Age | Commit message (Collapse) | Author |
|
- Remove the general-purpose ffi crates. They will be moved into
their own repository. Note that we consider general-purpose ffi
crates to be a dead end: exposing Sequoia's interface requires a
large number of types and functions, and using the interface from
C turned out to be verbose and error-prone. Instead, we prefer to
write point solutions in Rust that implement exactly the
functionality the downstream consumer needs, then expose this via
ffi bindings.
- See https://gitlab.com/sequoia-pgp/sequoia-ffi.
|
|
|
|
|
|
|
|
|
|
- tokio 1.12 has RUSTSEC-2021-0124.
|
|
- Replace
let bar = std::mem::replace(&foo, Default::Default());
with
let bar = std::mem::take(&foo);
The new version seems a little clearer.
- Found by clippy:
https://rust-lang.github.io/rust-clippy/master/index.html#mem_replace_with_default
|
|
- Use range syntac instad of manual comparisons. This is arguably
better to read.
- Found by clippy::manual_range_contains.
|
|
- Fixed with the help of clippy::needless_borrow.
|
|
- The store has never been really used, and never reached a maturity
where it was useful. And, we're on the verge of replacing it with
the Shared PGP Certificate Directory.
|
|
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
|
|
- Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
later as unanimously decided on October 18, 2021 by:
- Christof Wahl <cw@pep.security> (pEp security CEO)
- Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
employee, Sequoia developer)
- Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
employee, Sequoia Founder)
- Neal H. Walfield <neal@pep.foundation> (pEp Foundation
employee, Sequoia Founder)
- Patrick Meier <pm@pep.security> (pEp security Chief Product
and Service Officer)
- Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
Board)
- Volker Birk <vb@pep.security> (pEp security Founder, pEp
Foundation Council)
|
|
See
https://rust-lang.github.io/rust-clippy/master/index.html#redundant_pattern_matching
|
|
When creating a struct with a field foo, using a variable also named
foo, it's not necessary to name the field explicitly. Thus, instead
of:
Self { foo: foo }
use this:
Self { foo }
The shorter form is more idiomatic and thus less confusing to
experienced Rust programmers.
This was found by the clippy lint redundant_field_names:
https://rust-lang.github.io/rust-clippy/master/index.html#redundant_field_names
Sponsored-by: author
|
|
The extra & in a pattern (match arm or if let) is unnecessary and only
makes the code harder to read. In most places it's enough to just
remove the & from the pattern, but in a few places a dereference (*)
needs to be added where the value captured in the pattern is used, as
removing the & changes the type of the captured value to be a
reference.
Overall, the changes are almost mechanical. Although the diff is huge,
it should be easy to read.
The clippy lint match_ref_pats warns about this. See:
https://rust-lang.github.io/rust-clippy/master/index.html#match_ref_pats
|
|
- Some link targets have moved or were replaced since the link's
creation. Make them point to the new location or replacement.
|
|
- Apply cargo intraconv.
|
|
|
|
|
|
|
|
- The libtest benchmark harness that is automatically added by cargo
interferes with criterion. Disable it everywhere where there are no
benchmarks.
- https://github.com/rust-lang/rust/issues/47241
- https://bheisler.github.io/criterion.rs/book/faq.html
|
|
Having the license file in the root directory is not enough, since
cargo actions for workspace members will not consider this file.
This commit adds a symbolic link to the license file in the root
directory of all workspace members, so "cargo publish" will include
the LICENSE.txt file when publishing crates.
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#iter_next_slice
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#single_component_path_imports
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#len_zero
- https://rust-lang.github.io/rust-clippy/master/index.html#comparison_to_empty
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#or_fun_call
|
|
|
|
|
|
- This moves all functionality from sequoia_core crate as an inner
`core` module of the ipc crate.
- The `core` module has to be public as other crates depend on
`core::Context` either directly (store, ffi) or indirectly (store
through ffi crate).
- Remove the `core` crate completely.
|
|
- When dropping the Context, free the error pointer, too.
- Add test that would have allowed valgrind to find the issue.
- Fixes #671
|
|
- Spaces in key ids and fingerprints make them awkward to copy and
pass as command line arguments. Change the default representation.
For the rare occasions that we expect users to manually verify
fingerprints, the previously introduced *::to_hex_pretty functions
can be used.
- Fixes #422.
|
|
- See #665.
- Also add test for keyserver to make sure the fix is correct.
|
|
|
|
|
|
|
|
- Move core::NetworkPolicy to net::Policy, update all code
accordingly.
|
|
- Release buffered-reader 1.0.0, sequoia-openpgp 1.0.0, and
sequoia-sqv 1.0.0.
- Also release sequoia-sop 0.22.0.
|
|
|
|
- Relaxes those dependencies that were unnecessarily strict and
patched by debian.
|
|
- Versions required by feature or API usage:
- anyhow 1.0.18.
- policy::test::reject_seip_packet and
policy::test::reject_cipher' fail
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
|
|
|
|
- Fixes #563
- With an MSRV >= 1.40.0, we can use #[non_exhaustive], as mentioned
in #406.
- This is also a clippy lint:
https://rust-lang.github.io/rust-clippy/master/index.html#manual_non_exhaustive
|
|
|
|
Closes #581.
|
|
|
|
- See #480.
|
|
- See #480.
|
|
|