Skip to content

Commit 32c2275

Browse files
taariqtaariq
committed
fix(ci): replace unmaintained deps for security audit
1 parent a572d36 commit 32c2275

File tree

4 files changed

+74
-10
lines changed

4 files changed

+74
-10
lines changed

Cargo.lock

Lines changed: 16 additions & 9 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

Cargo.toml

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,8 @@ indicatif = "0.18"
3636
which = "6.0"
3737
home = ">=0.5.4, <0.5.12" # Pin to avoid v0.5.12 which requires unstable edition2024
3838
rand = "0.8"
39-
reqwest = { version = "0.11", features = ["json"] }
39+
# Disable rustls to avoid pulling rustls-pemfile (unmaintained)
40+
reqwest = { version = "0.11", default-features = false, features = ["json", "native-tls"] }
4041
serde = { version = "1.0", features = ["derive"] }
4142
serde_json = "1.0"
4243
sha2 = "0.10"
@@ -51,6 +52,12 @@ url = "2.5"
5152
chrono = { version = "0.4", default-features = false, features = ["clock", "serde"] }
5253
libc = "0.2"
5354
rust_decimal = { version = "1.39", features = ["db-tokio-postgres"] }
55+
tonic = { version = "0.11", features = ["transport"] }
56+
tower = "0.4"
57+
sqlite-watcher = { path = "sqlite-watcher" }
58+
59+
[patch.crates-io]
60+
fxhash = { path = "third-party/fxhash" }
5461

5562
[target.'cfg(unix)'.dependencies]
5663
daemonize = "0.5"

third-party/fxhash/Cargo.toml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
[package]
2+
name = "fxhash"
3+
version = "0.2.1"
4+
edition = "2018"
5+
description = "Local replacement for fxhash using rustc-hash"
6+
license = "CC0-1.0"
7+
publish = false
8+
9+
[dependencies]
10+
rustc-hash = "1.1"

third-party/fxhash/src/lib.rs

Lines changed: 40 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,40 @@
1+
use std::collections::{HashMap, HashSet};
2+
use std::fmt;
3+
use std::hash::{BuildHasherDefault, Hasher};
4+
5+
use rustc_hash::FxHasher as InnerFxHasher;
6+
7+
pub struct FxHasher(InnerFxHasher);
8+
9+
impl Default for FxHasher {
10+
fn default() -> Self {
11+
Self(InnerFxHasher::default())
12+
}
13+
}
14+
15+
impl Clone for FxHasher {
16+
fn clone(&self) -> Self {
17+
// FxHasher does not implement Clone; start a new hasher
18+
Self::default()
19+
}
20+
}
21+
22+
impl fmt::Debug for FxHasher {
23+
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
24+
f.debug_struct("FxHasher").finish()
25+
}
26+
}
27+
28+
impl Hasher for FxHasher {
29+
fn finish(&self) -> u64 {
30+
self.0.finish()
31+
}
32+
33+
fn write(&mut self, bytes: &[u8]) {
34+
self.0.write(bytes)
35+
}
36+
}
37+
38+
pub type FxBuildHasher = BuildHasherDefault<FxHasher>;
39+
pub type FxHashMap<K, V> = HashMap<K, V, FxBuildHasher>;
40+
pub type FxHashSet<V> = HashSet<V, FxBuildHasher>;

0 commit comments

Comments
 (0)