From b4681e5fd9117e7ebc1aeb525505fc683b27106b Mon Sep 17 00:00:00 2001 From: Eric Swanson Date: Wed, 7 May 2025 09:38:28 -0700 Subject: [PATCH 1/7] chore: fix audit failure --- rust-toolchain.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-toolchain.toml b/rust-toolchain.toml index c1f5c7b..f19c7df 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ [toolchain] -channel = "1.75.0" +channel = "1.81.0" components = ["rustfmt", "clippy"] From 4a84abd071800effe5f3af81330106e88ecb9145 Mon Sep 17 00:00:00 2001 From: Eric Swanson Date: Wed, 7 May 2025 09:40:23 -0700 Subject: [PATCH 2/7] 1.84 --- rust-toolchain.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rust-toolchain.toml b/rust-toolchain.toml index f19c7df..58e76ec 100644 --- a/rust-toolchain.toml +++ b/rust-toolchain.toml @@ -1,3 +1,3 @@ [toolchain] -channel = "1.81.0" +channel = "1.84.0" components = ["rustfmt", "clippy"] From 0b2ac500163fd7fecbbfe1fbb9209e5ef363b62b Mon Sep 17 00:00:00 2001 From: Eric Swanson Date: Wed, 7 May 2025 11:44:02 -0700 Subject: [PATCH 3/7] update commit and cache versions --- .github/workflows/fmt.yml | 2 +- .github/workflows/lint.yml | 4 ++-- .github/workflows/test.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/fmt.yml b/.github/workflows/fmt.yml index e665005..cf5becb 100644 --- a/.github/workflows/fmt.yml +++ b/.github/workflows/fmt.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Run Cargo Fmt run: cargo fmt --all -- --check diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 90ad01b..a08b422 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -12,10 +12,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - name: Cache Cargo - uses: actions/cache@v2 + uses: actions/cache@v4 with: path: | ~/.cargo/registry diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 7f77f46..62a2011 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -15,7 +15,7 @@ jobs: matrix: os: [ubuntu-latest, macos-latest] steps: - - uses: actions/checkout@master + - uses: actions/checkout@v4 - uses: actions/cache@v4 with: From 517a4301608532335f5474aae6e0bf4a5333ca70 Mon Sep 17 00:00:00 2001 From: Eric Swanson Date: Wed, 7 May 2025 11:47:34 -0700 Subject: [PATCH 4/7] lint --- src/dfxvm/self_update.rs | 3 +-- src/fs.rs | 1 - 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/src/dfxvm/self_update.rs b/src/dfxvm/self_update.rs index c043a61..bf84721 100644 --- a/src/dfxvm/self_update.rs +++ b/src/dfxvm/self_update.rs @@ -119,8 +119,7 @@ fn extract_binary( Archive::new(tar) .entries() .map_err(ReadArchiveEntries)? - .enumerate() - .filter_map(|(_i, entry)| entry.ok()) + .filter_map(|entry| entry.ok()) .find(|entry| { entry .header() diff --git a/src/fs.rs b/src/fs.rs index c98ab28..7bcd0ec 100644 --- a/src/fs.rs +++ b/src/fs.rs @@ -9,7 +9,6 @@ use std::path::{Path, PathBuf}; // Derived from append_file() in https://github.com/rust-lang/rustup/blob/master/src/utils/raw.rs pub fn append_to_file(dest: &Path, line: &str) -> Result<(), AppendToFileError> { let mut file = std::fs::OpenOptions::new() - .write(true) .append(true) .create(true) .open(dest) From 1a4b34cdee53abeb1b3f230cf3e5b95be5f90942 Mon Sep 17 00:00:00 2001 From: Eric Swanson Date: Wed, 7 May 2025 13:07:08 -0700 Subject: [PATCH 5/7] update crossbeam-channel and ring --- Cargo.lock | 21 +++++++-------------- 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 9921f57..af8f6c8 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1,6 +1,6 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. -version = 3 +version = 4 [[package]] name = "addr2line" @@ -189,9 +189,9 @@ checksum = "325918d6fe32f23b19878fe4b34794ae41fc19ddbe53b10571a4874d44ffd39b" [[package]] name = "cc" -version = "1.2.3" +version = "1.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "27f657647bcff5394bf56c7317665bbf790a137a50eaaa5c6bfbb9e27a518f2d" +checksum = "8691782945451c1c383942c4874dbe63814f61cb57ef773cda2972682b7bb3c0" dependencies = [ "shlex", ] @@ -293,9 +293,9 @@ dependencies = [ [[package]] name = "crossbeam-channel" -version = "0.5.13" +version = "0.5.15" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "33480d6946193aa8033910124896ca395333cae7e2d1113d1fef6c3272217df2" +checksum = "82b8f8f868b36967f9606790d1903570de9ceaf870a7bf9fbbd3016d636a2cb2" dependencies = [ "crossbeam-utils", ] @@ -1433,15 +1433,14 @@ dependencies = [ [[package]] name = "ring" -version = "0.17.8" +version = "0.17.14" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c17fa4cb658e3583423e915b9f3acc01cceaee1860e33d59ebae66adc3a2dc0d" +checksum = "a4689e6c2294d81e88dc6261c768b63bc4fcdb852be6d1352498b114f61383b7" dependencies = [ "cc", "cfg-if", "getrandom", "libc", - "spin", "untrusted", "windows-sys 0.52.0", ] @@ -1621,12 +1620,6 @@ dependencies = [ "windows-sys 0.52.0", ] -[[package]] -name = "spin" -version = "0.9.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6980e8d7511241f8acf4aebddbb1ff938df5eebe98691418c4468d0b72a96a67" - [[package]] name = "stable_deref_trait" version = "1.2.0" From a3eae6664d3f4540cb8849eb4a16b3be4c317873 Mon Sep 17 00:00:00 2001 From: Vincent Zhang Date: Tue, 24 Jun 2025 20:06:46 +0800 Subject: [PATCH 6/7] Trigger build. From 4f64cd9e707c0dcc2f724b07079aa88543b94c5a Mon Sep 17 00:00:00 2001 From: Vincent Zhang Date: Thu, 26 Jun 2025 15:21:28 +0800 Subject: [PATCH 7/7] Use stable Rust toolchain in audit.yml. --- .github/workflows/audit.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/audit.yml b/.github/workflows/audit.yml index 73593cf..9534406 100644 --- a/.github/workflows/audit.yml +++ b/.github/workflows/audit.yml @@ -16,6 +16,8 @@ concurrency: env: # When getting Rust dependencies, retry on network error: CARGO_NET_RETRY: 10 + # Use the stable toolchain for the audit + RUSTUP_TOOLCHAIN: stable jobs: test: