Age | Commit message (Collapse) | Author |
|
|
|
- Allow multiple session keys, try all of them until one decrypts the
message.
- Closes #858.
|
|
|
|
Change sq command line handling from using clap version 2 to version 3,
and adapt to all the breaking changes.
Clap version 3 is a major new version with a number of breaking
changes. It also adds functionality to allow a structopt style
declarative way of defining command line syntax. We want to use that,
but first we need to port the old "builder style" of defining the
command line syntax to clap version 3. The change to use the "derive
style" comes later.
The semantics of clap version 2's .multiple function were hard to
understand and it was replaced with .multiple_occurences. Care was taken
to preserve the original intention regarding an argument's number of
occurrences and number of values.
There are some changes to help output (in src/sq-usage.rs). These are
mostly from upstream changes and we think the differences are minor so
we are okay with following upstream's lead. In summary: FLAGS and
OPTIONS are merged into just OPTIONS; the layout of subcommand lists are
a little different (split into two lines); there is no "[--]" before
filename arguments anymore; default and allowed values for options are
on a separate line now; --version isn't repeated for every subcommand
anymore; help is listed for each subcommand separately.
In addition, we will help clap upstream fix a problem where the
help output doesn't have a "..." to indicate that an option may be used
several times.
Further, upstream has changed --help text to be of the form "Print
help", when it earlier was "Prints help". We will change our own help
texts to follow suite in a future commit. We don't do it in this commit,
to avoid making an even larger diff.
By default, clap v3 now colors its help output. However, this does not
support custom sections like our examples. Clap is tracking this as
https://github.com/clap-rs/clap/issues/3108. In the meantime, disable
colors.
|
|
- Removes a duplicate dependency, as itertools:0.10 is used by
lalrpop:0.19.6, among others, anyway.
|
|
Update subplotlib and subplot-build dependencies to the recent
Subplot release. Subplot made a change that changes the document
metadata, which requires dropping the "template" field and changing
"functions" to "impls" in sq-subplot.md.
Sponsored-by: pep.foundation
|
|
|
|
- assert_cli has been deprecated for a long time, assert_cmd is the
successor.
- a4cfd15805a543a327d2242f9c0f2b653a11ee55 introduced assert_cmd to
sq, in addition to assert_cli. It does not make sense to use two
different crates for cli testing.
- Closes #640.
|
|
- State default features in terms of sq's features.
|
|
- Closes #763
|
|
- Remove the compression feature, it is now redundant with
compression-bzip2 as both add the bzip2 feature to buffered-reader
and sequoia-openpgp, but compression-bzip2 is more explicit.
|
|
- Add support for revoking certificates to sq.
|
|
|
|
|
|
- tokio 1.12 has RUSTSEC-2021-0124.
|
|
Add support for an integration and acceptance test suite using the
Subplot tool (https://subplot.liw.fi/). There are the initial, very
simple test scenarios, to get us started. The goal is to introduce the
scaffolding for integration tests, so that further tests can be added
with ease later.
The tests are documented and defined in sq-subplot.md. In build.rs, we
call Subplot to generate test code from the markdown file. The tests
are run via "cargo test", as usual.
Subplot can also generate a typeset test document from sq-subplot.md,
but we don't do that here.
|
|
- net: hyper has two vulnerabilities:
- RUSTSEC-2021-0079: "Integer overflow in `hyper`'s parsing of the
`Transfer-Encoding` header leads to data loss" (vulnerability)
- RUSTSEC-2021-0078: "Lenient `hyper` header parsing of
`Content-Length` could allow request smuggling" (vulnerability)
Both are fixed in hyper 0.14.10., which depends on tokio 1. tokio
0.2 is incompatible to tokio 1, so we need to update that too, also
in the dependents sq and ffi.
hyper-tls 0.4 is incompatible to hyper 0.14., update to hyper-tls
0.5.
|
|
- The libtest benchmark harness that is automatically added by cargo
interferes with criterion. Disable it everywhere where there are no
benchmarks.
- https://github.com/rust-lang/rust/issues/47241
- https://bheisler.github.io/criterion.rs/book/faq.html
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Neither assert_cmd nor predicates are in Debian.
|
|
|
|
|
|
- term_size is packaged in Debian.
|
|
- We want to release sq without it depending on the key store.
The keystore is little more than a prototype, but because it keeps
state, it has the potential to break if we change it later.
|
|
- Add a subcommand to have a certificate adopt a key on another
certificate. That is, the subcommand adds a key from one
certificate (A) to another (B) by having B create any necessary
binding signatures.
- The modified certificate is written to stdout.
|
|
- Release buffered-reader 1.0.0, sequoia-openpgp 1.0.0, and
sequoia-sqv 1.0.0.
- Also release sequoia-sop 0.22.0.
|
|
|
|
- Versions required by feature or API usage:
- anyhow 1.0.18.
- policy::test::reject_seip_packet and
policy::test::reject_cipher' fail
- We use `impl From<anyhow::Error> for Box<dyn std::error::Error +
Send + Sync + 'static>`, introduced in 1.0.5.
- tokio 0.2.19
- We use `tokio::net::tcp::OwnedReadHalf`, introduced in 0.2.19.
- chrono 0.4.10
- We use the `std` feature, introduced in 0.4.10.
- thiserror 1.0.2
- futures and futures-util 0.3.5
- tempfile 3.1
- c_doctests require the same version of rand both as direct
dependency and through tempfile.
- Yanked versions:
- structopt 0.3.11. 0.3.8 to 0.3.10 were yanked.
- socket2 0.3.16. 0.3.0 to 0.3.15 were yanked.
- Update our dependencies to the package versions required by other
dependencies, e.g. structopt requires lazy_static 1.4.0.
- clap 2.33
- lazy_static to 1.4.0
- libc to 0.2.66
- proc-macro2 to 1.0.7
- syn to 1.0.5.
- winapi 0.3.8
|
|
|
|
|
|
|