|
|
|
[package]
|
|
|
|
name = "vaultwarden"
|
|
|
|
version = "1.0.0"
|
|
|
|
authors = ["Daniel García <dani-garcia@users.noreply.github.com>"]
|
|
|
|
edition = "2021"
|
|
|
|
rust-version = "1.72.1"
|
|
|
|
resolver = "2"
|
|
|
|
|
|
|
|
repository = "https://github.com/dani-garcia/vaultwarden"
|
|
|
|
readme = "README.md"
|
|
|
|
license = "AGPL-3.0-only"
|
|
|
|
publish = false
|
|
|
|
build = "build.rs"
|
|
|
|
|
|
|
|
[features]
|
|
|
|
# default = ["sqlite"]
|
|
|
|
# Empty to keep compatibility, prefer to set USE_SYSLOG=true
|
|
|
|
enable_syslog = []
|
|
|
|
mysql = ["diesel/mysql", "diesel_migrations/mysql"]
|
|
|
|
postgresql = ["diesel/postgres", "diesel_migrations/postgres"]
|
|
|
|
sqlite = ["diesel/sqlite", "diesel_migrations/sqlite", "libsqlite3-sys"]
|
|
|
|
# Enable to use a vendored and statically linked openssl
|
|
|
|
vendored_openssl = ["openssl/vendored"]
|
|
|
|
# Enable MiMalloc memory allocator to replace the default malloc
|
|
|
|
# This can improve performance for Alpine builds
|
|
|
|
enable_mimalloc = ["mimalloc"]
|
|
|
|
# This is a development dependency, and should only be used during development!
|
|
|
|
# It enables the usage of the diesel_logger crate, which is able to output the generated queries.
|
|
|
|
# You also need to set an env variable `QUERY_LOGGER=1` to fully activate this so you do not have to re-compile
|
|
|
|
# if you want to turn off the logging for a specific run.
|
|
|
|
query_logger = ["diesel_logger"]
|
|
|
|
|
|
|
|
# Enable unstable features, requires nightly
|
|
|
|
# Currently only used to enable rusts official ip support
|
|
|
|
unstable = []
|
|
|
|
|
|
|
|
[target."cfg(not(windows))".dependencies]
|
|
|
|
# Logging
|
|
|
|
syslog = "6.1.0"
|
|
|
|
|
|
|
|
[dependencies]
|
|
|
|
# Logging
|
|
|
|
log = "0.4.20"
|
|
|
|
fern = { version = "0.6.2", features = ["syslog-6", "reopen-1"] }
|
|
|
|
tracing = { version = "0.1.40", features = ["log"] } # Needed to have lettre and webauthn-rs trace logging to work
|
|
|
|
|
|
|
|
# A `dotenv` implementation for Rust
|
|
|
|
dotenvy = { version = "0.15.7", default-features = false }
|
|
|
|
|
|
|
|
# Lazy initialization
|
|
|
|
once_cell = "1.19.0"
|
|
|
|
|
|
|
|
# Numerical libraries
|
|
|
|
num-traits = "0.2.17"
|
|
|
|
num-derive = "0.4.1"
|
|
|
|
|
|
|
|
# Web framework
|
|
|
|
rocket = { version = "0.5.0", features = ["tls", "json"], default-features = false }
|
|
|
|
rocket_ws = { version ="0.1.0" }
|
|
|
|
|
|
|
|
# WebSockets libraries
|
|
|
|
tokio-tungstenite = "0.20.1"
|
|
|
|
rmpv = "1.0.1" # MessagePack library
|
|
|
|
|
|
|
|
# Concurrent HashMap used for WebSocket messaging and favicons
|
|
|
|
dashmap = "5.5.3"
|
|
|
|
|
|
|
|
# Async futures
|
|
|
|
futures = "0.3.29"
|
|
|
|
tokio = { version = "1.35.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] }
|
|
|
|
|
|
|
|
# A generic serialization/deserialization framework
|
|
|
|
serde = { version = "1.0.193", features = ["derive"] }
|
|
|
|
serde_json = "1.0.108"
|
|
|
|
|
|
|
|
# A safe, extensible ORM and Query builder
|
|
|
|
diesel = { version = "2.1.4", features = ["chrono", "r2d2"] }
|
|
|
|
diesel_migrations = "2.1.0"
|
|
|
|
diesel_logger = { version = "0.3.0", optional = true }
|
|
|
|
|
|
|
|
# Bundled/Static SQLite
|
|
|
|
libsqlite3-sys = { version = "0.27.0", features = ["bundled"], optional = true }
|
|
|
|
|
|
|
|
# Crypto-related libraries
|
|
|
|
rand = { version = "0.8.5", features = ["small_rng"] }
|
Several small fixes for open issues (#4143)
* Fix BWDC when re-run with cleared cache
Using the BWDC with a cleared cache caused invited users to be converted
to accepted users.
The problem was a wrong check for the `restore` function.
Fixes #4114
* Remove useless variable
During some refactoring this seems to be overlooked.
This variable gets filled but isn't used at all afterwards.
Fixes #4105
* Check some `.git` paths to force a rebuild
When a checked-out repo switches to a specific tag, and that tag does
not have anything else changed in the files except the tag, it could
happen that the build process doesn't see any changes, while it could be
that the version string needs to be different.
This commit ensures that if some specific paths are changed within the
.git directory, cargo will be triggered to rebuild.
Fixes #4087
* Do not delete dir on file delete
Previously during a `delete_file` check we also tried to delete the
parent directory and ignored all errors, like not being empty for
example.
Since this function is called `delete_file` and does not mention
anything in regards to a directory i have removed that code and it will
now only delete the file and leave the rest as-is.
If this somehow is still needed or wanted, which i do not think we want,
then we should create a new function.
Fixes #4081
* Fix healthcheck when using an ENV file
If someone is using a `.env` file or configured the `ENV_FILE` variable
to use that as it's configuration, this was missed by the healthcheck.
So, `DOMAIN` and `ROCKET_TLS` were not seen, and not used in these cases.
This commit fixes this by checking for this file and if it exists, then
it will load those variables first.
Fixes #4112
* Add missing route
While there was a function and a derive, this endpoint wasn't part of
the routes. Since Bitwarden does have this endpoint ill add the route
instead of deleting it.
Fixes #4076
Fixes #4144
* Update crates to update the openssl crate
Because of a bug in the openssl-sys crate we pinned the version to an
older version. This issue has been fixed and was released 2 days ago.
This commit updates the openssl crates including others.
This should also fix the issues with building Vaultwarden using newer
versions of LibreSSL.
Fixes #4051
12 months ago
|
|
|
ring = "0.17.7"
|
|
|
|
|
|
|
|
# UUID generation
|
|
|
|
uuid = { version = "1.6.1", features = ["v4"] }
|
|
|
|
|
|
|
|
# Date and time libraries
|
|
|
|
chrono = { version = "0.4.31", features = ["clock", "serde"], default-features = false }
|
|
|
|
chrono-tz = "0.8.4"
|
|
|
|
time = "0.3.30"
|
|
|
|
|
|
|
|
# Job scheduler
|
|
|
|
job_scheduler_ng = "2.0.4"
|
|
|
|
|
|
|
|
# Data encoding library Hex/Base32/Base64
|
|
|
|
data-encoding = "2.5.0"
|
|
|
|
|
|
|
|
# JWT library
|
|
|
|
jsonwebtoken = "9.2.0"
|
|
|
|
|
|
|
|
# TOTP library
|
|
|
|
totp-lite = "2.0.1"
|
|
|
|
|
|
|
|
# Yubico Library
|
|
|
|
yubico = { version = "0.11.0", features = ["online-tokio"], default-features = false }
|
|
|
|
|
|
|
|
# WebAuthn libraries
|
|
|
|
webauthn-rs = "0.3.2"
|
|
|
|
|
|
|
|
# Handling of URL's for WebAuthn and favicons
|
|
|
|
url = "2.5.0"
|
|
|
|
|
|
|
|
# Email libraries
|
|
|
|
lettre = { version = "0.11.2", features = ["smtp-transport", "sendmail-transport", "builder", "serde", "tokio1-native-tls", "hostname", "tracing", "tokio1"], default-features = false }
|
|
|
|
percent-encoding = "2.3.1" # URL encoding library used for URL's in the emails
|
|
|
|
email_address = "0.2.4"
|
|
|
|
|
|
|
|
# HTML Template library
|
|
|
|
handlebars = { version = "4.5.0", features = ["dir_source"] }
|
|
|
|
|
|
|
|
# HTTP client (Used for favicons, version check, DUO and HIBP API)
|
|
|
|
reqwest = { version = "0.11.22", features = ["stream", "json", "deflate", "gzip", "brotli", "socks", "cookies", "trust-dns", "native-tls-alpn"] }
|
|
|
|
|
|
|
|
# Favicon extraction libraries
|
|
|
|
html5gum = "0.5.7"
|
|
|
|
regex = { version = "1.10.2", features = ["std", "perf", "unicode-perl"], default-features = false }
|
|
|
|
data-url = "0.3.1"
|
|
|
|
bytes = "1.5.0"
|
|
|
|
|
|
|
|
# Cache function results (Used for version check and favicon fetching)
|
|
|
|
cached = { version = "0.46.1", features = ["async"] }
|
|
|
|
|
|
|
|
# Used for custom short lived cookie jar during favicon extraction
|
|
|
|
cookie = "0.16.2"
|
|
|
|
cookie_store = "0.19.1"
|
|
|
|
|
|
|
|
# Used by U2F, JWT and PostgreSQL
|
Several small fixes for open issues (#4143)
* Fix BWDC when re-run with cleared cache
Using the BWDC with a cleared cache caused invited users to be converted
to accepted users.
The problem was a wrong check for the `restore` function.
Fixes #4114
* Remove useless variable
During some refactoring this seems to be overlooked.
This variable gets filled but isn't used at all afterwards.
Fixes #4105
* Check some `.git` paths to force a rebuild
When a checked-out repo switches to a specific tag, and that tag does
not have anything else changed in the files except the tag, it could
happen that the build process doesn't see any changes, while it could be
that the version string needs to be different.
This commit ensures that if some specific paths are changed within the
.git directory, cargo will be triggered to rebuild.
Fixes #4087
* Do not delete dir on file delete
Previously during a `delete_file` check we also tried to delete the
parent directory and ignored all errors, like not being empty for
example.
Since this function is called `delete_file` and does not mention
anything in regards to a directory i have removed that code and it will
now only delete the file and leave the rest as-is.
If this somehow is still needed or wanted, which i do not think we want,
then we should create a new function.
Fixes #4081
* Fix healthcheck when using an ENV file
If someone is using a `.env` file or configured the `ENV_FILE` variable
to use that as it's configuration, this was missed by the healthcheck.
So, `DOMAIN` and `ROCKET_TLS` were not seen, and not used in these cases.
This commit fixes this by checking for this file and if it exists, then
it will load those variables first.
Fixes #4112
* Add missing route
While there was a function and a derive, this endpoint wasn't part of
the routes. Since Bitwarden does have this endpoint ill add the route
instead of deleting it.
Fixes #4076
Fixes #4144
* Update crates to update the openssl crate
Because of a bug in the openssl-sys crate we pinned the version to an
older version. This issue has been fixed and was released 2 days ago.
This commit updates the openssl crates including others.
This should also fix the issues with building Vaultwarden using newer
versions of LibreSSL.
Fixes #4051
12 months ago
|
|
|
openssl = "0.10.61"
|
|
|
|
|
|
|
|
# CLI argument parsing
|
|
|
|
pico-args = "0.5.0"
|
|
|
|
|
|
|
|
# Macro ident concatenation
|
|
|
|
paste = "1.0.14"
|
|
|
|
governor = "0.6.0"
|
|
|
|
|
|
|
|
# Check client versions for specific features.
|
|
|
|
semver = "1.0.20"
|
|
|
|
|
|
|
|
# Allow overriding the default memory allocator
|
|
|
|
# Mainly used for the musl builds, since the default musl malloc is very slow
|
|
|
|
mimalloc = { version = "0.1.39", features = ["secure"], default-features = false, optional = true }
|
|
|
|
which = "5.0.0"
|
|
|
|
|
|
|
|
# Argon2 library with support for the PHC format
|
|
|
|
argon2 = "0.5.2"
|
|
|
|
|
|
|
|
# Reading a password from the cli for generating the Argon2id ADMIN_TOKEN
|
|
|
|
rpassword = "7.3.1"
|
|
|
|
|
|
|
|
|
|
|
|
# Strip debuginfo from the release builds
|
|
|
|
# The symbols are the provide better panic traces
|
|
|
|
# Also enable fat LTO and use 1 codegen unit for optimizations
|
|
|
|
[profile.release]
|
|
|
|
strip = "debuginfo"
|
|
|
|
lto = "fat"
|
|
|
|
codegen-units = 1
|
|
|
|
|
|
|
|
|
|
|
|
# A little bit of a speedup
|
|
|
|
[profile.dev]
|
|
|
|
split-debuginfo = "unpacked"
|
|
|
|
|
|
|
|
# Always build argon2 using opt-level 3
|
|
|
|
# This is a huge speed improvement during testing
|
|
|
|
[profile.dev.package.argon2]
|
|
|
|
opt-level = 3
|
|
|
|
|
|
|
|
# Optimize for size
|
|
|
|
[profile.release-micro]
|
|
|
|
inherits = "release"
|
|
|
|
opt-level = "z"
|
|
|
|
strip = "symbols"
|
|
|
|
lto = "fat"
|
|
|
|
codegen-units = 1
|
|
|
|
panic = "abort"
|