aboutsummaryrefslogtreecommitdiff
path: root/src/x509-info
diff options
context:
space:
mode:
Diffstat (limited to 'src/x509-info')
-rw-r--r--src/x509-info/.github/workflows/build.yml111
-rw-r--r--src/x509-info/.gitignore2
-rw-r--r--src/x509-info/Cargo.lock93
-rw-r--r--src/x509-info/Cargo.toml2
-rw-r--r--src/x509-info/deny.toml46
-rw-r--r--src/x509-info/flake.lock84
-rw-r--r--src/x509-info/flake.nix85
7 files changed, 215 insertions, 208 deletions
diff --git a/src/x509-info/.github/workflows/build.yml b/src/x509-info/.github/workflows/build.yml
index cabbcba..0d3d439 100644
--- a/src/x509-info/.github/workflows/build.yml
+++ b/src/x509-info/.github/workflows/build.yml
@@ -8,81 +8,42 @@ jobs:
name: Check
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
- - uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
- - uses: actions-rs/cargo@v1
- with:
- command: check
- - uses: actions-rs/cargo@v1
- with:
- command: check
- args: --no-default-features
+ - name: git checkout
+ uses: actions/checkout@v3
+ - name: install nix
+ uses: cachix/install-nix-action@v17
+ # This is a workaround for https://github.com/oxalica/rust-overlay/issues/54,
+ # avoiding link errors when running cargo commands with `nix develop`.
+ - name: Remove existing binaries from ~/.cargo/bin
+ run: rm --recursive --force --verbose ~/.cargo/bin
+ - name: check rust formatting
+ run: nix develop --command cargo fmt --check
+ - name: audit rust code
+ run: nix develop --command cargo-deny check
+ - name: clippy
+ run: nix develop --command cargo clippy -- -D warnings
- test:
- name: Test
+ test_and_build:
+ name: Test and build
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v3
- - uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
- - uses: actions-rs/cargo@v1
- with:
- command: test
- - uses: actions-rs/cargo@v1
- with:
- command: test
- args: --no-default-features
-
- fmt:
- name: Rustfmt
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v3
- - uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
- - run: rustup component add rustfmt
- - uses: actions-rs/cargo@v1
- with:
- command: fmt
- args: --all -- --check
-
- clippy:
- name: Clippy
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v3
- - uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
- - run: rustup component add clippy
- - uses: actions-rs/cargo@v1
- with:
- command: clippy
- args: -- -D warnings
-
- run:
- name: Run
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@v3
- - uses: actions-rs/toolchain@v1
- with:
- profile: minimal
- toolchain: stable
- override: true
- - uses: actions-rs/cargo@v1
- with:
- command: run
- args: -- fcuny.net
+ - name: git checkout
+ uses: actions/checkout@v3
+ - name: install nix
+ uses: cachix/install-nix-action@v17
+ - name: Set up Rust cache
+ uses: actions/cache@v3
+ with:
+ path: |
+ ~/.cargo/bin/
+ ~/.cargo/registry/index/
+ ~/.cargo/registry/cache/
+ ~/.cargo/git/db/
+ target/
+ key: x509-info-app-${{ hashFiles('**/Cargo.lock') }}
+ - name: test
+ run: nix develop --command cargo test
+ - name: build
+ run: nix build .
+ - name: validate
+ run: nix run . -- fcuny.net
diff --git a/src/x509-info/.gitignore b/src/x509-info/.gitignore
index ea8c4bf..53e2c1a 100644
--- a/src/x509-info/.gitignore
+++ b/src/x509-info/.gitignore
@@ -1 +1,3 @@
/target
+/result
+/.pre-commit-config.yaml
diff --git a/src/x509-info/Cargo.lock b/src/x509-info/Cargo.lock
index e00923a..005aee6 100644
--- a/src/x509-info/Cargo.lock
+++ b/src/x509-info/Cargo.lock
@@ -24,7 +24,7 @@ dependencies = [
"num-traits",
"rusticata-macros",
"thiserror",
- "time 0.3.15",
+ "time",
]
[[package]]
@@ -69,9 +69,9 @@ checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
[[package]]
name = "base64"
-version = "0.13.0"
+version = "0.13.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "904dfeac50f3cdaba28fc6f57fdcddb75f49ed61346676a78c4ffe55877802fd"
+checksum = "9e1b586273c5702936fe7b7d6896644d8be71e6314cfe09d3167c95f712589e8"
[[package]]
name = "bitflags"
@@ -87,9 +87,9 @@ checksum = "572f695136211188308f16ad2ca5c851a712c464060ae6974944458eb83880ba"
[[package]]
name = "cc"
-version = "1.0.73"
+version = "1.0.74"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2fff2a6927b3bb87f9595d67196a70493f627687a71d87a0d692242c33f58c11"
+checksum = "581f5dba903aac52ea3feb5ec4810848460ee833876f1f9b0fdeab1f19091574"
[[package]]
name = "cfg-if"
@@ -104,11 +104,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "bfd4d1b31faaa3a89d7934dbded3111da0d2ef28e3ebccdb4f0179f5929d1ef1"
dependencies = [
"iana-time-zone",
- "js-sys",
"num-integer",
"num-traits",
- "time 0.1.44",
- "wasm-bindgen",
"winapi",
]
@@ -177,9 +174,9 @@ checksum = "5827cebf4670468b8772dd191856768aedcb1b0278a04f989f7766351917b9dc"
[[package]]
name = "cxx"
-version = "1.0.79"
+version = "1.0.80"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f83d0ebf42c6eafb8d7c52f7e5f2d3003b89c7aa4fd2b79229209459a849af8"
+checksum = "6b7d4e43b25d3c994662706a1d4fcfc32aaa6afd287502c111b237093bb23f3a"
dependencies = [
"cc",
"cxxbridge-flags",
@@ -189,9 +186,9 @@ dependencies = [
[[package]]
name = "cxx-build"
-version = "1.0.79"
+version = "1.0.80"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07d050484b55975889284352b0ffc2ecbda25c0c55978017c132b29ba0818a86"
+checksum = "84f8829ddc213e2c1368e51a2564c552b65a8cb6a28f31e576270ac81d5e5827"
dependencies = [
"cc",
"codespan-reporting",
@@ -204,15 +201,15 @@ dependencies = [
[[package]]
name = "cxxbridge-flags"
-version = "1.0.79"
+version = "1.0.80"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "99d2199b00553eda8012dfec8d3b1c75fce747cf27c169a270b3b99e3448ab78"
+checksum = "e72537424b474af1460806647c41d4b6d35d09ef7fe031c5c2fa5766047cc56a"
[[package]]
name = "cxxbridge-macro"
-version = "1.0.79"
+version = "1.0.80"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dcb67a6de1f602736dd7eaead0080cf3435df806c61b24b13328db128c58868f"
+checksum = "309e4fb93eed90e1e14bea0da16b209f81813ba9fc7830c20ed151dd7bc0a4d7"
dependencies = [
"proc-macro2",
"quote",
@@ -267,9 +264,9 @@ dependencies = [
[[package]]
name = "iana-time-zone"
-version = "0.1.51"
+version = "0.1.53"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f5a6ef98976b22b3b7f2f3a806f858cb862044cfa66805aa3ad84cb3d3b785ed"
+checksum = "64c122667b287044802d6ce17ee2ddf13207ed924c712de9a66a5814d5b64765"
dependencies = [
"android_system_properties",
"core-foundation-sys",
@@ -312,9 +309,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
[[package]]
name = "libc"
-version = "0.2.135"
+version = "0.2.137"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "68783febc7782c6c5cb401fbda4de5a9898be1762314da0bb2c10ced61f18b0c"
+checksum = "fc7fcc620a3bff7cdd7a365be3376c97191aeaccc2a603e600951e452615bf89"
[[package]]
name = "link-cplusplus"
@@ -406,9 +403,9 @@ dependencies = [
[[package]]
name = "once_cell"
-version = "1.15.0"
+version = "1.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1"
+checksum = "86f0b0d4bf799edbc74508c1e8bf170ff5f41238e5f8225603ca7caaae2b7860"
[[package]]
name = "openssl-probe"
@@ -418,9 +415,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf"
[[package]]
name = "os_str_bytes"
-version = "6.3.0"
+version = "6.3.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9ff7415e9ae3fff1225851df9e0d9e4e5479f947619774677a63572e55e80eff"
+checksum = "3baf96e39c5359d2eb0dd6ccb42c62b91d9678aa68160d261b9e0ccbf9e9dea9"
[[package]]
name = "proc-macro-error"
@@ -571,6 +568,12 @@ dependencies = [
]
[[package]]
+name = "serde"
+version = "1.0.147"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d193d69bae983fc11a79df82342761dfbf28a99fc8d203dca4c3c1b590948965"
+
+[[package]]
name = "spin"
version = "0.5.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -584,9 +587,9 @@ checksum = "73473c0e59e6d5812c5dfe2a064a6444949f089e20eec9a2e5506596494e4623"
[[package]]
name = "syn"
-version = "1.0.102"
+version = "1.0.103"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3fcd952facd492f9be3ef0d0b7032a6e442ee9b361d4acc2b1d0c4aaa5f613a1"
+checksum = "a864042229133ada95abf3b54fdc62ef5ccabe9515b64717bcb9a1919e59445d"
dependencies = [
"proc-macro2",
"quote",
@@ -636,32 +639,32 @@ dependencies = [
[[package]]
name = "time"
-version = "0.1.44"
+version = "0.3.16"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6db9e6914ab8b1ae1c260a4ae7a49b6c5611b40328a735b21862567685e73255"
-dependencies = [
- "libc",
- "wasi",
- "winapi",
-]
-
-[[package]]
-name = "time"
-version = "0.3.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c"
+checksum = "0fab5c8b9980850e06d92ddbe3ab839c062c801f3927c0fb8abd6fc8e918fbca"
dependencies = [
"itoa",
"libc",
"num_threads",
+ "serde",
+ "time-core",
"time-macros",
]
[[package]]
+name = "time-core"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "2e153e1f1acaef8acc537e68b44906d2db6436e2b35ac2c6b42640fff91f00fd"
+
+[[package]]
name = "time-macros"
-version = "0.2.4"
+version = "0.2.5"
source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "42657b1a6f4d817cda8e7a0ace261fe0cc946cf3a80314390b22cc61ae080792"
+checksum = "65bb801831d812c562ae7d2bfb531f26e66e4e1f6b17307ba4149c5064710e5b"
+dependencies = [
+ "time-core",
+]
[[package]]
name = "unicode-ident"
@@ -694,12 +697,6 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
[[package]]
-name = "wasi"
-version = "0.10.0+wasi-snapshot-preview1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1a143597ca7c7793eff794def352d41792a93c481eb1042423ff7ff72ba2c31f"
-
-[[package]]
name = "wasm-bindgen"
version = "0.2.83"
source = "registry+https://github.com/rust-lang/crates.io-index"
@@ -883,5 +880,5 @@ dependencies = [
"oid-registry",
"rusticata-macros",
"thiserror",
- "time 0.3.15",
+ "time",
]
diff --git a/src/x509-info/Cargo.toml b/src/x509-info/Cargo.toml
index 5f92f1b..4120200 100644
--- a/src/x509-info/Cargo.toml
+++ b/src/x509-info/Cargo.toml
@@ -6,7 +6,7 @@ edition = "2021"
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
-chrono = "0.4"
+chrono = {version = "0.4.20", features = ["clock"], default-features = false }
clap = {version = "4.0.18", features = ["derive", "cargo"]}
rustls = "0.20.7"
rustls-native-certs = "0.6.2"
diff --git a/src/x509-info/deny.toml b/src/x509-info/deny.toml
new file mode 100644
index 0000000..fd95cdb
--- /dev/null
+++ b/src/x509-info/deny.toml
@@ -0,0 +1,46 @@
+[advisories]
+db-path = "~/.cargo/advisory-db"
+db-urls = ["https://github.com/rustsec/advisory-db"]
+vulnerability = "deny"
+unmaintained = "warn"
+yanked = "warn"
+notice = "warn"
+ignore = []
+
+[licenses]
+unlicensed = "deny"
+allow = ["MIT", "Apache-2.0", "ISC", "Unicode-DFS-2016", "OpenSSL"]
+deny = []
+copyleft = "allow"
+default = "deny"
+confidence-threshold = 0.8
+exceptions = []
+
+[licenses.private]
+ignore = false
+registries = []
+
+# see https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html#example
+[[licenses.clarify]]
+name = "ring"
+expression = "MIT AND ISC AND OpenSSL"
+license-files = [
+ { path = "LICENSE", hash = 0xbd0eed23 }
+]
+
+[bans]
+multiple-versions = "warn"
+wildcards = "allow"
+highlight = "all"
+allow = []
+deny = []
+skip = []
+skip-tree = []
+
+[sources]
+unknown-registry = "warn"
+unknown-git = "warn"
+allow-registry = ["https://github.com/rust-lang/crates.io-index"]
+allow-git = []
+
+[sources.allow-org]
diff --git a/src/x509-info/flake.lock b/src/x509-info/flake.lock
index 610cec8..c3ece1f 100644
--- a/src/x509-info/flake.lock
+++ b/src/x509-info/flake.lock
@@ -15,55 +15,8 @@
"type": "github"
}
},
- "flake-utils_2": {
- "locked": {
- "lastModified": 1659877975,
- "narHash": "sha256-zllb8aq3YO3h8B/U0/J1WBgAL8EX5yWf5pMj3G0NAmc=",
- "owner": "numtide",
- "repo": "flake-utils",
- "rev": "c0e246b9b83f637f4681389ecabcb2681b4f3af0",
- "type": "github"
- },
- "original": {
- "owner": "numtide",
- "repo": "flake-utils",
- "type": "github"
- }
- },
- "naersk": {
- "inputs": {
- "nixpkgs": "nixpkgs"
- },
- "locked": {
- "lastModified": 1662220400,
- "narHash": "sha256-9o2OGQqu4xyLZP9K6kNe1pTHnyPz0Wr3raGYnr9AIgY=",
- "owner": "nmattia",
- "repo": "naersk",
- "rev": "6944160c19cb591eb85bbf9b2f2768a935623ed3",
- "type": "github"
- },
- "original": {
- "owner": "nmattia",
- "repo": "naersk",
- "type": "github"
- }
- },
"nixpkgs": {
"locked": {
- "lastModified": 1666215963,
- "narHash": "sha256-+kSNzDXqoEVEryrJ9WrvGSvi784xPMXkk7jTJPFdT/k=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "e66821278399ba9565178ce3b525e72275fe004e",
- "type": "github"
- },
- "original": {
- "id": "nixpkgs",
- "type": "indirect"
- }
- },
- "nixpkgs_2": {
- "locked": {
"lastModified": 1666229941,
"narHash": "sha256-0e6aB1+ZqKuQdyjwgHltHlWMYJZCn6b0gYxdTSfIKCE=",
"owner": "NixOS",
@@ -77,34 +30,45 @@
"type": "github"
}
},
- "nixpkgs_3": {
+ "pre-commit-hooks": {
+ "inputs": {
+ "flake-utils": [
+ "flake-utils"
+ ],
+ "nixpkgs": [
+ "nixpkgs"
+ ]
+ },
"locked": {
- "lastModified": 1665296151,
- "narHash": "sha256-uOB0oxqxN9K7XGF1hcnY+PQnlQJ+3bP2vCn/+Ru/bbc=",
- "owner": "NixOS",
- "repo": "nixpkgs",
- "rev": "14ccaaedd95a488dd7ae142757884d8e125b3363",
+ "lastModified": 1666604592,
+ "narHash": "sha256-Bxy7xeVAwC0yxFaeYZM7N9Us/ebxpMC9TCceKEFeay4=",
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
+ "rev": "1b436f36e2812c589e6d830e3223059ea9661100",
"type": "github"
},
"original": {
- "owner": "NixOS",
- "ref": "nixpkgs-unstable",
- "repo": "nixpkgs",
+ "owner": "cachix",
+ "repo": "pre-commit-hooks.nix",
"type": "github"
}
},
"root": {
"inputs": {
"flake-utils": "flake-utils",
- "naersk": "naersk",
- "nixpkgs": "nixpkgs_2",
+ "nixpkgs": "nixpkgs",
+ "pre-commit-hooks": "pre-commit-hooks",
"rust-overlay": "rust-overlay"
}
},
"rust-overlay": {
"inputs": {
- "flake-utils": "flake-utils_2",
- "nixpkgs": "nixpkgs_3"
+ "flake-utils": [
+ "flake-utils"
+ ],
+ "nixpkgs": [
+ "nixpkgs"
+ ]
},
"locked": {
"lastModified": 1666234887,
diff --git a/src/x509-info/flake.nix b/src/x509-info/flake.nix
index 0dbaee0..6061f08 100644
--- a/src/x509-info/flake.nix
+++ b/src/x509-info/flake.nix
@@ -4,53 +4,89 @@
inputs = {
flake-utils.url = "github:numtide/flake-utils";
nixpkgs.url = "github:NixOS/nixpkgs";
- rust-overlay.url = "github:oxalica/rust-overlay";
- naersk.url = "github:nmattia/naersk";
+ rust-overlay = {
+ url = "github:oxalica/rust-overlay";
+ inputs = {
+ flake-utils.follows = "flake-utils";
+ nixpkgs.follows = "nixpkgs";
+ };
+ };
+ pre-commit-hooks = {
+ url = "github:cachix/pre-commit-hooks.nix";
+ inputs = {
+ flake-utils.follows = "flake-utils";
+ nixpkgs.follows = "nixpkgs";
+ };
+ };
};
outputs =
{ self
, flake-utils
, nixpkgs
- , naersk
, rust-overlay
+ , pre-commit-hooks
}:
+ let
+ # Borrow project metadata from the Rust config
+ meta = (builtins.fromTOML (builtins.readFile ./Cargo.toml)).package;
+ inherit (meta) name version;
+ overlays = [
+ # Rust helpers
+ (import rust-overlay)
+ # Build Rust toolchain using helpers from rust-overlay
+ (self: super: {
+ # This supplies cargo, rustc, rustfmt, etc.
+ rustToolchain = super.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml;
+ })
+ ];
+ in
flake-utils.lib.eachDefaultSystem
(system:
let
- overlays = [ (import rust-overlay) ];
- pkgs = import nixpkgs { inherit system overlays; };
- rust-toolchain =
- (pkgs.rust-bin.fromRustupToolchainFile ./rust-toolchain.toml).override {
- extensions = [ "rust-src" ];
- };
- naersk-lib = naersk.lib."${system}".override {
- rustc = rust-toolchain;
- };
+ pkgs = import nixpkgs { inherit overlays system; };
in
- rec
{
- packages.x509-info = naersk-lib.buildPackage {
- pname = "x509-info";
- root = ./.;
- buildInputs = with pkgs; [ ];
+ packages = rec {
+ default = x509-info;
+ x509-info = pkgs.rustPlatform.buildRustPackage {
+ pname = name;
+ inherit version;
+ src = ./.;
+ release = true;
+ cargoLock.lockFile = ./Cargo.lock;
+ };
};
- defaultPackage = packages.x509-info;
+ checks = {
+ pre-commit = pre-commit-hooks.lib.${system}.run {
+ src = ./.;
+ hooks = {
+ clippy = {
+ enable = true;
+ entry = pkgs.lib.mkForce "cargo clippy -- -D warnings";
+ };
+ nixpkgs-fmt = {
+ enable = true;
+ };
+ rustfmt = {
+ enable = true;
+ entry = pkgs.lib.mkForce "cargo fmt -- --check --color always";
+ };
+ };
+ };
+ };
devShell = pkgs.mkShell {
nativeBuildInputs = with pkgs; [
- rust-toolchain
+ rustToolchain
cargo-audit
cargo-deny
- cargo-cross
rust-analyzer
- ] ++ pkgs.lib.optionals (pkgs.stdenv.isLinux) (with pkgs; [ cargo-watch ]);
+ ];
- shellHook = ''
- cargo --version
- '';
+ inherit (self.checks.${system}.pre-commit) shellHook;
};
})
// {
@@ -59,3 +95,4 @@
};
};
}
+
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 07:13:12 +0000