From 79ed1bba3a26a1add5969825d077169c4e240f26 Mon Sep 17 00:00:00 2001 From: Piotr Heilman Date: Fri, 19 Apr 2024 14:47:49 +0200 Subject: [PATCH] Removed shutdown test. Refactored running testcontainers for db testing. --- crates/postgres-docker-utils/src/lib.rs | 15 +- src/database/mod.rs | 173 +++++++++++------------- src/shutdown.rs | 28 ---- supply-chain/config.toml | 80 +++++------ supply-chain/imports.lock | 146 +++++++++++++++++++- tests/common/mod.rs | 2 +- tests/delete_identities.rs | 2 +- tests/delete_padded_identity.rs | 2 +- tests/identity_history.rs | 2 +- tests/insert_identity_and_proofs.rs | 10 +- tests/malformed_payload.rs | 10 +- tests/multi_prover.rs | 2 +- tests/recover_identities.rs | 2 +- tests/unavailable_prover.rs | 12 +- tests/unreduced_identity.rs | 10 +- tests/validate_proof_with_age.rs | 11 +- tests/validate_proofs.rs | 10 +- 17 files changed, 316 insertions(+), 201 deletions(-) diff --git a/crates/postgres-docker-utils/src/lib.rs b/crates/postgres-docker-utils/src/lib.rs index fa2c2230..e966d55f 100644 --- a/crates/postgres-docker-utils/src/lib.rs +++ b/crates/postgres-docker-utils/src/lib.rs @@ -1,4 +1,5 @@ -use testcontainers::{clients::Cli, Container, RunnableImage}; +use testcontainers::clients::Cli; +use testcontainers::{Container, RunnableImage}; use testcontainers_modules::postgres::Postgres; pub struct DockerContainer<'a> { @@ -7,21 +8,17 @@ pub struct DockerContainer<'a> { impl<'a> DockerContainer<'a> { fn new(docker: &'a Cli) -> Self { - let image = RunnableImage::from(Postgres::default().with_host_auth()).with_tag("16.2-alpine"); + let image = + RunnableImage::from(Postgres::default().with_host_auth()).with_tag("16.2-alpine"); let container = docker.run(image); - DockerContainer { - container, - } + DockerContainer { container } } pub fn address(&self) -> String { - return format!( - "127.0.0.1:{}", self.container.get_host_port_ipv4(5432), - ) + return format!("127.0.0.1:{}", self.container.get_host_port_ipv4(5432),); } } - pub async fn setup<'a>(docker: &'a Cli) -> anyhow::Result> { Ok(DockerContainer::new(docker)) } diff --git a/src/database/mod.rs b/src/database/mod.rs index 419752a0..96844943 100644 --- a/src/database/mod.rs +++ b/src/database/mod.rs @@ -22,9 +22,9 @@ use crate::config::DatabaseConfig; use crate::identity_tree::{ Hash, ProcessedStatus, RootItem, TreeItem, TreeUpdate, UnprocessedStatus, }; +use crate::prover::{ProverConfig, ProverType}; pub mod types; -use crate::prover::{ProverConfig, ProverType}; // Statically link in migration files static MIGRATOR: Migrator = sqlx::migrate!("schemas/database"); @@ -892,32 +892,23 @@ mod test { chrono::Duration::milliseconds(x.num_milliseconds().abs()) } - struct DBSetuper { - docker: Cli, - } - - fn get_db_setuper() -> DBSetuper { - DBSetuper { - docker: Cli::default(), - } - } - - impl DBSetuper { - // TODO: we should probably consolidate all tests that propagate errors to - // TODO: either use anyhow or eyre - async fn setup_db<'a>(&'a self) -> anyhow::Result<(Database, DockerContainer<'a>)> { - let db_container = postgres_docker_utils::setup(&self.docker).await?; - let url = format!("postgres://postgres:postgres@{}/database", db_container.address()); + // TODO: we should probably consolidate all tests that propagate errors to + // TODO: either use anyhow or eyre + async fn setup_db<'a>(docker: &'a Cli) -> anyhow::Result<(Database, DockerContainer)> { + let db_container = postgres_docker_utils::setup(docker).await?; + let url = format!( + "postgres://postgres:postgres@{}/database", + db_container.address() + ); - let db = Database::new(&DatabaseConfig { - database: SecretUrl::from_str(&url)?, - migrate: true, - max_connections: 1, - }) - .await?; + let db = Database::new(&DatabaseConfig { + database: SecretUrl::from_str(&url)?, + migrate: true, + max_connections: 1, + }) + .await?; - Ok((db, db_container)) - } + Ok((db, db_container)) } fn mock_roots(n: usize) -> Vec { @@ -956,8 +947,8 @@ mod test { #[tokio::test] async fn insert_identity() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let dec = "1234500000000000000"; let commit_hash: Hash = U256::from_dec_str(dec) .expect("cant convert to u256") @@ -991,8 +982,8 @@ mod test { #[tokio::test] async fn insert_and_delete_identity() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let zero: Hash = U256::zero().into(); let zero_root: Hash = U256::from_dec_str("6789")?.into(); @@ -1034,8 +1025,8 @@ mod test { #[tokio::test] async fn test_insert_prover_configuration() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let mock_prover_configuration_0 = ProverConfig { batch_size: 100, @@ -1077,8 +1068,8 @@ mod test { #[tokio::test] async fn test_insert_provers() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let mock_provers = mock_provers(); db.insert_provers(mock_provers.clone()).await?; @@ -1091,8 +1082,8 @@ mod test { #[tokio::test] async fn test_remove_prover() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let mock_provers = mock_provers(); db.insert_provers(mock_provers.clone()).await?; @@ -1109,8 +1100,8 @@ mod test { #[tokio::test] async fn test_insert_new_recovery() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let existing_commitment: Uint<256, 4> = Uint::from(1); let new_commitment: Uint<256, 4> = Uint::from(2); @@ -1129,8 +1120,8 @@ mod test { #[tokio::test] async fn test_insert_new_deletion() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let existing_commitment: Uint<256, 4> = Uint::from(1); db.insert_new_deletion(0, &existing_commitment).await?; @@ -1145,8 +1136,8 @@ mod test { #[tokio::test] async fn test_get_eligible_unprocessed_commitments() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let commitment_0: Uint<256, 4> = Uint::from(1); let eligibility_timestamp_0 = Utc::now(); @@ -1178,8 +1169,8 @@ mod test { #[tokio::test] async fn test_get_unprocessed_commitments() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; // Insert new identity with a valid eligibility timestamp let commitment_0: Uint<256, 4> = Uint::from(1); @@ -1212,8 +1203,8 @@ mod test { #[tokio::test] async fn test_identity_is_queued_for_deletion() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let existing_commitment: Uint<256, 4> = Uint::from(1); db.insert_new_deletion(0, &existing_commitment).await?; @@ -1228,8 +1219,8 @@ mod test { #[tokio::test] async fn test_update_eligibility_timestamp() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let dec = "1234500000000000000"; let commit_hash: Hash = U256::from_dec_str(dec) .expect("cant convert to u256") @@ -1270,8 +1261,8 @@ mod test { #[tokio::test] async fn test_update_insertion_timestamp() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let insertion_timestamp = Utc::now(); @@ -1287,8 +1278,8 @@ mod test { #[tokio::test] async fn test_insert_deletion() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(3); db.insert_new_deletion(0, &identities[0]).await?; @@ -1304,8 +1295,8 @@ mod test { #[tokio::test] async fn test_insert_recovery() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let old_identities = mock_identities(3); let new_identities = mock_identities(3); @@ -1322,8 +1313,8 @@ mod test { #[tokio::test] async fn test_delete_recoveries() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let old_identities = mock_identities(3); let new_identities = mock_identities(3); @@ -1345,8 +1336,8 @@ mod test { #[tokio::test] async fn get_last_leaf_index() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(1); let roots = mock_roots(1); @@ -1366,8 +1357,8 @@ mod test { #[tokio::test] async fn mark_all_as_pending_marks_all() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1396,8 +1387,8 @@ mod test { #[tokio::test] async fn mark_root_as_processed_marks_previous_roots() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1439,8 +1430,8 @@ mod test { #[tokio::test] async fn mark_root_as_mined_marks_previous_roots() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1482,8 +1473,8 @@ mod test { #[tokio::test] async fn mark_root_as_mined_interaction_with_mark_root_as_processed() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let num_identities = 6; @@ -1526,8 +1517,8 @@ mod test { #[tokio::test] async fn mark_root_as_processed_marks_next_roots() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1570,8 +1561,8 @@ mod test { #[tokio::test] async fn root_history_timing() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1628,8 +1619,8 @@ mod test { #[tokio::test] async fn get_commitments_by_status() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); @@ -1667,8 +1658,8 @@ mod test { #[tokio::test] async fn get_commitments_by_status_results_are_in_id_order() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); @@ -1722,8 +1713,8 @@ mod test { #[tokio::test] async fn test_root_invalidation() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(5); let roots = mock_roots(5); @@ -1799,8 +1790,8 @@ mod test { #[tokio::test] async fn check_identity_existence() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let roots = mock_roots(1); @@ -1828,8 +1819,8 @@ mod test { #[tokio::test] async fn test_remove_deletions() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(4); @@ -1860,8 +1851,8 @@ mod test { #[tokio::test] async fn test_latest_deletion_root() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; // Update with initial timestamp let initial_timestamp = chrono::Utc::now(); @@ -1888,8 +1879,8 @@ mod test { #[tokio::test] async fn test_history_unprocessed_identities() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let now = Utc::now(); @@ -1927,8 +1918,8 @@ mod test { #[tokio::test] async fn test_history_unprocessed_deletion_identities() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let roots = mock_roots(2); @@ -1960,8 +1951,8 @@ mod test { #[tokio::test] async fn test_history_processed_deletion_identities() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let roots = mock_roots(2); @@ -1991,8 +1982,8 @@ mod test { #[tokio::test] async fn test_history_processed_identity() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let roots = mock_roots(2); @@ -2027,8 +2018,8 @@ mod test { #[tokio::test] async fn can_insert_same_root_multiple_times() -> anyhow::Result<()> { - let db_setuper = get_db_setuper(); - let (db, _db_container) = db_setuper.setup_db().await?; + let docker = Cli::default(); + let (db, _db_container) = setup_db(&docker).await?; let identities = mock_identities(2); let roots = mock_roots(2); diff --git a/src/shutdown.rs b/src/shutdown.rs index cf4f34e2..406ebb52 100644 --- a/src/shutdown.rs +++ b/src/shutdown.rs @@ -74,31 +74,3 @@ async fn signal_shutdown() -> Result<()> { info!("Ctrl-C received, shutting down"); Ok(()) } - -#[cfg(test)] -mod tests { - use tokio::time::{sleep, Duration}; - - use super::*; - - // This test is ignored due to global variable being used to indicate if system is shutting - // down. Because tests are being run in parallel it is causing unpredictable behaviour and - // random test failures. - #[ignore] - #[tokio::test] - async fn shutdown_signal() { - let start = tokio::time::Instant::now(); - - tokio::spawn(async { - sleep(Duration::from_millis(100)).await; - shutdown(); - }); - - await_shutdown().await; - - let elapsed = start.elapsed(); - - assert!(elapsed > Duration::from_millis(100)); - assert!(elapsed < Duration::from_millis(200)); - } -} diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 66b5740b..0601178e 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -252,10 +252,6 @@ criteria = "safe-to-deploy" version = "0.2.0" criteria = "safe-to-deploy" -[[exemptions.base64]] -version = "0.13.1" -criteria = "safe-to-deploy" - [[exemptions.base64]] version = "0.21.7" criteria = "safe-to-deploy" @@ -280,10 +276,6 @@ criteria = "safe-to-deploy" version = "1.3.2" criteria = "safe-to-deploy" -[[exemptions.bitflags]] -version = "2.4.2" -criteria = "safe-to-deploy" - [[exemptions.bitvec]] version = "1.0.1" criteria = "safe-to-deploy" @@ -292,6 +284,10 @@ criteria = "safe-to-deploy" version = "0.9.2" criteria = "safe-to-deploy" +[[exemptions.bollard-stubs]] +version = "1.42.0-rc.3" +criteria = "safe-to-deploy" + [[exemptions.bs58]] version = "0.5.0" criteria = "safe-to-deploy" @@ -416,10 +412,6 @@ criteria = "safe-to-deploy" version = "0.1.5" criteria = "safe-to-deploy" -[[exemptions.core-foundation]] -version = "0.9.4" -criteria = "safe-to-deploy" - [[exemptions.cpufeatures]] version = "0.2.12" criteria = "safe-to-deploy" @@ -484,14 +476,26 @@ criteria = "safe-to-deploy" version = "0.9.2" criteria = "safe-to-deploy" +[[exemptions.darling]] +version = "0.13.4" +criteria = "safe-to-deploy" + [[exemptions.darling]] version = "0.20.5" criteria = "safe-to-deploy" +[[exemptions.darling_core]] +version = "0.13.4" +criteria = "safe-to-deploy" + [[exemptions.darling_core]] version = "0.20.5" criteria = "safe-to-deploy" +[[exemptions.darling_macro]] +version = "0.13.4" +criteria = "safe-to-deploy" + [[exemptions.darling_macro]] version = "0.20.5" criteria = "safe-to-deploy" @@ -524,10 +528,6 @@ criteria = "safe-to-deploy" version = "5.0.1" criteria = "safe-to-deploy" -[[exemptions.dirs-next]] -version = "2.0.0" -criteria = "safe-to-deploy" - [[exemptions.dirs-sys]] version = "0.4.1" criteria = "safe-to-deploy" @@ -908,10 +908,6 @@ criteria = "safe-to-deploy" version = "0.25.2" criteria = "safe-to-deploy" -[[exemptions.linked-hash-map]] -version = "0.5.6" -criteria = "safe-to-deploy" - [[exemptions.linux-raw-sys]] version = "0.4.13" criteria = "safe-to-deploy" @@ -932,10 +928,6 @@ criteria = "safe-to-deploy" version = "0.3.2" criteria = "safe-to-deploy" -[[exemptions.mach2]] -version = "0.4.2" -criteria = "safe-to-deploy" - [[exemptions.maplit]] version = "1.0.2" criteria = "safe-to-run" @@ -1000,10 +992,6 @@ criteria = "safe-to-deploy" version = "0.15.0" criteria = "safe-to-deploy" -[[exemptions.nom]] -version = "7.1.1" -criteria = "safe-to-deploy" - [[exemptions.num]] version = "0.4.1" criteria = "safe-to-deploy" @@ -1248,10 +1236,6 @@ criteria = "safe-to-deploy" version = "1.0.4" criteria = "safe-to-deploy" -[[exemptions.proc-macro2]] -version = "1.0.78" -criteria = "safe-to-deploy" - [[exemptions.prometheus]] version = "0.13.3" criteria = "safe-to-deploy" @@ -1484,6 +1468,14 @@ criteria = "safe-to-deploy" version = "0.7.1" criteria = "safe-to-deploy" +[[exemptions.serde_with]] +version = "1.14.0" +criteria = "safe-to-deploy" + +[[exemptions.serde_with_macros]] +version = "1.5.2" +criteria = "safe-to-deploy" + [[exemptions.sha1]] version = "0.10.6" criteria = "safe-to-deploy" @@ -1580,10 +1572,6 @@ criteria = "safe-to-deploy" version = "1.2.0" criteria = "safe-to-deploy" -[[exemptions.static_assertions]] -version = "1.1.0" -criteria = "safe-to-deploy" - [[exemptions.string_cache]] version = "0.8.7" criteria = "safe-to-deploy" @@ -1592,18 +1580,6 @@ criteria = "safe-to-deploy" version = "0.1.4" criteria = "safe-to-deploy" -[[exemptions.strsim]] -version = "0.10.0" -criteria = "safe-to-deploy" - -[[exemptions.strum]] -version = "0.25.0" -criteria = "safe-to-deploy" - -[[exemptions.strum_macros]] -version = "0.25.3" -criteria = "safe-to-deploy" - [[exemptions.svm-rs]] version = "0.3.5" criteria = "safe-to-deploy" @@ -1648,6 +1624,14 @@ criteria = "safe-to-deploy" version = "3.3.1" criteria = "safe-to-deploy" +[[exemptions.testcontainers]] +version = "0.15.0" +criteria = "safe-to-deploy" + +[[exemptions.testcontainers-modules]] +version = "0.3.7" +criteria = "safe-to-deploy" + [[exemptions.textwrap]] version = "0.11.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index e89e877b..b291a77d 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -85,6 +85,13 @@ user-id = 6743 user-login = "epage" user-name = "Ed Page" +[[publisher.core-foundation]] +version = "0.9.3" +when = "2022-02-07" +user-id = 5946 +user-login = "jrmuizel" +user-name = "Jeff Muizelaar" + [[publisher.core-foundation-sys]] version = "0.8.4" when = "2023-04-03" @@ -995,6 +1002,12 @@ This is a minor update which has some testing affordances as well as some updated math algorithms. """ +[[audits.bytecodealliance.audits.mach2]] +who = "Nick Fitzgerald " +criteria = "safe-to-deploy" +delta = "0.4.1 -> 0.4.2" +notes = "It does unsafe FFI bindings, as expected. I didn't check the FFI bindings against the C headers." + [[audits.bytecodealliance.audits.matchers]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1081,6 +1094,12 @@ who = "Pat Hickey " criteria = "safe-to-deploy" version = "1.4.1" +[[audits.bytecodealliance.audits.static_assertions]] +who = "Andrew Brown " +criteria = "safe-to-deploy" +version = "1.1.0" +notes = "No dependencies and completely a compile-time crate as advertised. Uses `unsafe` in one module as a compile-time check only: `mem::transmute` and `ptr::write` are wrapped in an impossible-to-run closure." + [[audits.bytecodealliance.audits.thread_local]] who = "Pat Hickey " criteria = "safe-to-deploy" @@ -1245,6 +1264,36 @@ delta = "0.3.4 -> 0.3.5" notes = "Reviewed on https://fxrev.dev/906795" aggregated-from = "https://fuchsia.googlesource.com/fuchsia/+/refs/heads/main/third_party/rust_crates/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.base64]] +who = "Adam Langley " +criteria = "safe-to-deploy" +version = "0.13.1" +notes = "Skimmed the uses of `std` to ensure that nothing untoward is happening. Code uses `forbid(unsafe_code)` and, indeed, there are no uses of `unsafe`" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.bitflags]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +version = "2.4.2" +notes = """ +Audit notes: + +* I've checked for any discussion in Google-internal cl/546819168 (where audit + of version 2.3.3 happened) +* `src/lib.rs` contains `#![cfg_attr(not(test), forbid(unsafe_code))]` +* There are 2 cases of `unsafe` in `src/external.rs` but they seem to be + correct in a straightforward way - they just propagate the marker trait's + impl (e.g. `impl bytemuck::Pod`) from the inner to the outer type +* Additional discussion and/or notes may be found in https://crrev.com/c/5238056 +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.dirs-next]] +who = "George Burgess IV " +criteria = "safe-to-deploy" +version = "2.0.0" +aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" + [[audits.google.audits.fastrand]] who = "George Burgess IV " criteria = "safe-to-deploy" @@ -1267,6 +1316,15 @@ criteria = "safe-to-deploy" version = "1.0.3" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.nom]] +who = "danakj@chromium.org" +criteria = "safe-to-deploy" +version = "7.1.3" +notes = """ +Reviewed in https://chromium-review.googlesource.com/c/chromium/src/+/5046153 +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.openssl-macros]] who = "George Burgess IV " criteria = "safe-to-deploy" @@ -1286,6 +1344,51 @@ criteria = "safe-to-deploy" version = "1.0.4" aggregated-from = "https://chromium.googlesource.com/chromiumos/third_party/rust_crates/+/refs/heads/main/cargo-vet/audits.toml?format=TEXT" +[[audits.google.audits.proc-macro2]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +version = "1.0.78" +notes = """ +Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits +(except for a benign \"fs\" hit in a doc comment) + +Notes from the `unsafe` review can be found in https://crrev.com/c/5385745. +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.strsim]] +who = "danakj@chromium.org" +criteria = "safe-to-deploy" +version = "0.10.0" +notes = """ +Reviewed in https://crrev.com/c/5171063 + +Previously reviewed during security review and the audit is grandparented in. +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.strum]] +who = "danakj@chromium.org" +criteria = "safe-to-deploy" +version = "0.25.0" +notes = """ +Reviewed in https://crrev.com/c/5171063 + +Previously reviewed during security review and the audit is grandparented in. +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.strum_macros]] +who = "danakj@chromium.org" +criteria = "safe-to-deploy" +version = "0.25.3" +notes = """ +Reviewed in https://crrev.com/c/5171063 + +Previously reviewed during security review and the audit is grandparented in. +""" +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.take_mut]] who = "David Koloski " criteria = "safe-to-deploy" @@ -1450,6 +1553,16 @@ who = "David Cook " criteria = "safe-to-deploy" version = "0.7.1" +[[audits.mozilla.wildcard-audits.core-foundation]] +who = "Bobby Holley " +criteria = "safe-to-deploy" +user-id = 5946 # Jeff Muizelaar (jrmuizel) +start = "2019-03-29" +end = "2023-05-04" +renew = false +notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.wildcard-audits.core-foundation-sys]] who = "Bobby Holley " criteria = "safe-to-deploy" @@ -1560,6 +1673,13 @@ criteria = "safe-to-deploy" delta = "1.0.78 -> 1.0.83" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" +[[audits.mozilla.audits.core-foundation]] +who = "Teodor Tanasoaia " +criteria = "safe-to-deploy" +delta = "0.9.3 -> 0.9.4" +notes = "I've reviewed every source contribution that was neither authored nor reviewed by Mozilla." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.crossbeam-channel]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" @@ -1726,6 +1846,20 @@ criteria = "safe-to-deploy" delta = "0.26.0 -> 0.27.0" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.linked-hash-map]] +who = "Aria Beingessner " +criteria = "safe-to-deploy" +version = "0.5.4" +notes = "I own this crate (I am contain-rs) and 0.5.4 passes miri. This code is very old and used by lots of people, so I'm pretty confident in it, even though it's in maintenance-mode and missing some nice-to-have APIs." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.linked-hash-map]] +who = "Alex Franchuk " +criteria = "safe-to-deploy" +delta = "0.5.4 -> 0.5.6" +notes = "New unsafe code has debug assertions and meets invariants. All other changes are formatting-related." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.log]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -1746,6 +1880,12 @@ delta = "0.4.18 -> 0.4.20" notes = "Only cfg attribute and internal macro changes and module refactorings" aggregated-from = "https://raw.githubusercontent.com/mozilla/glean/main/supply-chain/audits.toml" +[[audits.mozilla.audits.mach2]] +who = "Gabriele Svelto " +criteria = "safe-to-deploy" +version = "0.4.1" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.memoffset]] who = "Gabriele Svelto " criteria = "safe-to-deploy" @@ -1784,12 +1924,6 @@ criteria = "safe-to-deploy" delta = "0.26.2 -> 0.27.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.nom]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "7.1.1 -> 7.1.3" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.num-bigint]] who = "Josh Stone " criteria = "safe-to-deploy" diff --git a/tests/common/mod.rs b/tests/common/mod.rs index c1d344e3..1e21f7da 100644 --- a/tests/common/mod.rs +++ b/tests/common/mod.rs @@ -72,9 +72,9 @@ use std::str::FromStr; use futures::stream::FuturesUnordered; use futures::StreamExt; use hyper::StatusCode; -use testcontainers::clients::Cli; use signup_sequencer::identity_tree::Status; use signup_sequencer::task_monitor::TaskMonitor; +use testcontainers::clients::Cli; use tracing::trace; use self::chain_mock::{spawn_mock_chain, MockChain, SpecialisedContract}; diff --git a/tests/delete_identities.rs b/tests/delete_identities.rs index f6fd33df..4e45bc41 100644 --- a/tests/delete_identities.rs +++ b/tests/delete_identities.rs @@ -2,8 +2,8 @@ mod common; -use testcontainers::clients::Cli; use common::prelude::*; +use testcontainers::clients::Cli; use crate::common::test_delete_identity; diff --git a/tests/delete_padded_identity.rs b/tests/delete_padded_identity.rs index 782018d0..7b3ae2da 100644 --- a/tests/delete_padded_identity.rs +++ b/tests/delete_padded_identity.rs @@ -2,8 +2,8 @@ mod common; -use testcontainers::clients::Cli; use common::prelude::*; +use testcontainers::clients::Cli; use crate::common::test_delete_identity; diff --git a/tests/identity_history.rs b/tests/identity_history.rs index e0a3e834..02d49941 100644 --- a/tests/identity_history.rs +++ b/tests/identity_history.rs @@ -2,10 +2,10 @@ mod common; use common::prelude::*; use hyper::StatusCode; -use testcontainers::clients::Cli; use signup_sequencer::server::data::{ IdentityHistoryEntryStatus, IdentityHistoryRequest, IdentityHistoryResponse, }; +use testcontainers::clients::Cli; use crate::common::test_recover_identity; diff --git a/tests/insert_identity_and_proofs.rs b/tests/insert_identity_and_proofs.rs index fb5cf7cb..dd3912f8 100644 --- a/tests/insert_identity_and_proofs.rs +++ b/tests/insert_identity_and_proofs.rs @@ -17,8 +17,14 @@ async fn insert_identity_and_proofs() -> anyhow::Result<()> { let initial_root: U256 = ref_tree.root().into(); let docker = Cli::default(); - let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size]; diff --git a/tests/malformed_payload.rs b/tests/malformed_payload.rs index c3a48c0e..611c91fb 100644 --- a/tests/malformed_payload.rs +++ b/tests/malformed_payload.rs @@ -17,8 +17,14 @@ async fn malformed_payload() -> anyhow::Result<()> { let batch_size: usize = 3; let docker = Cli::default(); - let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size]; diff --git a/tests/multi_prover.rs b/tests/multi_prover.rs index 510e4145..807ce9c1 100644 --- a/tests/multi_prover.rs +++ b/tests/multi_prover.rs @@ -1,7 +1,7 @@ mod common; -use testcontainers::clients::Cli; use common::prelude::*; +use testcontainers::clients::Cli; /// Tests that the app can keep running even if the prover returns 500s /// and that it will eventually succeed if the prover becomes available again. diff --git a/tests/recover_identities.rs b/tests/recover_identities.rs index 589b8a02..60b135a2 100644 --- a/tests/recover_identities.rs +++ b/tests/recover_identities.rs @@ -2,9 +2,9 @@ mod common; -use testcontainers::clients::Cli; use common::prelude::*; use signup_sequencer::identity_tree::{ProcessedStatus, UnprocessedStatus}; +use testcontainers::clients::Cli; use crate::common::{test_inclusion_status, test_recover_identity}; diff --git a/tests/unavailable_prover.rs b/tests/unavailable_prover.rs index b3fa0b8d..da8ddc2e 100644 --- a/tests/unavailable_prover.rs +++ b/tests/unavailable_prover.rs @@ -1,7 +1,7 @@ mod common; -use testcontainers::clients::Cli; use common::prelude::*; +use testcontainers::clients::Cli; /// Tests that the app can keep running even if the prover returns 500s /// and that it will eventually succeed if the prover becomes available again. @@ -16,8 +16,14 @@ async fn unavailable_prover() -> anyhow::Result<()> { let batch_size: usize = 3; let docker = Cli::default(); - let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size]; diff --git a/tests/unreduced_identity.rs b/tests/unreduced_identity.rs index bd25329b..3a6fde0a 100644 --- a/tests/unreduced_identity.rs +++ b/tests/unreduced_identity.rs @@ -11,8 +11,14 @@ async fn test_unreduced_identity() -> anyhow::Result<()> { let batch_size: usize = 3; let docker = Cli::default(); - let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size]; prover_mock.set_availability(false).await; diff --git a/tests/validate_proof_with_age.rs b/tests/validate_proof_with_age.rs index ee93ae27..49055b9d 100644 --- a/tests/validate_proof_with_age.rs +++ b/tests/validate_proof_with_age.rs @@ -1,9 +1,9 @@ mod common; use std::time::Instant; -use testcontainers::clients::Cli; use common::prelude::*; +use testcontainers::clients::Cli; use crate::common::test_verify_proof_with_age; @@ -23,7 +23,14 @@ async fn validate_proof_with_age() -> anyhow::Result<()> { let docker = Cli::default(); let (mock_chain, db_container, insertion_prover_map, _deletion_prover_map, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size]; diff --git a/tests/validate_proofs.rs b/tests/validate_proofs.rs index d9178fb1..5441d78d 100644 --- a/tests/validate_proofs.rs +++ b/tests/validate_proofs.rs @@ -17,8 +17,14 @@ async fn validate_proofs() -> anyhow::Result<()> { let batch_size = 3; let docker = Cli::default(); - let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = - spawn_deps(initial_root, &[batch_size], &[], DEFAULT_TREE_DEPTH as u8, &docker).await?; + let (mock_chain, db_container, insertion_prover_map, _, micro_oz) = spawn_deps( + initial_root, + &[batch_size], + &[], + DEFAULT_TREE_DEPTH as u8, + &docker, + ) + .await?; let prover_mock = &insertion_prover_map[&batch_size];