From ce3c8a5193fb51fea015289774a64ceb37b1f992 Mon Sep 17 00:00:00 2001 From: Joy Wang <108701016+joyqvq@users.noreply.github.com> Date: Thu, 2 Jan 2025 10:20:02 -0500 Subject: [PATCH] fix cargo deny according to sui --- .cargo/config | 10 ---- .cargo/config.toml | 32 +++++++++++++ Cargo.lock | 97 +++----------------------------------- deny.toml | 74 +++++++---------------------- fastcrypto-tbls/Cargo.toml | 2 +- fastcrypto/Cargo.toml | 2 +- 6 files changed, 59 insertions(+), 158 deletions(-) delete mode 100644 .cargo/config create mode 100644 .cargo/config.toml diff --git a/.cargo/config b/.cargo/config deleted file mode 100644 index 4c213c5a99..0000000000 --- a/.cargo/config +++ /dev/null @@ -1,10 +0,0 @@ -[alias] -# Collection of project wide clippy lints. This is done via an alias because -# clippy doesn't currently allow for specifying project-wide lints in a -# configuration file. This is a similar workaround to the ones presented here: -# -xclippy = [ - "clippy", "--all-targets", "--all-features", "--", - "-Wclippy::all", - "-Wclippy::disallowed_methods", -] diff --git a/.cargo/config.toml b/.cargo/config.toml new file mode 100644 index 0000000000..a342267d27 --- /dev/null +++ b/.cargo/config.toml @@ -0,0 +1,32 @@ +[alias] +# Collection of project wide clippy lints. This is done via an alias because +# clippy doesn't currently allow for specifiying project-wide lints in a +# configuration file. This is a similar workaround to the ones presented here: +# +xclippy = [ + "clippy", "--all-targets", "--all-features", "--", + "-Wclippy::all", + "-Wclippy::disallowed_methods", + "-Aclippy::unnecessary_get_then_check", +] +xlint = "run --package x --bin x -- lint" +xtest = "run --package x --bin x -- external-crates-tests" + +# Configuration specifically for running clippy on `external-crates/move/`. +# Some of these allows are to avoid code churn; others are filed as issues on the `sui` repo now. +move-clippy = [ + "clippy", + "--all-targets", + "--", + "-Wclippy::all", + "-Wclippy::disallowed_methods", + "-Aclippy::upper_case_acronyms", + "-Aclippy::type_complexity", + "-Aclippy::new_without_default", + "-Aclippy::question_mark", + "-Aclippy::unnecessary_get_then_check", + "-Aclippy::needless_borrows_for_generic_args", +] + +[build] +rustflags = ["-C", "force-frame-pointers=yes", "-C", "force-unwind-tables=yes"] diff --git a/Cargo.lock b/Cargo.lock index f3283fdf37..dca818c65c 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -360,17 +360,6 @@ dependencies = [ "wait-timeout", ] -[[package]] -name = "atty" -version = "0.2.14" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d9b39be18770d11421cdb1b9947a45dd3f37e93092cbf377614828a319d5fee8" -dependencies = [ - "hermit-abi 0.1.19", - "libc", - "winapi", -] - [[package]] name = "auto_ops" version = "0.3.0" @@ -787,18 +776,6 @@ dependencies = [ "inout", ] -[[package]] -name = "clap" -version = "3.2.23" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "71655c45cb9845d3270c9d6df84ebe72b4dad3c2ba3f7023ad47c144e4e473a5" -dependencies = [ - "bitflags 1.3.2", - "clap_lex 0.2.4", - "indexmap", - "textwrap", -] - [[package]] name = "clap" version = "4.1.8" @@ -807,7 +784,7 @@ checksum = "c3d7ae14b20b94cb02149ed21a86c423859cbe18dc7ed69845cace50e52b40a5" dependencies = [ "bitflags 1.3.2", "clap_derive", - "clap_lex 0.3.2", + "clap_lex", "is-terminal", "once_cell", "strsim 0.10.0", @@ -827,15 +804,6 @@ dependencies = [ "syn 1.0.109", ] -[[package]] -name = "clap_lex" -version = "0.2.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2850f2f5a82cbf437dd5af4d49848fbdfc27c157c3d010345776f952765261c5" -dependencies = [ - "os_str_bytes", -] - [[package]] name = "clap_lex" version = "0.3.2" @@ -881,32 +849,6 @@ dependencies = [ "libc", ] -[[package]] -name = "criterion" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e7c76e09c1aae2bc52b3d2f29e13c6572553b30c4aa1b8a49fd70de6412654cb" -dependencies = [ - "anes", - "atty", - "cast", - "ciborium", - "clap 3.2.23", - "criterion-plot", - "itertools 0.10.5", - "lazy_static", - "num-traits", - "oorandom", - "plotters", - "rayon", - "regex", - "serde", - "serde_derive", - "serde_json", - "tinytemplate", - "walkdir", -] - [[package]] name = "criterion" version = "0.5.1" @@ -916,7 +858,7 @@ dependencies = [ "anes", "cast", "ciborium", - "clap 4.1.8", + "clap", "criterion-plot", "is-terminal", "itertools 0.10.5", @@ -1308,7 +1250,7 @@ dependencies = [ "bs58", "bulletproofs", "cbc", - "criterion 0.4.0", + "criterion", "ctr", "curve25519-dalek-ng", "derive_more", @@ -1361,7 +1303,7 @@ version = "0.1.1" dependencies = [ "assert_cmd", "bcs", - "clap 4.1.8", + "clap", "exitcode", "fastcrypto", "fastcrypto-vdf", @@ -1384,7 +1326,7 @@ name = "fastcrypto-tbls" version = "0.1.0" dependencies = [ "bcs", - "criterion 0.4.0", + "criterion", "digest 0.10.7", "fastcrypto", "generic-tests", @@ -1404,7 +1346,7 @@ name = "fastcrypto-vdf" version = "0.1.0" dependencies = [ "bcs", - "criterion 0.5.1", + "criterion", "fastcrypto", "hex", "lazy_static", @@ -1437,7 +1379,7 @@ dependencies = [ "bcs", "blake2", "byte-slice-cast", - "criterion 0.5.1", + "criterion", "derive_more", "fastcrypto", "ff 0.13.0", @@ -1695,15 +1637,6 @@ version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "95505c38b4572b2d910cecb0281560f54b440a19336cbbcb27bf6ce6adc6f5a8" -[[package]] -name = "hermit-abi" -version = "0.1.19" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62b467343b94ba476dcb2500d242dadbb39557df889310ac77c5d99100aaac33" -dependencies = [ - "libc", -] - [[package]] name = "hermit-abi" version = "0.2.6" @@ -1879,16 +1812,6 @@ dependencies = [ "version_check", ] -[[package]] -name = "indexmap" -version = "1.9.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1885e79c1fc4b10f0e172c475f458b7f7b93061064d98c3293e98c5ba0c8b399" -dependencies = [ - "autocfg", - "hashbrown 0.12.3", -] - [[package]] name = "inout" version = "0.1.3" @@ -3471,12 +3394,6 @@ dependencies = [ "syn 2.0.77", ] -[[package]] -name = "textwrap" -version = "0.16.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "222a222a5bfe1bba4a77b45ec488a741b3cb8872e5e499451fd7d0129c9c7c3d" - [[package]] name = "thiserror" version = "1.0.49" diff --git a/deny.toml b/deny.toml index c8640f3e4a..7a95243df2 100644 --- a/deny.toml +++ b/deny.toml @@ -9,49 +9,28 @@ # The values provided in this template are the default values that will be used # when any section or field is not specified in your own configuration -# If 1 or more target triples (and optionally, target_features) are specified, -# only the specified targets will be checked when running `cargo deny check`. -# This means, if a particular package is only ever used as a target-specific -# dependency, such as, for example, the `nix` crate only being used via the -# `target_family = "unix"` configuration, that only having windows targets in -# this list would mean the nix crate, as well as any of its exclusive -# dependencies not shared by any other crates, would be ignored, as the target -# list here is effectively saying which targets you are building for. -targets = [ - # The triple can be any string, but only the target triples built into - # rustc (as of 1.40) can be checked against actual config expressions - #{ triple = "x86_64-unknown-linux-musl" }, - # You can also specify which target_features you promise are enabled for a - # particular target. target_features are currently not validated against - # the actual valid features supported by the target architecture. - #{ triple = "wasm32-unknown-unknown", features = ["atomics"] }, -] - # This section is considered when running `cargo deny check advisories` # More documentation for the advisories section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/advisories/cfg.html [advisories] +version = 2 # The path where the advisory database is cloned/fetched into db-path = "~/.cargo/advisory-db" # The url(s) of the advisory databases to use db-urls = ["https://github.com/rustsec/advisory-db"] -# The lint level for security vulnerabilities -vulnerability = "deny" -# The lint level for unmaintained crates -unmaintained = "warn" -# The lint level for crates that have been yanked from their source registry -yanked = "warn" -# The lint level for crates with security notices. Note that as of -# 2019-12-17 there are no security notice advisories in -# https://github.com/rustsec/advisory-db -notice = "warn" # A list of advisory IDs to ignore. Note that ignored advisories will still # output a note when they are encountered. ignore = [ #"RUSTSEC-0000-0000", "RUSTSEC-2023-0071", - # reqwest uses unpatched rustls (also in Sui) - "RUSTSEC-2024-0336", + # allow unmaintained proc-macro-error used in transitive dependencies (also in Sui) + "RUSTSEC-2024-0370", + # allow unmaintained instant crate used in transitive dependencies (backoff, cached, fastrand, parking_lot_*, also in Sui) + "RUSTSEC-2024-0384", + # allow outdated 'idna' until passkey-client crate is able to update (also in Sui) + "RUSTSEC-2024-0421", + # allow unmaintained derivative crate used in transitive dependencies (ark-*, also in Sui) + "RUSTSEC-2024-0388", ] # Threshold for security vulnerabilities, any vulnerability with a CVSS score # lower than the range specified will be ignored. Note that ignored advisories @@ -67,8 +46,7 @@ ignore = [ # More documentation for the licenses section can be found here: # https://embarkstudios.github.io/cargo-deny/checks/licenses/cfg.html [licenses] -# The lint level for crates that do not have a detectable license -unlicensed = "deny" +version = 2 # List of explicitly allowed licenses # See https://spdx.org/licenses/ for list of possible licenses # [possible values: any SPDX 3.11 short identifier (+ optional exception)]. @@ -76,34 +54,18 @@ allow = [ "MIT", "BSD-2-Clause", "BSD-3-Clause", - "CC0-1.0", "Apache-2.0", - "LicenseRef-ring", + "MPL-2.0", "ISC", + "CC0-1.0", + "0BSD", + "LicenseRef-ring", + "Unlicense", + "BSL-1.0", "Unicode-DFS-2016", - "Apache-2.0 WITH LLVM-exception", - "0BSD" -] -# List of explicitly disallowed licenses -# See https://spdx.org/licenses/ for list of possible licenses -# [possible values: any SPDX 3.11 short identifier (+ optional exception)]. -deny = [ - #"Nokia", + "Unicode-3.0", + #"Apache-2.0 WITH LLVM-exception", ] -# Lint level for licenses considered copyleft -copyleft = "warn" -# Blanket approval or denial for OSI-approved or FSF Free/Libre licenses -# * both - The license will be approved if it is both OSI-approved *AND* FSF -# * either - The license will be approved if it is either OSI-approved *OR* FSF -# * osi-only - The license will be approved if is OSI-approved *AND NOT* FSF -# * fsf-only - The license will be approved if is FSF *AND NOT* OSI-approved -# * neither - This predicate is ignored and the default lint level is used -allow-osi-fsf-free = "neither" -# Lint level used when no other predicates are matched -# 1. License isn't in the allow or deny lists -# 2. License isn't copyleft -# 3. License isn't OSI/FSF, or allow-osi-fsf-free = "neither" -default = "deny" # The confidence threshold for detecting a license from license text. # The higher the value, the more closely the license text must be to the # canonical license text of a valid SPDX license file. diff --git a/fastcrypto-tbls/Cargo.toml b/fastcrypto-tbls/Cargo.toml index ef10381d31..97fec8fa16 100644 --- a/fastcrypto-tbls/Cargo.toml +++ b/fastcrypto-tbls/Cargo.toml @@ -25,7 +25,7 @@ hex = "0.4.3" tap = { version = "1.0.1", features = [] } [dev-dependencies] -criterion = "0.4.0" +criterion = "0.5.1" generic-tests = "0.1.2" [[bench]] diff --git a/fastcrypto/Cargo.toml b/fastcrypto/Cargo.toml index 9a80f4b0a9..d4ff1b15e8 100644 --- a/fastcrypto/Cargo.toml +++ b/fastcrypto/Cargo.toml @@ -114,7 +114,7 @@ experimental = ["dep:bulletproofs", "dep:merlin"] aes = ["dep:aes", "dep:cbc", "dep:aes-gcm", "dep:ctr"] [dev-dependencies] -criterion = "0.4.0" +criterion = "0.5.1" k256 = { version = "0.11.6", features = ["ecdsa", "sha256", "keccak256"] } proptest = "1.1.0" serde-reflection = "0.3.6"