octoleo/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-10-31 19:22:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
a0a4994250
vaultwarden/Cargo.toml

165 lines
5.0 KiB
TOML
Raw Normal View History

First working version
2018-02-10 00:00:55 +00:00
[package]
Project renaming
2021-04-27 21:18:32 +00:00
name = "vaultwarden"
Bump up version to 1.0.0
2018-08-21 20:21:54 +00:00
version = "1.0.0"
First working version
2018-02-10 00:00:55 +00:00
authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
Macro recursion decrease and other optimizations - Decreased `recursion_limit` from 512 to 87 Mainly done by optimizing the config macro's. This fixes an issue with the rust-analyzer which doesn't go beyond 128 - Removed Regex for masking sensitive values and replaced it with a map() This is much faster then using a Regex. - Refactored the get_support_json macro's - All items above also lowered the binary size and possibly compile-time - Removed `_conn: DbConn` from several functions, these caused unnecessary database connections for functions who didn't used that at all - Decreased json response for `/plans` - Updated libraries and where needed some code changes This also fixes some rare issues with SMTP https://github.com/lettre/lettre/issues/678 - Using Rust 2021 instead of 2018 - Updated rust nightly
2021-11-05 18:18:54 +00:00
edition = "2021"
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
rust-version = "1.61.0"
Update dependencies and ser cargo resolver to version 2 ahead of 2021 edition
2021-09-22 18:26:48 +00:00
resolver = "2"
First working version
2018-02-10 00:00:55 +00:00
Project renaming
2021-04-27 21:18:32 +00:00
repository = "https://github.com/dani-garcia/vaultwarden"
Add build script to get some Git info to later show in admin panel, and add some metadata to Cargo.toml
2018-12-29 23:04:22 +00:00
readme = "README.md"
Re-License Vaultwarden to AGPLv3 This commit prepares Vaultwarden for the Re-Licensing to AGPLv3 Solves #2450
2022-06-16 13:13:10 +00:00
license = "AGPL-3.0-only"
Add build script to get some Git info to later show in admin panel, and add some metadata to Cargo.toml
2018-12-29 23:04:22 +00:00
publish = false
build = "build.rs"
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
2018-12-06 19:35:25 +00:00
[features]
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking
2021-11-07 17:53:39 +00:00
# default = ["sqlite"]
With the latest fern, syslog can be a config option instead of a build flag
2019-03-29 19:27:20 +00:00
# Empty to keep compatibility, prefer to set USE_SYSLOG=true
enable_syslog = []
re-added sqlite check_db code, cleanup
2019-05-27 20:58:52 +00:00
mysql = ["diesel/mysql", "diesel_migrations/mysql"]
Update u2f to 0.2, which requires OpenSSL but also might solve the problems we've had with certificates. The rust image doesn't need installing curl or tar, so removed. Also collapsed ENV lines.
2020-01-18 19:09:52 +00:00
postgresql = ["diesel/postgres", "diesel_migrations/postgres"]
include libsqlite3-sys optionally, removed non common features
2019-05-27 21:31:56 +00:00
sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"]
Add `vendored_openssl` feature. This feature enables the `vendored` feature from the `openssl` crate and build a statically linked version of openssl.
2020-09-25 21:23:13 +00:00
# Enable to use a vendored and statically linked openssl
vendored_openssl = ["openssl/vendored"]
Several updates and fixes - Removed all `thread::sleep` and use `tokio::time::sleep` now. This solves an issue with updating to Bullseye ( Resolves #1998 ) - Updated all Debian images to Bullseye - Added MiMalloc feature and enabled it by default for Alpine based images This increases performance for the Alpine images because the default memory allocator for MUSL based binaries isn't that fast - Updated `dotenv` to `dotenvy` a maintained and updated fork - Fixed an issue with a newer jslib (not fully released yet) That version uses a different endpoint for `prelogin` Resolves #2378 )
2022-03-20 17:51:24 +00:00
# Enable MiMalloc memory allocator to replace the default malloc
# This can improve performance for Alpine builds
enable_mimalloc = ["mimalloc"]
Add dev-only query logging support This PR adds query logging support as an optional feature. It is only allowed during development/debug builds, and will abort when used during a `--release` build. For this feature to be fully activated you also need to se an environment variable `QUERY_LOGGER=1` to activate the debug log-level for this crate, else there will be no output. The reason for this PR is that sometimes it is useful to be able to see the generated queries, like when debugging an issue, or trying to optimize a query. Currently i always added this code when needed, but having this a part of the code could benifit other developers too who maybe need this.
2022-12-03 17:25:59 +00:00
# This is a development dependency, and should only be used during development!
# It enables the usage of the diesel_logger crate, which is able to output the generated queries.
# You also need to set an env variable `QUERY_LOGGER=1` to fully activate this so you do not have to re-compile
# if you want to turn off the logging for a specific run.
query_logger = ["diesel_logger"]
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
2018-12-06 19:35:25 +00:00
Replace IP support in preparation for compiling on stable, included some tests to check that the code matches the unstable implementation
2020-07-14 21:44:01 +00:00
# Enable unstable features, requires nightly
Updated lettre (and other crates) and workflow. General: - Updated several dependancies Lettre: - Updateded lettere and the workflow - Changed encoding to base64 - Convert unix newlines to dos newlines for e-mails. - Created custom e-mail boundary (auto generated could cause errors) Tested the e-mails sent using several clients (Linux, Windows, MacOS, Web). Run msglint (https://tools.ietf.org/tools/msglint/) on the generated e-mails until all errors were gone. Lettre has changed quite some stuff compared between alpha.1 and alpha.2, i haven't noticed any issues sending e-mails during my tests.
2020-09-11 21:52:20 +00:00
# Currently only used to enable rusts official ip support
Replace IP support in preparation for compiling on stable, included some tests to check that the code matches the unstable implementation
2020-07-14 21:44:01 +00:00
unstable = []
Make the syslog crate non-optional when available
2019-04-02 20:35:22 +00:00
[target."cfg(not(windows))".dependencies]
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Logging
Update web vault to 2.28.0 and dependencies
2022-04-23 16:18:15 +00:00
syslog = "6.0.1" # Needs to be v4 until fern is updated
Make the syslog crate non-optional when available
2019-04-02 20:35:22 +00:00
First working version
2018-02-10 00:00:55 +00:00
[dependencies]
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Logging
Improve sync speed and updated dep. versions Improved sync speed by resolving the N+1 query issues. Solves #1402 and Solves #1453 With this change there is just one query done to retreive all the important data, and matching is done in-code/memory. With a very large database the sync time went down about 3 times. Also updated misc crates and Github Actions versions.
2022-05-04 19:13:05 +00:00
log = "0.4.17"
Update web vault to 2.28.0 and dependencies
2022-04-23 16:18:15 +00:00
fern = { version = "0.6.1", features = ["syslog-6"] }
Update dependencies
2022-10-09 15:40:45 +00:00
tracing = { version = "0.1.37", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work
Improve sync speed and updated dep. versions Improved sync speed by resolving the N+1 query issues. Solves #1402 and Solves #1453 With this change there is just one query done to retreive all the important data, and matching is done in-code/memory. With a very large database the sync time went down about 3 times. Also updated misc crates and Github Actions versions.
2022-05-04 19:13:05 +00:00
Disable groups by default and Some optimizations - Put groups support behind a feature flag, and disabled by default. The reason is that it has some known issues, but we want to keep optimizing this feature. Putting it behind a feature flag could help some users, and the developers into optimizing this feature without to much trouble. Further: - Updates Rust to v1.66.0 - Updated GHA workflows - Updated Alpine to 3.17 - Updated jquery to v3.6.2 - Moved jdenticon.js to load at the bottom, fixes an issue on chromium - Added autocomplete attribute to admin login password field - Added some extra CSP options (Tested this on Safari, Firefox, Chrome, Bitwarden Desktop) - Moved uppercase convertion from runtime to compile-time using `paste` for building the environment variables, lowers heap allocations.
2022-12-15 16:15:48 +00:00
backtrace = "0.3.67" # Logging panics to logfile instead stderr only
Update to rocket 0.5 and made code async, missing updating all db calls, that are currently blocking
2021-11-07 17:53:39 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# A `dotenv` implementation for Rust
Update to diesel2
2022-05-20 21:39:47 +00:00
dotenvy = { version = "0.15.6", default-features = false }
Updated icon fetching and crates. - Updated some crates - Updated icon fetching code: + Use a cookie jar and set Max-Age to 2 minutes for all cookies + Locate the base href tag to fix some locations + Changed User-Agent (Helps on some sites to get HTML instead of JS) + Reduced HTML code limit from 512KB to 384KB + Allow some large icons higer-up in the sort + Allow GIF images + Ignore cookie_store and hyper::client debug messages
2021-05-16 13:29:13 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Lazy initialization
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
once_cell = "1.17.0"
First working version
2018-02-10 00:00:55 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Numerical libraries
Improve sync speed and updated dep. versions Improved sync speed by resolving the N+1 query issues. Solves #1402 and Solves #1453 With this change there is just one query done to retreive all the important data, and matching is done in-code/memory. With a very large database the sync time went down about 3 times. Also updated misc crates and Github Actions versions.
2022-05-04 19:13:05 +00:00
num-traits = "0.2.15"
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
num-derive = "0.3.3"
# Web framework
Dependency updates
2022-05-11 20:03:07 +00:00
rocket = { version = "0.5.0-rc.2", features = ["tls", "json"], default-features = false }
Initial version of websockets notification support. For now only folder notifications are sent (create, rename, delete). The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested. The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy. My testing is done with Caddy server, and the following config: ``` localhost { # The negotiation endpoint is also proxied to Rocket proxy /notifications/hub/negotiate 0.0.0.0:8000 { transparent } # Notifications redirected to the websockets server proxy /notifications/hub 0.0.0.0:3012 { websocket } # Proxy the Root directory to Rocket proxy / 0.0.0.0:8000 { transparent } } ``` This exposes the service in port 2015.
2018-08-30 15:43:46 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# WebSockets libraries
Update dependencies for Rust and Admin interface. - Updated Rust deps and one small change regarding chrono - Updated bootstrap 5 css - Updated datatables - Replaced identicon.js with jdenticon. identicon.js is unmaintained ( https://github.com/stewartlord/identicon.js/issues/52 ) The icon's are very different, but nice. It also doesn't need custom code to find and update the icons our selfs.
2022-12-01 16:18:29 +00:00
tokio-tungstenite = "0.18.0"
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
rmpv = "1.0.0" # MessagePack library
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Concurrent HashMap used for WebSocket messaging and favicons
Update web vault to 2022.8.1 and cargo dependencies
2022-09-04 21:18:27 +00:00
dashmap = "5.4.0"
Initial version of websockets notification support. For now only folder notifications are sent (create, rename, delete). The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested. The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy. My testing is done with Caddy server, and the following config: ``` localhost { # The negotiation endpoint is also proxied to Rocket proxy /notifications/hub/negotiate 0.0.0.0:8000 { transparent } # Notifications redirected to the websockets server proxy /notifications/hub 0.0.0.0:3012 { websocket } # Proxy the Root directory to Rocket proxy / 0.0.0.0:8000 { transparent } } ``` This exposes the service in port 2015.
2018-08-30 15:43:46 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Async futures
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
futures = "0.3.26"
tokio = { version = "1.25.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] }
Initial version of websockets notification support. For now only folder notifications are sent (create, rename, delete). The notifications are only tested between two web-vault sessions in different browsers, mobile apps and browser extensions are untested. The websocket server is exposed in port 3012, while the rocket server is exposed in another port (8000 by default). To make notifications work, both should be accessible in the same port, which requires a reverse proxy. My testing is done with Caddy server, and the following config: ``` localhost { # The negotiation endpoint is also proxied to Rocket proxy /notifications/hub/negotiate 0.0.0.0:8000 { transparent } # Notifications redirected to the websockets server proxy /notifications/hub 0.0.0.0:3012 { websocket } # Proxy the Root directory to Rocket proxy / 0.0.0.0:8000 { transparent } } ``` This exposes the service in port 2015.
2018-08-30 15:43:46 +00:00
First working version
2018-02-10 00:00:55 +00:00
# A generic serialization/deserialization framework
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
serde = { version = "1.0.152", features = ["derive"] }
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
serde_json = "1.0.93"
Implemented proper logging, with support for file logging, timestamp and syslog (this last one is untested)
2018-12-06 19:35:25 +00:00
First working version
2018-02-10 00:00:55 +00:00
# A safe, extensible ORM and Query builder
Updated web vault to 2023.1.1 and rust dependencies
2023-01-24 19:39:09 +00:00
diesel = { version = "2.0.3", features = ["chrono", "r2d2"] }
Update to diesel2
2022-05-20 21:39:47 +00:00
diesel_migrations = "2.0.0"
Add dev-only query logging support This PR adds query logging support as an optional feature. It is only allowed during development/debug builds, and will abort when used during a `--release` build. For this feature to be fully activated you also need to se an environment variable `QUERY_LOGGER=1` to activate the debug log-level for this crate, else there will be no output. The reason for this PR is that sometimes it is useful to be able to see the generated queries, like when debugging an issue, or trying to optimize a query. Currently i always added this code when needed, but having this a part of the code could benifit other developers too who maybe need this.
2022-12-03 17:25:59 +00:00
diesel_logger = { version = "0.2.0", optional = true }
initial mysql support
2019-05-26 21:02:41 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Bundled/Static SQLite
Update Rust version, deps and workflow - Update Rust to v1.65.0 - Update dependencies - Updated workflow files - Added some extra clippy checks - Fixed some clippy checks
2022-11-04 11:56:02 +00:00
libsqlite3-sys = { version = "0.25.2", features = ["bundled"], optional = true }
Update dependencies and bundle SQLite with the program, so we have one less dependency to install separately
2018-05-07 19:33:54 +00:00
Generate tokens more simply and uniformly
2020-08-22 23:07:53 +00:00
# Crypto-related libraries
Re-Base, Update crates and small change.
2022-06-04 13:13:10 +00:00
rand = { version = "0.8.5", features = ["small_rng"] }
Update dependencies
2021-02-06 15:49:28 +00:00
ring = "0.16.20"
First working version
2018-02-10 00:00:55 +00:00
# UUID generation
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
uuid = { version = "1.3.0", features = ["v4"] }
First working version
2018-02-10 00:00:55 +00:00
Use local time in email notifications for new device logins In this implementation, the `TZ` environment variable must be set in order for the formatted output to use a more user-friendly time zone abbreviation (e.g., `UTC`). Otherwise, the output uses the time zone's UTC offset (e.g., `+00:00`).
2020-07-08 04:30:18 +00:00
# Date and time libraries
Update dependencies for Rust and Admin interface. - Updated Rust deps and one small change regarding chrono - Updated bootstrap 5 css - Updated datatables - Replaced identicon.js with jdenticon. identicon.js is unmaintained ( https://github.com/stewartlord/identicon.js/issues/52 ) The icon's are very different, but nice. It also doesn't need custom code to find and update the icons our selfs.
2022-12-01 16:18:29 +00:00
chrono = { version = "0.4.23", features = ["clock", "serde"], default-features = false }
chrono-tz = "0.8.1"
Update Rust version, deps and workflow - Update Rust to v1.65.0 - Update dependencies - Updated workflow files - Added some extra clippy checks - Fixed some clippy checks
2022-11-04 11:56:02 +00:00
time = "0.3.17"
First working version
2018-02-10 00:00:55 +00:00
Add a generic job scheduler Also rewrite deletion of old sends using the job scheduler.
2021-04-03 03:16:49 +00:00
# Job scheduler
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
job_scheduler_ng = "2.0.4"
Add a generic job scheduler Also rewrite deletion of old sends using the job scheduler.
2021-04-03 03:16:49 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Data encoding library Hex/Base32/Base64
Remove ctrlc crate and some updates - Removed ctrlc crate and use the tokio provided ctrl_c function. - Updated some crates.
2022-12-10 16:51:05 +00:00
data-encoding = "2.3.3"
First working version
2018-02-10 00:00:55 +00:00
# JWT library
Remove ctrlc crate and some updates - Removed ctrlc crate and use the tokio provided ctrl_c function. - Updated some crates.
2022-12-10 16:51:05 +00:00
jsonwebtoken = "8.2.0"
First working version
2018-02-10 00:00:55 +00:00
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# TOTP library
Migrate old ws crate to tungstenite, which is async and also removes over 20 old dependencies
2022-05-20 18:37:32 +00:00
totp-lite = "2.0.0"
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.
2018-07-12 19:46:50 +00:00
Adds yubico-rs library dep
2018-11-16 01:34:17 +00:00
# Yubico Library
Dependency updates
2022-05-11 20:03:07 +00:00
yubico = { version = "0.11.0", features = ["online-tokio"], default-features = false }
Adds yubico-rs library dep
2018-11-16 01:34:17 +00:00
Remove u2f implementation For a while now WebAuthn has replaced u2f. And since web-vault v2.27.0 the connector files for u2f have been removed. Also, on the official bitwarden server the endpoint to `/two-factor/get-u2f` results in a 404. - Removed all u2f code except the migration code from u2f to WebAuthn
2022-03-27 15:25:04 +00:00
# WebAuthn libraries
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
webauthn-rs = "0.3.2"
First working version
2018-02-10 00:00:55 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Handling of URL's for WebAuthn and favicons
Update libraries and Rust version - Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version
2022-09-22 19:30:34 +00:00
url = "2.3.1"
Implemented U2F, refactored Two Factor authentication, registering U2F device and authentication should work. Works on Chrome on MacOS with a virtual device.
2018-07-12 19:46:50 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Email libraries
lettre = { version = "0.10.2", features = ["smtp-transport", "sendmail-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false }
Update libraries and Rust version - Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version
2022-09-22 19:30:34 +00:00
percent-encoding = "2.2.0" # URL encoding library used for URL's in the emails
Update Rust version, deps and workflow - Update Rust to v1.65.0 - Update dependencies - Updated workflow files - Added some extra clippy checks - Fixed some clippy checks
2022-11-04 11:56:02 +00:00
email_address = "0.2.4"
SMTP integration, send password hint by email.
2018-08-15 06:32:19 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# HTML Template library
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
handlebars = { version = "4.3.6", features = ["dir_source"] }
Initial stab at templates
2019-01-13 00:39:29 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# HTTP client (Used for favicons, version check, DUO and HIBP API)
Updated web vault to 2023.1.1 and rust dependencies
2023-01-24 19:39:09 +00:00
reqwest = { version = "0.11.14", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] }
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Favicon extraction libraries
Update dep's and small improvements on favicons - Updated dependencies (html5gum for favicon downloading) * Also openssl, time, jsonwebtoken and r2d2 - Small optimizations on downloading favicons. It now only emits tokens/tags which needs to be parsed, all others are being skipped. This prevents unneeded items within the for-loop being parsed.
2022-06-21 16:47:01 +00:00
html5gum = "0.5.2"
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
regex = { version = "1.7.1", features = ["std", "perf", "unicode-perl"], default-features = false }
Update libraries and Rust version - Updated to Rust v1.64.0 - Updated all libararies - Updated multer-rs to be based upon the latest version - Updated Dockerfiles to match the Rust version
2022-09-22 19:30:34 +00:00
data-url = "0.2.0"
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
bytes = "1.4.0"
# Cache function results (Used for version check and favicon fetching)
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
cached = "0.42.0"
Update async to prepare for main merge - Changed nightly to stable in Dockerfile and Workflow - Updated Dockerfile to use stable and updated ENV's - Removed 0.0.0.0 as default addr it now uses ROCKET_ADDRESS or the default - Updated Github Workflow actions to the latest versions - Updated Hadolint version - Re-orderd the Cargo.toml file a bit and put libs together which are linked - Updated some libs - Updated .dockerignore file
2022-02-07 21:26:22 +00:00
# Used for custom short lived cookie jar during favicon extraction
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
cookie = "0.16.2"
Update Rust version, deps and workflow - Update Rust to v1.65.0 - Update dependencies - Updated workflow files - Added some extra clippy checks - Fixed some clippy checks
2022-11-04 11:56:02 +00:00
cookie_store = "0.19.0"
Added better favicon downloader.
2019-01-27 14:39:19 +00:00
Updated Rust and crates - Updated Rust to v1.67.0 - Updated all crates except for `cookies` and `webauthn`
2023-02-08 16:13:14 +00:00
# Used by U2F, JWT and PostgreSQL
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
openssl = "0.10.45"
Adds support for PostgreSQL which resolves #87 and is mentioned in #246. This includes migrations as well as Dockerfile's for amd64. The biggest change is that replace_into isn't supported by Diesel for the PostgreSQL backend, instead requiring the use of on_conflict. This unfortunately requires a branch for save() on all of the models currently using replace_into.
2019-09-12 20:12:22 +00:00
Added command line flags for help and version Signed-off-by: zethra <benaagoldberg@gmail.com>
2020-03-02 19:57:06 +00:00
# CLI argument parsing
Update pico-args
2022-06-04 17:16:36 +00:00
pico-args = "0.5.0"
Added command line flags for help and version Signed-off-by: zethra <benaagoldberg@gmail.com>
2020-03-02 19:57:06 +00:00
Add support for multiple simultaneous database features by using macros. Diesel requires the following changes: - Separate connection and pool types per connection, the generate_connections! macro generates an enum with a variant per db type - Separate migrations and schemas, these were always imported as one type depending on db feature, now they are all imported under different module names - Separate model objects per connection, the db_object! macro generates one object for each connection with the diesel macros, a generic object, and methods to convert between the connection-specific and the generic ones - Separate connection queries, the db_run! macro allows writing only one that gets compiled for all databases or multiple ones
2020-08-18 15:15:44 +00:00
# Macro ident concatenation
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
paste = "1.0.11"
Update dependencies for Rust and Admin interface. - Updated Rust deps and one small change regarding chrono - Updated bootstrap 5 css - Updated datatables - Replaced identicon.js with jdenticon. identicon.js is unmaintained ( https://github.com/stewartlord/identicon.js/issues/52 ) The icon's are very different, but nice. It also doesn't need custom code to find and update the icons our selfs.
2022-12-01 16:18:29 +00:00
governor = "0.5.1"
Add support for multiple simultaneous database features by using macros. Diesel requires the following changes: - Separate connection and pool types per connection, the generate_connections! macro generates an enum with a variant per db type - Separate migrations and schemas, these were always imported as one type depending on db feature, now they are all imported under different module names - Separate model objects per connection, the db_object! macro generates one object for each connection with the diesel macros, a generic object, and methods to convert between the connection-specific and the generic ones - Separate connection queries, the db_run! macro allows writing only one that gets compiled for all databases or multiple ones
2020-08-18 15:15:44 +00:00
Support Org Export for v2022.11 clients Since v2022.9.x the org export uses a different endpoint. But, since v2022.11.x this endpoint will return a different format. See: https://github.com/bitwarden/clients/pull/3641 and https://github.com/bitwarden/server/pull/2316 To support both version in the case of users having an older client either web-vault or cli this PR checks the version and responds using the correct format. If no version can be determined it will use the new format as a default.
2022-11-07 16:13:34 +00:00
# Check client versions for specific features.
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
semver = "1.0.16"
Support Org Export for v2022.11 clients Since v2022.9.x the org export uses a different endpoint. But, since v2022.11.x this endpoint will return a different format. See: https://github.com/bitwarden/clients/pull/3641 and https://github.com/bitwarden/server/pull/2316 To support both version in the case of users having an older client either web-vault or cli this PR checks the version and responds using the correct format. If no version can be determined it will use the new format as a default.
2022-11-07 16:13:34 +00:00
Several updates and fixes - Removed all `thread::sleep` and use `tokio::time::sleep` now. This solves an issue with updating to Bullseye ( Resolves #1998 ) - Updated all Debian images to Bullseye - Added MiMalloc feature and enabled it by default for Alpine based images This increases performance for the Alpine images because the default memory allocator for MUSL based binaries isn't that fast - Updated `dotenv` to `dotenvy` a maintained and updated fork - Fixed an issue with a newer jslib (not fully released yet) That version uses a different endpoint for `prelogin` Resolves #2378 )
2022-03-20 17:51:24 +00:00
# Allow overriding the default memory allocator
# Mainly used for the musl builds, since the default musl malloc is very slow
Update dependencies and MSRV - Updated dependencies. This includes a janked openssl crate version we currently use. - Updated MSRV to v1.61.0 because hashbrown/cached has this version restriction.
2023-01-09 15:49:26 +00:00
mimalloc = { version = "0.1.34", features = ["secure"], default-features = false, optional = true }
check if SENDMAIL_COMMAND is valid using 'which' crate
2023-01-25 21:54:50 +00:00
which = "4.4.0"
Several updates and fixes - Removed all `thread::sleep` and use `tokio::time::sleep` now. This solves an issue with updating to Bullseye ( Resolves #1998 ) - Updated all Debian images to Bullseye - Added MiMalloc feature and enabled it by default for Alpine based images This increases performance for the Alpine images because the default memory allocator for MUSL based binaries isn't that fast - Updated `dotenv` to `dotenvy` a maintained and updated fork - Fixed an issue with a newer jslib (not fully released yet) That version uses a different endpoint for `prelogin` Resolves #2378 )
2022-03-20 17:51:24 +00:00
Favicon, SMTP and misc updates Favicon: - Replaced HTML tokenizer, much faster now. - Caching the domain blacklist function. - Almost all functions are async now. - Fixed bug on minimizing data to parse - Changed maximum icon download size to 5MB to match Bitwarden - Added `apple-touch-icon.png` as a second fallback besides `favicon.ico` SMTP: - Deprecated SMTP_SSL and SMTP_EXPLICIT_TLS, replaced with SMTP_SECURITY Misc: - Fixed issue when `resolv.conf` contains errors and trust-dns panics (Fixes #2283) - Updated Javscript and CSS files for admin interface - Fixed an issue with the /admin interface which did not cleared the login cookie correctly - Prevent websocket notifications during org import, this caused a lot of traffic, and slowed down the import. This is also the same as Bitwarden which does not trigger this refresh via websockets. Rust: - Updated to use v1.59 - Use the new `strip` option and enabled to strip `debuginfo` - Enabled `lto` with `thin` - Removed the strip RUN from the alpine armv7, this is now done automatically
2022-02-22 19:48:00 +00:00
# Strip debuginfo from the release builds
# Also enable thin LTO for some optimizations
[profile.release]
strip = "debuginfo"
lto = "thin"
Reference in New Issue Copy Permalink