-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathCargo.toml
121 lines (113 loc) · 4.5 KB
/
Cargo.toml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
[package]
name = "systemd-hardening-helper"
authors = ["Maxime Desbrus <[email protected]>"]
description = "Automatic systemd service hardening guided by strace profiling"
readme = "README.md"
repository = "https://github.com/desbma/shh"
keywords = ["systemd", "hardening", "strace", "system", "security"]
categories = ["command-line-utilities"]
license = "GPL-3.0-only"
version = "2025.1.16"
rust-version = "1.81"
edition = "2021"
[[bin]]
name = "shh"
path = "src/main.rs"
[profile.release]
lto = true
codegen-units = 1
strip = true
[dependencies]
anyhow = { version = "1.0.95", default-features = false, features = ["std", "backtrace"] }
bincode = { version = "1.3.3", default-features = false }
clap = { version = "4.5.26", default-features = false, features = ["std", "color", "help", "usage", "error-context", "suggestions", "derive"] }
clap_mangen = { version = "0.2.26", default-features = false, optional = true }
function_name = { version = "0.3.0", default-features = false }
itertools = { version = "0.13.0", default-features = false, features = ["use_std"] }
log = { version = "0.4.25", default-features = false, features = ["max_level_trace", "release_max_level_info"] }
nix = { version = "0.29.0", default-features = false, features = ["fs"] }
nom = { version = "7.1.3", default-features = false, features = ["std"] }
rand = { version = "0.8.5", default-features = false, features = ["std", "std_rng"] }
regex = { version = "1.11.1", default-features = false, features = ["std", "perf"] }
serde = { version = "1.0.217", default-features = false, features = ["std", "derive"] }
signal-hook = { version = "0.3.17", default-features = false, features = ["iterator"] }
simple_logger = { version = "5.0.0", default-features = false, features = ["colors", "stderr"] }
strum = { version = "0.26.3", default-features = false, features = ["std", "derive"] }
tempfile = { version = "3.15.0", default-features = false }
thiserror = { version = "2.0.11", default-features = false, features = ["std"] }
[dev-dependencies]
assert_cmd = { version = "2.0.16", default-features = false, features = ["color", "color-auto"] }
fastrand = { version = "2.3.0", default-features = false, features = ["std"] }
nix = { version = "0.29.0", default-features = false, features = ["user"] }
predicates = { version = "3.1.3", default-features = false, features = ["color"] }
pretty_assertions = { version = "1.4.1", default-features = false, features = ["std"] }
[features]
default = []
as-root = [] # for tests only
gen-man-pages = ["dep:clap_mangen"]
nightly = [] # for benchmarks only
[lints.rust]
# https://doc.rust-lang.org/rustc/lints/listing/allowed-by-default.html
explicit_outlives_requirements = "warn"
missing_docs = "warn"
non_ascii_idents = "deny"
redundant-lifetimes = "warn"
single-use-lifetimes = "warn"
unit-bindings = "warn"
unreachable_pub = "warn"
# unused_crate_dependencies = "warn"
unused-lifetimes = "warn"
unused-qualifications = "warn"
[lints.clippy]
pedantic = { level = "warn", priority = -1 }
# below lints are from clippy::restriction, and assume clippy >= 1.83
# https://rust-lang.github.io/rust-clippy/master/index.html#/?levels=allow&groups=restriction
allow_attributes = "warn"
clone_on_ref_ptr = "warn"
dbg_macro = "warn"
empty_enum_variants_with_brackets = "warn"
expect_used = "warn"
field_scoped_visibility_modifiers = "warn"
fn_to_numeric_cast_any = "warn"
format_push_string = "warn"
if_then_some_else_none = "warn"
impl_trait_in_params = "warn"
infinite_loop = "warn"
lossy_float_literal = "warn"
# missing_docs_in_private_items = "warn"
mixed_read_write_in_expression = "warn"
multiple_inherent_impl = "warn"
needless_raw_strings = "warn"
non_zero_suggestions = "warn"
panic = "warn"
pathbuf_init_then_push = "warn"
pub_without_shorthand = "warn"
redundant_type_annotations = "warn"
ref_patterns = "warn"
renamed_function_params = "warn"
rest_pat_in_fully_bound_structs = "warn"
same_name_method = "warn"
self_named_module_files = "warn"
semicolon_inside_block = "warn"
shadow_unrelated = "warn"
str_to_string = "warn"
string_slice = "warn"
string_to_string = "warn"
tests_outside_test_module = "warn"
try_err = "warn"
undocumented_unsafe_blocks = "warn"
unnecessary_safety_comment = "warn"
unnecessary_safety_doc = "warn"
unneeded_field_pattern = "warn"
unseparated_literal_suffix = "warn"
unused_result_ok = "warn"
unused_trait_names = "warn"
unwrap_used = "warn"
verbose_file_reads = "warn"
[package.metadata.deb]
name = "shh"
depends = "$auto, strace"
assets = [
["target/release/shh", "usr/bin/", "755"],
["target/man/*.1.gz", "usr/share/man/man1/", "644"]
]