From 3d827ac24fa71bfa93d00a5b7fecd963035c0a73 Mon Sep 17 00:00:00 2001 From: JonathanHelianthicusDoe Date: Fri, 29 Jul 2022 19:08:02 +0000 Subject: [PATCH] v1.1.0: switch from native-tls (OpenSSL on most platforms, Secure Transport on macOS, SChannel on Windows NT) to rustls. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Also, rpassword version 6 → 7. The switch to rustls: - Makes sbu easier to build & link, as rustls is written in Rust†. - Allows sbu to benefit from the technological improvements brought by rustls and ring, including support for modern & secure (and ONLY modern & secure) protocols, API surfaces that are secure by default and are difficult to misuse, and the use of a memory-safe-by-default language like Rust. rustls is highly mature now, not only claiming to be “ready to use”, but also already enjoying widespread use throughout the Rust ecosystem. It also has undergone thorough formal auditing by third parties (see ). †rustls relies on ring for the implementation of cryptography, and ring is written in a combination of Rust with both assembly and C. --- Cargo.toml | 14 ++++++++------ deny.toml | 12 ++++++------ rustfmt.toml | 2 +- 3 files changed, 15 insertions(+), 13 deletions(-) diff --git a/Cargo.toml b/Cargo.toml index 461547e..25c3a98 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "shticker_book_unwritten" -version = "1.0.6" +version = "1.1.0" authors = ["Dr. Jonathan Helianthicus Doe, IV "] edition = "2021" description = "Minimal CLI launcher for the Toontown Rewritten MMORPG" @@ -13,19 +13,20 @@ license = "GPL-3.0-or-later" [dependencies] bzip2 = "0.4.3" -rpassword = "6.0.1" -serde = { version = "1.0.137", features = ["derive"] } -serde_json = "1.0.81" +rpassword = "7.0.0" +serde = { version = "1.0.140", features = ["derive"] } +serde_json = "1.0.82" sha-1 = "0.10.0" [dependencies.clap] -version = "3.2.1" +version = "3.2.15" default-features = false features = ["std", "cargo", "suggestions"] [dependencies.reqwest] version = "0.11.11" -features = ["blocking", "default-tls"] +default-features = false +features = ["blocking", "rustls-tls"] [profile.release] opt-level = 3 @@ -37,3 +38,4 @@ codegen-units = 1 panic = "abort" incremental = false overflow-checks = false +strip = true diff --git a/deny.toml b/deny.toml index 956c413..753bd06 100644 --- a/deny.toml +++ b/deny.toml @@ -1,9 +1,9 @@ [licenses] copyleft = "allow" allow-osi-fsf-free = "both" -# Explicitly allowing certain licenses is neccessary because SPDX incorrectly -# neglects to mark certain licenses as FSF/OSI approved when they really are. -allow = ["BSD-2-Clause"] +# This license is used by `unicode-indent` because it makes use of Unicode’s +# data. But it’s just a glorified BSD-2-Clause... +allow = ["Unicode-DFS-2016"] # Denying common free-but-incompatible-with-the-GPL licenses. deny = [ "AFL-1.1", @@ -53,7 +53,7 @@ deny = [ ] [[licenses.clarify]] -name = "encoding_rs" +name = "ring" version = "*" -expression = "(Apache-2.0 OR MIT) AND BSD-3-Clause" -license-files = [{ path = "COPYRIGHT", hash = 0x39f8ad31 }] +expression = "ISC" +license-files = [{ path = "LICENSE", hash = 0xbd0eed23 }] diff --git a/rustfmt.toml b/rustfmt.toml index f950886..ddc14fd 100644 --- a/rustfmt.toml +++ b/rustfmt.toml @@ -1,4 +1,4 @@ -edition = "2018" +edition = "2021" fn_args_layout = "Tall" force_explicit_abi = true hard_tabs = false