 @@ pub fn derive_contract_function_set<'a>( .attrs .iter() // Don't propogate doc comments into the match statement below. - .filter(|a| !a.path.is_ident("doc")) + .filter(|a| !a.path().is_ident("doc")) .collect::>(); (ident, wrap_ident, attrs) }) diff --git a/soroban-sdk-macros/src/doc.rs b/soroban-sdk-macros/src/doc.rs index 4a1abf8f1..fc7575d01 100644 --- a/soroban-sdk-macros/src/doc.rs +++ b/soroban-sdk-macros/src/doc.rs @@ -1,14 +1,18 @@ use itertools::Itertools; -use syn::{Attribute, Lit, Meta, MetaNameValue}; +use syn::{Attribute, Expr, ExprLit, Lit, Meta, MetaNameValue}; pub fn docs_from_attrs(attrs: &[Attribute]) -> String { attrs .iter() - .filter(|a| a.path.is_ident("doc")) - .filter_map(|a| match a.parse_meta() { - Ok(Meta::NameValue(MetaNameValue { - lit: Lit::Str(s), .. - })) => Some(s.value()), + .filter(|a| a.path().is_ident("doc")) + .filter_map(|a| match &a.meta { + Meta::NameValue(MetaNameValue { + value: + Expr::Lit(ExprLit { + lit: Lit::Str(s), .. + }), + .. + }) => Some(s.value()), _ => None, }) .map(|s| s.trim().to_string()) diff --git a/soroban-sdk-macros/src/lib.rs b/soroban-sdk-macros/src/lib.rs index 4101095c7..d056e3383 100644 --- a/soroban-sdk-macros/src/lib.rs +++ b/soroban-sdk-macros/src/lib.rs @@ -22,15 +22,15 @@ use derive_spec_fn::derive_fn_spec; use derive_struct::derive_type_struct; use derive_struct_tuple::derive_type_struct_tuple; -use darling::FromMeta; +use darling::{ast::NestedMeta, FromMeta}; use proc_macro::TokenStream; use proc_macro2::{Literal, Span, TokenStream as TokenStream2}; use quote::{format_ident, quote}; use sha2::{Digest, Sha256}; use std::fs; use syn::{ - parse_macro_input, parse_str, spanned::Spanned, AttributeArgs, Data, DeriveInput, Error, - Fields, ItemImpl, Path, Type, Visibility, + parse_macro_input, parse_str, spanned::Spanned, Data, DeriveInput, Error, Fields, ItemImpl, + Path, Type, Visibility, }; use syn_ext::HasFnsItem; @@ -50,7 +50,12 @@ struct ContractSpecArgs { #[proc_macro_attribute] pub fn contractspecfn(metadata: TokenStream, input: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractSpecArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -88,7 +93,12 @@ struct ContractImplArgs { #[proc_macro_attribute] pub fn contractimpl(metadata: TokenStream, input: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractImplArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -159,7 +169,12 @@ struct MetadataArgs { #[proc_macro] pub fn contractmeta(metadata: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match MetadataArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -229,7 +244,12 @@ struct ContractTypeArgs { #[proc_macro_attribute] pub fn contracttype(metadata: TokenStream, input: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractTypeArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -289,7 +309,12 @@ pub fn contracttype(metadata: TokenStream, input: TokenStream) -> TokenStream { #[proc_macro_attribute] pub fn contracterror(metadata: TokenStream, input: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractTypeArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -339,7 +364,12 @@ struct ContractFileArgs { #[proc_macro] pub fn contractfile(metadata: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractFileArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -382,7 +412,12 @@ struct ContractClientArgs { #[proc_macro_attribute] pub fn contractclient(metadata: TokenStream, input: TokenStream) -> TokenStream { - let args = parse_macro_input!(metadata as AttributeArgs); + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; let args = match ContractClientArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), @@ -406,8 +441,13 @@ struct ContractImportArgs { } #[proc_macro] pub fn contractimport(metadata: TokenStream) -> TokenStream { - let attr_args = parse_macro_input!(metadata as AttributeArgs); - let args = match ContractImportArgs::from_list(&attr_args) { + let args = match NestedMeta::parse_meta_list(metadata.into()) { + Ok(v) => v, + Err(e) => { + return TokenStream::from(darling::Error::from(e).write_errors()); + } + }; + let args = match ContractImportArgs::from_list(&args) { Ok(v) => v, Err(e) => return e.write_errors().into(), }; diff --git a/soroban-sdk-macros/src/syn_ext.rs b/soroban-sdk-macros/src/syn_ext.rs index e53e512ee..a6a123ca1 100644 --- a/soroban-sdk-macros/src/syn_ext.rs +++ b/soroban-sdk-macros/src/syn_ext.rs @@ -8,28 +8,28 @@ use syn::{ ReturnType, Token, TypePath, }; use syn::{ - spanned::Spanned, token::And, Error, FnArg, Ident, ImplItem, ImplItemMethod, ItemImpl, - ItemTrait, Pat, PatType, TraitItem, TraitItemMethod, Type, TypeReference, Visibility, + spanned::Spanned, token::And, Error, FnArg, Ident, ImplItem, ImplItemFn, ItemImpl, ItemTrait, + Pat, PatType, TraitItem, TraitItemFn, Type, TypeReference, Visibility, }; /// Gets methods from the implementation that have public visibility. For /// methods that are inherently implemented this is methods that have a pub /// visibility keyword. For methods that are implementing a trait the pub is /// assumed and so all methods are returned. -pub fn impl_pub_methods(imp: &ItemImpl) -> impl Iterator { +pub fn impl_pub_methods(imp: &ItemImpl) -> impl Iterator { imp.items .iter() .filter_map(|i| match i { - ImplItem::Method(m) => Some(m), + ImplItem::Fn(m) => Some(m), _ => None, }) .filter(|m| imp.trait_.is_some() || matches!(m.vis, Visibility::Public(_))) } /// Gets methods from the trait. -pub fn trait_methods(imp: &ItemTrait) -> impl Iterator { +pub fn trait_methods(imp: &ItemTrait) -> impl Iterator { imp.items.iter().filter_map(|i| match i { - TraitItem::Method(m) => Some(m), + TraitItem::Fn(m) => Some(m), _ => None, }) } diff --git a/soroban-sdk/Cargo.toml b/soroban-sdk/Cargo.toml index 20b72045b..74a37403f 100644 --- a/soroban-sdk/Cargo.toml +++ b/soroban-sdk/Cargo.toml @@ -15,7 +15,7 @@ doctest = false [dependencies] soroban-sdk-macros = { workspace = true } -bytes-lit = "0.0.4" +bytes-lit = "0.0.5" [target.'cfg(target_family="wasm")'.dependencies] soroban-env-guest = { workspace = true } @@ -25,14 +25,15 @@ soroban-env-host = { workspace = true, features = ["vm", "hostfn_log_fmt_values" soroban-ledger-snapshot = { workspace = true } stellar-strkey = { workspace = true } ed25519-dalek = { version = "1.0.1", optional = true } -rand = "0.8.5" +# match the version of rand used in dalek +rand = "0.7.3" [dev-dependencies] soroban-env-host = { workspace = true, features = ["vm", "hostfn_log_fmt_values", "testutils"] } stellar-xdr = { workspace = true, features = ["next", "std"] } soroban-spec = { workspace = true } ed25519-dalek = "1.0.1" -rand = "0.8.5" +rand = "0.7.3" hex = "0.4.3" [features] diff --git a/soroban-spec/Cargo.toml b/soroban-spec/Cargo.toml index 3b34f53e6..762a3b5ff 100644 --- a/soroban-spec/Cargo.toml +++ b/soroban-spec/Cargo.toml @@ -14,17 +14,17 @@ rust-version = "1.69" stellar-xdr = { workspace = true, features = ["next", "std", "serde"] } base64 = "0.13.0" thiserror = "1.0.32" -syn = {version="1.0",features=["full"]} +syn = {version="2.0",features=["full"]} quote = "1.0" proc-macro2 = "1.0" itertools = "0.10.3" -darling = "0.14.1" -sha2 = "0.10.2" +darling = "0.20.0" +sha2 = "0.9.9" wasmparser = "0.88.0" serde = "1.0.82" serde_derive = "1.0.82" serde_json = "1.0.82" -prettyplease = "0.1.18" +prettyplease = "0.2.4" [dev_dependencies] pretty_assertions = "1.2.1"