From 6c5a5139da8a1f431fc00cb1d71b03556df7ad6b Mon Sep 17 00:00:00 2001 From: Adrian Benavides Date: Fri, 28 Feb 2025 07:24:04 +0100 Subject: [PATCH] build(rust): manually upgrade dependencies --- .github/workflows/scorecards.yml | 2 +- Cargo.lock | 64 ++++++++++++++----- NOTICE.md | 1 + .../rust/ockam/ockam_api/Cargo.toml | 2 +- .../rust/ockam/ockam_app_lib/Cargo.toml | 2 +- .../rust/ockam/ockam_command/Cargo.toml | 2 +- .../rust/ockam/ockam_identity/Cargo.toml | 2 +- .../rust/ockam/ockam_node/Cargo.toml | 2 +- .../rust/ockam/ockam_vault/Cargo.toml | 2 +- implementations/typescript/package.json | 4 +- implementations/typescript/pnpm-lock.yaml | 26 ++++---- 11 files changed, 70 insertions(+), 39 deletions(-) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4bc8e523428..1487b9fd4bd 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: Analyze - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 with: results_file: results.sarif results_format: sarif diff --git a/Cargo.lock b/Cargo.lock index 5d71c1b2853..531d788bcdf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -73,7 +73,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "e89da841a80418a9b391ebaea17f5c112ffaaa96f621d2c285b5174da76b9011" dependencies = [ "cfg-if", - "getrandom", + "getrandom 0.2.15", "once_cell", "version_check", "zerocopy", @@ -1500,9 +1500,9 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.27" +version = "4.5.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "769b0145982b4b48713e01ec42d61614425f27b7058bda7180a3a41f30104796" +checksum = "027bb0d98429ae334a8698531da7077bdf906419543a35a55c2cb1b66437d767" dependencies = [ "clap_builder", "clap_derive", @@ -1510,9 +1510,9 @@ dependencies = [ [[package]] name = "clap_builder" -version = "4.5.27" +version = "4.5.31" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1b26884eb4b57140e4d2d93652abfa49498b938b3c9179f9fc487b0acc3edad7" +checksum = "5589e0cba072e0f3d23791efac0fd8627b49c829c196a492e88168e6a669d863" dependencies = [ "anstream", "anstyle", @@ -1532,9 +1532,9 @@ dependencies = [ [[package]] name = "clap_derive" -version = "4.5.24" +version = "4.5.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "54b755194d6389280185988721fffba69495eed5ee9feeee9a599b53db80318c" +checksum = "bf4ced95c6f4a675af3da73304b9ac4ed991640c36374e4b46795c49e17cf1ed" dependencies = [ "heck 0.5.0", "proc-macro2", @@ -2831,10 +2831,22 @@ dependencies = [ "cfg-if", "js-sys", "libc", - "wasi", + "wasi 0.11.0+wasi-snapshot-preview1", "wasm-bindgen", ] +[[package]] +name = "getrandom" +version = "0.3.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "43a49c392881ce6d5c3b8cb70f98717b7c07aabbdff06687b9030dbfbe2725f8" +dependencies = [ + "cfg-if", + "libc", + "wasi 0.13.3+wasi-0.2.2", + "windows-targets 0.52.6", +] + [[package]] name = "ghash" version = "0.5.1" @@ -4045,7 +4057,7 @@ checksum = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" dependencies = [ "libc", "log", - "wasi", + "wasi 0.11.0+wasi-snapshot-preview1", "windows-sys 0.48.0", ] @@ -4057,7 +4069,7 @@ checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd" dependencies = [ "libc", "log", - "wasi", + "wasi 0.11.0+wasi-snapshot-preview1", "windows-sys 0.52.0", ] @@ -5746,7 +5758,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a2fe5ef3495d7d2e377ff17b1a8ce2ee2ec2a18cde8b6ad6619d65d0701c135d" dependencies = [ "bytes 1.9.0", - "getrandom", + "getrandom 0.2.15", "rand", "ring", "rustc-hash 2.1.0", @@ -5920,7 +5932,7 @@ version = "0.6.4" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c" dependencies = [ - "getrandom", + "getrandom 0.2.15", ] [[package]] @@ -6126,7 +6138,7 @@ checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" dependencies = [ "cc", "cfg-if", - "getrandom", + "getrandom 0.2.15", "libc", "spin", "untrusted", @@ -7383,13 +7395,13 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.15.0" +version = "3.17.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9a8a559c81686f576e8cd0290cd2a24a2a9ad80c98b3478856500fcbd7acd704" +checksum = "22e5a0acb1f3f55f65cc4a866c361b2fb2a0ff6366785ae6fbb5f85df07ba230" dependencies = [ "cfg-if", "fastrand", - "getrandom", + "getrandom 0.3.1", "once_cell", "rustix", "windows-sys 0.59.0", @@ -8086,7 +8098,7 @@ dependencies = [ "libc", "rustix", "rustversion", - "wasi", + "wasi 0.11.0+wasi-snapshot-preview1", "wasm-bindgen", "winapi", ] @@ -8250,6 +8262,15 @@ version = "0.11.0+wasi-snapshot-preview1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423" +[[package]] +name = "wasi" +version = "0.13.3+wasi-0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "26816d2e1a4a36a2940b96c5296ce403917633dff8f3440e9b236ed6f6bacad2" +dependencies = [ + "wit-bindgen-rt", +] + [[package]] name = "wasite" version = "0.1.0" @@ -8773,6 +8794,15 @@ version = "0.0.19" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d135d17ab770252ad95e9a872d365cf3090e3be864a34ab46f48555993efc904" +[[package]] +name = "wit-bindgen-rt" +version = "0.33.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3268f3d866458b787f390cf61f4bbb563b922d091359f9608842999eaee3943c" +dependencies = [ + "bitflags 2.6.0", +] + [[package]] name = "write16" version = "1.0.0" diff --git a/NOTICE.md b/NOTICE.md index bfecae7795c..7c374f8676b 100644 --- a/NOTICE.md +++ b/NOTICE.md @@ -639,6 +639,7 @@ This file contains attributions for any 3rd-party open source code used in this | windows_x86_64_msvc | MIT, Apache-2.0 | https://crates.io/crates/windows_x86_64_msvc | | winnow | MIT | https://crates.io/crates/winnow | | winsafe | MIT | https://crates.io/crates/winsafe | +| wit-bindgen-rt | Apache-2.0 WITH LLVM-exception, Apache-2.0, MIT | https://crates.io/crates/wit-bindgen-rt | | write16 | Apache-2.0, MIT | https://crates.io/crates/write16 | | writeable | Unicode-3.0 | https://crates.io/crates/writeable | | x11-clipboard | MIT | https://crates.io/crates/x11-clipboard | diff --git a/implementations/rust/ockam/ockam_api/Cargo.toml b/implementations/rust/ockam/ockam_api/Cargo.toml index 4f91a85afd0..b85bed61edf 100644 --- a/implementations/rust/ockam/ockam_api/Cargo.toml +++ b/implementations/rust/ockam/ockam_api/Cargo.toml @@ -177,7 +177,7 @@ opentelemetry_sdk = { version = "0.27", features = ["logs", "metrics", "trace", quickcheck = "1.0.1" quickcheck_macros = "1.0.0" serial_test = "3.0.0" -tempfile = "3.10.1" +tempfile = "3.17.1" tokio = { version = "1.41.0", features = ["full"] } tracing-core = "0.1.32" treeline = "0.1.0" diff --git a/implementations/rust/ockam/ockam_app_lib/Cargo.toml b/implementations/rust/ockam/ockam_app_lib/Cargo.toml index 9e48d5a5589..668463ef441 100644 --- a/implementations/rust/ockam/ockam_app_lib/Cargo.toml +++ b/implementations/rust/ockam/ockam_app_lib/Cargo.toml @@ -51,7 +51,7 @@ tracing = { version = "0.1", default-features = false } [dev-dependencies] ockam_api = { path = "../ockam_api", version = "0.90.0", default-features = false, features = ["test-utils"] } -tempfile = { version = "3.10.1" } +tempfile = { version = "3.17.1" } [build-dependencies] cbindgen = { version = "0.26", default-features = false } diff --git a/implementations/rust/ockam/ockam_command/Cargo.toml b/implementations/rust/ockam/ockam_command/Cargo.toml index af43bd9105c..36e07ebbbc5 100644 --- a/implementations/rust/ockam/ockam_command/Cargo.toml +++ b/implementations/rust/ockam/ockam_command/Cargo.toml @@ -104,7 +104,7 @@ mockito = "1.5.0" ockam_api = { path = "../ockam_api", version = "0.90.0", default-features = false, features = ["test-utils"] } ockam_macros = { path = "../ockam_macros", version = "^0.37.0" } serial_test = "3.0.0" -tempfile = "3.10.1" +tempfile = "3.17.1" [features] default = ["rust-crypto", "privileged_portals"] diff --git a/implementations/rust/ockam/ockam_identity/Cargo.toml b/implementations/rust/ockam/ockam_identity/Cargo.toml index 4b54b83090c..a804b9d69a0 100644 --- a/implementations/rust/ockam/ockam_identity/Cargo.toml +++ b/implementations/rust/ockam/ockam_identity/Cargo.toml @@ -103,7 +103,7 @@ ockam_vault_aws = { path = "../ockam_vault_aws" } quickcheck = "1.0.3" rand_xorshift = "0" serde_json = "1.0" -tempfile = { version = "3.10.1" } +tempfile = { version = "3.17.1" } tokio = { version = "1.41.0", features = ["full"] } zeroize = { version = "1.8.1" } diff --git a/implementations/rust/ockam/ockam_node/Cargo.toml b/implementations/rust/ockam/ockam_node/Cargo.toml index b0243938078..e47a7c148cb 100644 --- a/implementations/rust/ockam/ockam_node/Cargo.toml +++ b/implementations/rust/ockam/ockam_node/Cargo.toml @@ -101,7 +101,7 @@ sqlx = { version = "0.8.3", optional = true, default-features = false, features sqlx-core = { version = "0.8.3", optional = true, default-features = false } sqlx-postgres = { version = "0.8.2", optional = true, default-features = false } sqlx-sqlite = { version = "0.8.2", optional = true, default-features = false } -tempfile = { version = "3.10.1", optional = true } +tempfile = { version = "3.17.1", optional = true } time = { version = "0.3.36", default-features = false, optional = true } tokio = { version = "1.41", default-features = false, optional = true, features = ["sync", "time", "rt", "rt-multi-thread", "macros"] } tokio-retry = { version = "0.3.0", optional = true } diff --git a/implementations/rust/ockam/ockam_vault/Cargo.toml b/implementations/rust/ockam/ockam_vault/Cargo.toml index 10168750a8c..b29b7fca2d4 100644 --- a/implementations/rust/ockam/ockam_vault/Cargo.toml +++ b/implementations/rust/ockam/ockam_vault/Cargo.toml @@ -100,7 +100,7 @@ zeroize = { version = "1.8.1", features = ["zeroize_derive"] } [dev-dependencies] serde_bare = { version = "0.5.0" } serde_json = { version = "1" } -tempfile = { version = "3.10.1" } +tempfile = { version = "3.17.1" } tokio = { version = "1.41", features = ["full"] } trybuild = { version = "1.0", features = ["diff"] } diff --git a/implementations/typescript/package.json b/implementations/typescript/package.json index bc8329abc65..ebe1db78fd5 100644 --- a/implementations/typescript/package.json +++ b/implementations/typescript/package.json @@ -16,8 +16,8 @@ "@jest/globals": "^29.7.0", "@types/jest": "^29.5.14", "jest": "^29.7.0", - "prettier": "^3.4.1", + "prettier": "^3.5.2", "ts-jest": "^29.2.5", - "typescript": "^5.7.2" + "typescript": "^5.7.3" } } diff --git a/implementations/typescript/pnpm-lock.yaml b/implementations/typescript/pnpm-lock.yaml index b221cc3bee7..7640e06d30a 100644 --- a/implementations/typescript/pnpm-lock.yaml +++ b/implementations/typescript/pnpm-lock.yaml @@ -18,14 +18,14 @@ importers: specifier: ^29.7.0 version: 29.7.0(@types/node@20.10.6) prettier: - specifier: ^3.4.1 - version: 3.4.1 + specifier: ^3.5.2 + version: 3.5.2 ts-jest: specifier: ^29.2.5 - version: 29.2.5(@babel/core@7.23.3)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.23.3))(jest@29.7.0(@types/node@20.10.6))(typescript@5.7.2) + version: 29.2.5(@babel/core@7.23.3)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.23.3))(jest@29.7.0(@types/node@20.10.6))(typescript@5.7.3) typescript: - specifier: ^5.7.2 - version: 5.7.2 + specifier: ^5.7.3 + version: 5.7.3 ockam/ockam: {} @@ -997,8 +997,8 @@ packages: resolution: {integrity: sha512-HRDzbaKjC+AOWVXxAU/x54COGeIv9eb+6CkDSQoNTt4XyWoIJvuPsXizxu/Fr23EiekbtZwmh1IcIG/l/a10GQ==} engines: {node: '>=8'} - prettier@3.4.1: - resolution: {integrity: sha512-G+YdqtITVZmOJje6QkXQWzl3fSfMxFwm1tjTyo9exhkmWSqC4Yhd1+lug++IlR2mvRVAxEDDWYkQdeSztajqgg==} + prettier@3.5.2: + resolution: {integrity: sha512-lc6npv5PH7hVqozBR7lkBNOGXV9vMwROAPlumdBkX0wTbbzPu/U1hk5yL8p2pt4Xoc+2mkT8t/sow2YrV/M5qg==} engines: {node: '>=14'} hasBin: true @@ -1169,8 +1169,8 @@ packages: resolution: {integrity: sha512-t0rzBq87m3fVcduHDUFhKmyyX+9eo6WQjZvf51Ea/M0Q7+T374Jp1aUiyUl0GKxp8M/OETVHSDvmkyPgvX+X2w==} engines: {node: '>=10'} - typescript@5.7.2: - resolution: {integrity: sha512-i5t66RHxDvVN40HfDd1PsEThGNnlMCMT3jMUuoh9/0TaqWevNontacunWyN02LA9/fIbEWlcHZcgTKb9QoaLfg==} + typescript@5.7.3: + resolution: {integrity: sha512-84MVSjMEHP+FQRPy3pX9sTVV/INIex71s9TL2Gm5FG/WG1SqXeKyZ0k7/blY/4FdOzI12CBy1vGc4og/eus0fw==} engines: {node: '>=14.17'} hasBin: true @@ -2490,7 +2490,7 @@ snapshots: dependencies: find-up: 4.1.0 - prettier@3.4.1: {} + prettier@3.5.2: {} pretty-format@29.7.0: dependencies: @@ -2605,7 +2605,7 @@ snapshots: dependencies: is-number: 7.0.0 - ts-jest@29.2.5(@babel/core@7.23.3)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.23.3))(jest@29.7.0(@types/node@20.10.6))(typescript@5.7.2): + ts-jest@29.2.5(@babel/core@7.23.3)(@jest/transform@29.7.0)(@jest/types@29.6.3)(babel-jest@29.7.0(@babel/core@7.23.3))(jest@29.7.0(@types/node@20.10.6))(typescript@5.7.3): dependencies: bs-logger: 0.2.6 ejs: 3.1.10 @@ -2616,7 +2616,7 @@ snapshots: lodash.memoize: 4.1.2 make-error: 1.3.6 semver: 7.6.3 - typescript: 5.7.2 + typescript: 5.7.3 yargs-parser: 21.1.1 optionalDependencies: '@babel/core': 7.23.3 @@ -2628,7 +2628,7 @@ snapshots: type-fest@0.21.3: {} - typescript@5.7.2: {} + typescript@5.7.3: {} undici-types@5.26.5: {}