mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-22 10:59:00 +00:00
e3541763fd
* Fix collections not editable by managers Since a newer version of the web-vault we use manager were not able to create sub collections anymore. This was because of some missing details in the response of some json objects. This commit fixes this by using the `to_json_details` instead of the `to_json` Fixes #5066 Fixes #5044 * Update crates and GitHub Actions - Updated all the crates - Updated all the GHA dependencies - Configured the trivy workflow to only run on the main repo and not on forks Also selected a random new scheduled date so it will not run at the same time as all other forks. The two changes should help running this scan every day without failing, and also prevent the same for new or updated forks.
265 lines
7.6 KiB
TOML
265 lines
7.6 KiB
TOML
[package]
|
|
name = "vaultwarden"
|
|
version = "1.0.0"
|
|
authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
|
|
edition = "2021"
|
|
rust-version = "1.79.0"
|
|
resolver = "2"
|
|
|
|
repository = "https://github.com/dani-garcia/vaultwarden"
|
|
readme = "README.md"
|
|
license = "AGPL-3.0-only"
|
|
publish = false
|
|
build = "build.rs"
|
|
|
|
[features]
|
|
# default = ["sqlite"]
|
|
# Empty to keep compatibility, prefer to set USE_SYSLOG=true
|
|
enable_syslog = []
|
|
mysql = ["diesel/mysql", "diesel_migrations/mysql"]
|
|
postgresql = ["diesel/postgres", "diesel_migrations/postgres"]
|
|
sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "dep:libsqlite3-sys"]
|
|
# Enable to use a vendored and statically linked openssl
|
|
vendored_openssl = ["openssl/vendored"]
|
|
# Enable MiMalloc memory allocator to replace the default malloc
|
|
# This can improve performance for Alpine builds
|
|
enable_mimalloc = ["dep:mimalloc"]
|
|
# This is a development dependency, and should only be used during development!
|
|
# It enables the usage of the diesel_logger crate, which is able to output the generated queries.
|
|
# You also need to set an env variable `QUERY_LOGGER=1` to fully activate this so you do not have to re-compile
|
|
# if you want to turn off the logging for a specific run.
|
|
query_logger = ["dep:diesel_logger"]
|
|
|
|
# Enable unstable features, requires nightly
|
|
# Currently only used to enable rusts official ip support
|
|
unstable = []
|
|
|
|
[target."cfg(unix)".dependencies]
|
|
# Logging
|
|
syslog = "6.1.1"
|
|
|
|
[dependencies]
|
|
# Logging
|
|
log = "0.4.22"
|
|
fern = { version = "0.6.2", features = ["syslog-6", "reopen-1"] }
|
|
tracing = { version = "0.1.40", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work
|
|
|
|
# A `dotenv` implementation for Rust
|
|
dotenvy = { version = "0.15.7", default-features = false }
|
|
|
|
# Lazy initialization
|
|
once_cell = "1.20.2"
|
|
|
|
# Numerical libraries
|
|
num-traits = "0.2.19"
|
|
num-derive = "0.4.2"
|
|
bigdecimal = "0.4.5"
|
|
|
|
# Web framework
|
|
rocket = { version = "0.5.1", features = ["tls", "json"], default-features = false }
|
|
rocket_ws = { version ="0.1.1" }
|
|
|
|
# WebSockets libraries
|
|
rmpv = "1.3.0" # MessagePack library
|
|
|
|
# Concurrent HashMap used for WebSocket messaging and favicons
|
|
dashmap = "6.1.0"
|
|
|
|
# Async futures
|
|
futures = "0.3.31"
|
|
tokio = { version = "1.40.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal", "net"] }
|
|
|
|
# A generic serialization/deserialization framework
|
|
serde = { version = "1.0.210", features = ["derive"] }
|
|
serde_json = "1.0.128"
|
|
|
|
# A safe, extensible ORM and Query builder
|
|
diesel = { version = "2.2.4", features = ["chrono", "r2d2", "numeric"] }
|
|
diesel_migrations = "2.2.0"
|
|
diesel_logger = { version = "0.3.0", optional = true }
|
|
|
|
# Bundled/Static SQLite
|
|
libsqlite3-sys = { version = "0.30.1", features = ["bundled"], optional = true }
|
|
|
|
# Crypto-related libraries
|
|
rand = { version = "0.8.5", features = ["small_rng"] }
|
|
ring = "0.17.8"
|
|
|
|
# UUID generation
|
|
uuid = { version = "1.10.0", features = ["v4"] }
|
|
|
|
# Date and time libraries
|
|
chrono = { version = "0.4.38", features = ["clock", "serde"], default-features = false }
|
|
chrono-tz = "0.10.0"
|
|
time = "0.3.36"
|
|
|
|
# Job scheduler
|
|
job_scheduler_ng = "2.0.5"
|
|
|
|
# Data encoding library Hex/Base32/Base64
|
|
data-encoding = "2.6.0"
|
|
|
|
# JWT library
|
|
jsonwebtoken = "9.3.0"
|
|
|
|
# TOTP library
|
|
totp-lite = "2.0.1"
|
|
|
|
# Yubico Library
|
|
yubico = { version = "0.11.0", features = ["online-tokio"], default-features = false }
|
|
|
|
# WebAuthn libraries
|
|
webauthn-rs = "0.3.2"
|
|
|
|
# Handling of URL's for WebAuthn and favicons
|
|
url = "2.5.2"
|
|
|
|
# Email libraries
|
|
lettre = { version = "0.11.9", features = ["smtp-transport", "sendmail-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false }
|
|
percent-encoding = "2.3.1" # URL encoding library used for URL's in the emails
|
|
email_address = "0.2.9"
|
|
|
|
# HTML Template library
|
|
handlebars = { version = "6.1.0", features = ["dir_source"] }
|
|
|
|
# HTTP client (Used for favicons, version check, DUO and HIBP API)
|
|
reqwest = { version = "0.12.8", features = ["native-tls-alpn", "stream", "json", "gzip", "brotli", "socks", "cookies"] }
|
|
hickory-resolver = "0.24.1"
|
|
|
|
# Favicon extraction libraries
|
|
html5gum = "0.5.7"
|
|
regex = { version = "1.11.0", features = ["std", "perf", "unicode-perl"], default-features = false }
|
|
data-url = "0.3.1"
|
|
bytes = "1.7.2"
|
|
|
|
# Cache function results (Used for version check and favicon fetching)
|
|
cached = { version = "0.53.1", features = ["async"] }
|
|
|
|
# Used for custom short lived cookie jar during favicon extraction
|
|
cookie = "0.18.1"
|
|
cookie_store = "0.21.0"
|
|
|
|
# Used by U2F, JWT and PostgreSQL
|
|
openssl = "0.10.66"
|
|
|
|
# CLI argument parsing
|
|
pico-args = "0.5.0"
|
|
|
|
# Macro ident concatenation
|
|
paste = "1.0.15"
|
|
governor = "0.6.3"
|
|
|
|
# Check client versions for specific features.
|
|
semver = "1.0.23"
|
|
|
|
# Allow overriding the default memory allocator
|
|
# Mainly used for the musl builds, since the default musl malloc is very slow
|
|
mimalloc = { version = "0.1.43", features = ["secure"], default-features = false, optional = true }
|
|
which = "6.0.3"
|
|
|
|
# Argon2 library with support for the PHC format
|
|
argon2 = "0.5.3"
|
|
|
|
# Reading a password from the cli for generating the Argon2id ADMIN_TOKEN
|
|
rpassword = "7.3.1"
|
|
|
|
# Strip debuginfo from the release builds
|
|
# The symbols are the provide better panic traces
|
|
# Also enable fat LTO and use 1 codegen unit for optimizations
|
|
[profile.release]
|
|
strip = "debuginfo"
|
|
lto = "fat"
|
|
codegen-units = 1
|
|
|
|
# A little bit of a speedup
|
|
[profile.dev]
|
|
split-debuginfo = "unpacked"
|
|
|
|
# Always build argon2 using opt-level 3
|
|
# This is a huge speed improvement during testing
|
|
[profile.dev.package.argon2]
|
|
opt-level = 3
|
|
|
|
# Optimize for size
|
|
[profile.release-micro]
|
|
inherits = "release"
|
|
opt-level = "z"
|
|
strip = "symbols"
|
|
lto = "fat"
|
|
codegen-units = 1
|
|
panic = "abort"
|
|
|
|
# Profile for systems with low resources
|
|
# It will use less resources during build
|
|
[profile.release-low]
|
|
inherits = "release"
|
|
strip = "symbols"
|
|
lto = "thin"
|
|
codegen-units = 16
|
|
|
|
# Linting config
|
|
# https://doc.rust-lang.org/rustc/lints/groups.html
|
|
[lints.rust]
|
|
# Forbid
|
|
unsafe_code = "forbid"
|
|
non_ascii_idents = "forbid"
|
|
|
|
# Deny
|
|
deprecated_in_future = "deny"
|
|
future_incompatible = { level = "deny", priority = -1 }
|
|
keyword_idents = { level = "deny", priority = -1 }
|
|
let_underscore = { level = "deny", priority = -1 }
|
|
noop_method_call = "deny"
|
|
refining_impl_trait = { level = "deny", priority = -1 }
|
|
rust_2018_idioms = { level = "deny", priority = -1 }
|
|
rust_2021_compatibility = { level = "deny", priority = -1 }
|
|
# rust_2024_compatibility = { level = "deny", priority = -1 } # Enable once we are at MSRV 1.81.0
|
|
single_use_lifetimes = "deny"
|
|
trivial_casts = "deny"
|
|
trivial_numeric_casts = "deny"
|
|
unused = { level = "deny", priority = -1 }
|
|
unused_import_braces = "deny"
|
|
unused_lifetimes = "deny"
|
|
unused_qualifications = "deny"
|
|
variant_size_differences = "deny"
|
|
# The lints below are part of the rust_2024_compatibility group
|
|
static-mut-refs = "deny"
|
|
unsafe-op-in-unsafe-fn = "deny"
|
|
|
|
# https://rust-lang.github.io/rust-clippy/stable/index.html
|
|
[lints.clippy]
|
|
# Warn
|
|
dbg_macro = "warn"
|
|
todo = "warn"
|
|
|
|
# Deny
|
|
case_sensitive_file_extension_comparisons = "deny"
|
|
cast_lossless = "deny"
|
|
clone_on_ref_ptr = "deny"
|
|
equatable_if_let = "deny"
|
|
filter_map_next = "deny"
|
|
float_cmp_const = "deny"
|
|
inefficient_to_string = "deny"
|
|
iter_on_empty_collections = "deny"
|
|
iter_on_single_items = "deny"
|
|
linkedlist = "deny"
|
|
macro_use_imports = "deny"
|
|
manual_assert = "deny"
|
|
manual_instant_elapsed = "deny"
|
|
manual_string_new = "deny"
|
|
match_on_vec_items = "deny"
|
|
match_wildcard_for_single_variants = "deny"
|
|
mem_forget = "deny"
|
|
needless_continue = "deny"
|
|
needless_lifetimes = "deny"
|
|
option_option = "deny"
|
|
string_add_assign = "deny"
|
|
string_to_string = "deny"
|
|
unnecessary_join = "deny"
|
|
unnecessary_self_imports = "deny"
|
|
unnested_or_patterns = "deny"
|
|
unused_async = "deny"
|
|
unused_self = "deny"
|
|
verbose_file_reads = "deny"
|
|
zero_sized_map_values = "deny"
|