diff --git a/.circleci/config.yml b/.circleci/config.yml index a6bb472338..fbd927c5f4 100644 --- a/.circleci/config.yml +++ b/.circleci/config.yml @@ -23,6 +23,13 @@ definitions: ignore: - main - release + - msrv_image: &msrv-image + cimg/rust:1.87 + - msrv: &msrv + "1.87" + # Used when running against latest stable Rust + - rust_image: &rust-image + cimg/rust:1.92 ########################################################################## # COMMANDS @@ -278,7 +285,7 @@ jobs: License check: docker: - - image: cimg/rust:1.82 + - image: *rust-image steps: - checkout - run: @@ -301,7 +308,7 @@ jobs: Check vendored schema: docker: - - image: cimg/rust:1.82 + - image: *rust-image steps: - checkout - run: @@ -331,7 +338,7 @@ jobs: Check Rust formatting: docker: - - image: cimg/rust:1.82 + - image: *msrv-image steps: - checkout - run: rustup component add rustfmt @@ -340,7 +347,7 @@ jobs: Lint Rust with clippy: docker: - - image: cimg/rust:1.82 + - image: *msrv-image steps: - checkout - run: rustup component add clippy @@ -357,7 +364,7 @@ jobs: Rust tests - stable: docker: - - image: cimg/rust:1.82 + - image: *rust-image resource_class: "medium+" steps: - test-rust @@ -370,22 +377,22 @@ jobs: Rust tests - beta: docker: - - image: cimg/rust:1.82 + - image: *rust-image steps: - test-rust: rust-version: "beta" Rust tests - minimum version: docker: - - image: cimg/rust:1.82 + - image: *msrv-image resource_class: "medium+" steps: - test-rust: - rust-version: "1.82.0" + rust-version: *msrv Generate Rust documentation: docker: - - image: cimg/rust:1.82 + - image: *msrv-image steps: - checkout - run: @@ -417,7 +424,7 @@ jobs: Publish Rust crates: docker: - - image: cimg/rust:1.82 + - image: *msrv-image steps: - checkout - run: @@ -687,7 +694,7 @@ jobs: glean-swift release: docker: - - image: cimg/rust:1.82 + - image: *rust-image steps: - checkout - attach_workspace: diff --git a/.github/workflows/cargo-vet.yml b/.github/workflows/cargo-vet.yml index 2395539280..6e943f2220 100644 --- a/.github/workflows/cargo-vet.yml +++ b/.github/workflows/cargo-vet.yml @@ -9,7 +9,7 @@ jobs: name: Vet Dependencies runs-on: ubuntu-latest env: - CARGO_VET_VERSION: 0.10.0 + CARGO_VET_VERSION: 0.10.2 steps: - uses: actions/checkout@master - name: Install Rust @@ -22,7 +22,6 @@ jobs: run: echo "${{ runner.tool_cache }}/cargo-vet/bin" >> $GITHUB_PATH - name: Ensure that the tool cache is populated with the cargo-vet binary run: | - export CARGO_REGISTRIES_CRATES_IO_PROTOCOL=sparse cargo install --root ${{ runner.tool_cache }}/cargo-vet --version ${{ env.CARGO_VET_VERSION }} cargo-vet - name: Invoke cargo-vet run: cargo vet --locked diff --git a/CHANGELOG.md b/CHANGELOG.md index 026b4472e1..ff18e60b2d 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -6,6 +6,7 @@ * BUGFIX: Correct `glean.database.rkv_load_error`'s category and `glean.upload.discarded_exceeding_pings_size`'s name ([bug 2009475](https://bugzilla.mozilla.org/show_bug.cgi?id=2009475)) * Event timestamps are now always clamped to the range of a signed 64-bit integer. An overflow is recorded in the new metric `glean.error.event_timestamp_clamped` in case this happens ([#3308](https://github.com/mozilla/glean/pull/3308)). + * BREAKING CHANGE: Updated to UniFFI 0.31.0 ([#3366](https://github.com/mozilla/glean/pull/3366)) # v66.3.0 (2025-12-19) diff --git a/Cargo.lock b/Cargo.lock index cbfef12b3a..49969d11f0 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -67,9 +67,9 @@ checksum = "a4c527152e37cf757a3f78aae5a06fbeefdb07ccc535c980a3208ee3060dd544" [[package]] name = "askama" -version = "0.13.1" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5d4744ed2eef2645831b441d8f5459689ade2ab27c854488fbab1fbe94fce1a7" +checksum = "f75363874b771be265f4ffe307ca705ef6f3baa19011c149da8674a87f1b75c4" dependencies = [ "askama_derive", "itoa", @@ -80,9 +80,9 @@ dependencies = [ [[package]] name = "askama_derive" -version = "0.13.1" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d661e0f57be36a5c14c48f78d09011e67e0cb618f269cca9f2fd8d15b68c46ac" +checksum = "129397200fe83088e8a68407a8e2b1f826cf0086b21ccdb866a722c8bcd3a94f" dependencies = [ "askama_parser", "basic-toml", @@ -97,9 +97,9 @@ dependencies = [ [[package]] name = "askama_parser" -version = "0.13.0" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cf315ce6524c857bb129ff794935cf6d42c82a6cff60526fe2a63593de4d0d4f" +checksum = "d6ab5630b3d5eaf232620167977f95eb51f3432fc76852328774afbd242d4358" dependencies = [ "memchr", "serde", @@ -657,6 +657,7 @@ checksum = "cea70ddb795996207ad57735b50c5982d8844f38ba9ee5f1aedcfb708a2aa11e" dependencies = [ "equivalent", "hashbrown", + "serde", ] [[package]] @@ -1061,18 +1062,28 @@ dependencies = [ [[package]] name = "serde" -version = "1.0.217" +version = "1.0.228" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9a8e94ea7f378bd32cbbd37198a4a91436180c5bb472411e48b5ec2e2124ae9e" +dependencies = [ + "serde_core", + "serde_derive", +] + +[[package]] +name = "serde_core" +version = "1.0.228" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02fc4265df13d6fa1d00ecff087228cc0a2b5f3c0e87e258d8b94a156e984c70" +checksum = "41d385c7d4ca58e59fc732af25c3983b67ac852c1a25000afe1175de458b67ad" dependencies = [ "serde_derive", ] [[package]] name = "serde_derive" -version = "1.0.217" +version = "1.0.228" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5a9bf7cf98d04a2b28aead066b7496853d4779c9cc183c440dbac457641e19a0" +checksum = "d540f220d3187173da220f885ab66608367b6574e925011a9353e4badda91d79" dependencies = [ "proc-macro2", "quote", @@ -1091,11 +1102,20 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_spanned" +version = "1.0.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f8bbf91e5a4d6315eee45e704372590b30e260ee83af6639d64557f51b067776" +dependencies = [ + "serde_core", +] + [[package]] name = "siphasher" -version = "0.3.11" +version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38b58827f4464d87d377d175e90bf58eb00fd8716ff0a62f80356b5e61555d0d" +checksum = "56199f7ddabf13fe5074ce809e7d3f42b42ae711800501b5b16ea82ad029c39d" [[package]] name = "smawk" @@ -1200,13 +1220,43 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "toml" -version = "0.5.11" +version = "0.9.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f4f7f0dd8d50a853a531c426359045b1998f04219d88799810762cd4ad314234" +checksum = "ae2a4cf385da23d1d53bc15cdfa5c2109e93d8d362393c801e87da2f72f0e201" dependencies = [ - "serde", + "indexmap", + "serde_core", + "serde_spanned", + "toml_datetime", + "toml_parser", + "toml_writer", + "winnow", ] +[[package]] +name = "toml_datetime" +version = "0.7.5+spec-1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "92e1cfed4a3038bc5a127e35a2d360f145e1f4b971b551a2ba5fd7aedf7e1347" +dependencies = [ + "serde_core", +] + +[[package]] +name = "toml_parser" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b551886f449aa90d4fe2bdaa9f4a2577ad2dde302c61ecf262d80b116db95c10" +dependencies = [ + "winnow", +] + +[[package]] +name = "toml_writer" +version = "1.0.6+spec-1.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ab16f14aed21ee8bfd8ec22513f7287cd4a91aa92e44edfe2c17ddd004e92607" + [[package]] name = "unicode-bidi" version = "0.3.8" @@ -1230,9 +1280,9 @@ dependencies = [ [[package]] name = "uniffi" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c6d968cb62160c11f2573e6be724ef8b1b18a277aededd17033f8a912d73e2b4" +checksum = "b8c6dec3fc6645f71a16a3fa9ff57991028153bd194ca97f4b55e610c73ce66a" dependencies = [ "anyhow", "cargo_metadata", @@ -1249,15 +1299,15 @@ version = "0.1.0" dependencies = [ "anyhow", "camino", - "cargo_metadata", + "glob", "uniffi", ] [[package]] name = "uniffi_bindgen" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f6b39ef1acbe1467d5d210f274fae344cb6f8766339330cb4c9688752899bf6b" +checksum = "4ed0150801958d4825da56a41c71f000a457ac3a4613fa9647df78ac4b6b6881" dependencies = [ "anyhow", "askama", @@ -1281,9 +1331,9 @@ dependencies = [ [[package]] name = "uniffi_build" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6683e6b665423cddeacd89a3f97312cf400b2fb245a26f197adaf65c45d505b2" +checksum = "b78fd9271a4c2e85bd2c266c5a9ede1fac676eb39fd77f636c27eaf67426fd5f" dependencies = [ "anyhow", "camino", @@ -1292,9 +1342,9 @@ dependencies = [ [[package]] name = "uniffi_core" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c2d990b553d6b9a7ee9c3ae71134674739913d52350b56152b0e613595bb5a6f" +checksum = "b0ef62e69762fbb9386dcb6c87cd3dd05d525fa8a3a579a290892e60ddbda47e" dependencies = [ "anyhow", "bytes", @@ -1304,9 +1354,9 @@ dependencies = [ [[package]] name = "uniffi_internal_macros" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "04f4f224becf14885c10e6e400b95cc4d1985738140cb194ccc2044563f8a56b" +checksum = "98f51ebca0d9a4b2aa6c644d5ede45c56f73906b96403c08a1985e75ccb64a01" dependencies = [ "anyhow", "indexmap", @@ -1317,9 +1367,9 @@ dependencies = [ [[package]] name = "uniffi_macros" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b481d385af334871d70904e6a5f129be7cd38c18fcf8dd8fd1f646b426a56d58" +checksum = "db9d12529f1223d014fd501e5f29ca0884d15d6ed5ddddd9f506e55350327dc3" dependencies = [ "camino", "fs-err", @@ -1334,9 +1384,9 @@ dependencies = [ [[package]] name = "uniffi_meta" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10f817868a3b171bb7bf259e882138d104deafde65684689b4694c846d322491" +checksum = "9df6d413db2827c68588f8149d30d49b71d540d46539e435b23a7f7dbd4d4f86" dependencies = [ "anyhow", "siphasher", @@ -1346,9 +1396,9 @@ dependencies = [ [[package]] name = "uniffi_pipeline" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4b147e133ad7824e32426b90bc41fda584363563f2ba747f590eca1fd6fd14e6" +checksum = "a806dddc8208f22efd7e95a5cdf88ed43d0f3271e8f63b47e757a8bbdb43b63a" dependencies = [ "anyhow", "heck", @@ -1359,9 +1409,9 @@ dependencies = [ [[package]] name = "uniffi_udl" -version = "0.29.4" +version = "0.31.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "caed654fb73da5abbc7a7e9c741532284532ba4762d6fe5071372df22a41730a" +checksum = "0d1a7339539bf6f6fa3e9b534dece13f778bda2d54b1a6d4e40b4d6090ac26e7" dependencies = [ "anyhow", "textwrap", diff --git a/README.md b/README.md index 154881f7e2..c07c71540f 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ The code in this repository is organized as follows: * [./glean-core/ios](glean-core/ios) contains the Swift bindings for use by iOS applications. * [./glean-core/python](glean-core/python) contains Python bindings. -**Note: The Glean SDK requires at least [Rust 1.82.0](https://blog.rust-lang.org/2024/10/17/Rust-1.82.0.html). Older versions are untested.** +**Note: The Glean SDK requires at least [Rust 1.87.0](https://blog.rust-lang.org/2025/05/15/Rust-1.87.0/). Older versions are untested.** ## Contact diff --git a/build-scripts/xc-bindgen.sh b/build-scripts/xc-bindgen.sh index 90a236bd52..049428759b 100644 --- a/build-scripts/xc-bindgen.sh +++ b/build-scripts/xc-bindgen.sh @@ -52,7 +52,7 @@ LIBRARY_PATH="${GLEAN_ROOT}/target/${TARGET}/${RELMODE}/lib${FFI_TARGET}.a" bash "${GLEAN_ROOT}/build-scripts/xc-cargo.sh" cargo run --package uniffi-bindgen -- \ generate \ --language swift \ - --config "${GLEAN_ROOT}/../bundle/uniffi.toml" \ + --config "${GLEAN_ROOT}/glean-core/bundle/uniffi.toml" \ --out-dir "${GLEAN_ROOT}/glean-core/ios/Glean/Generated/uniffi" \ --library "$LIBRARY_PATH" \ --no-format diff --git a/deny.toml b/deny.toml index 0289c5f920..99c8e96d03 100644 --- a/deny.toml +++ b/deny.toml @@ -14,9 +14,6 @@ allow = [ multiple-versions = "deny" skip = [ - # wasi 0.10 and 0.11 are allowed - # (m-c patches 0.10 to 0.11) - { name = "wasi", version = "0.11.0" }, # bitflags 1.3.2 is a dependency of lmdb-rkv, # with bitflags in use by others. # This is overriden in m-c diff --git a/glean-core/Cargo.toml b/glean-core/Cargo.toml index 10cab77c08..c6d4ee4b26 100644 --- a/glean-core/Cargo.toml +++ b/glean-core/Cargo.toml @@ -18,7 +18,7 @@ include = [ "/uniffi.toml", "/build.rs", ] -rust-version = "1.82" +rust-version = "1.87" [package.metadata.glean] glean-parser = "18.2.0" @@ -40,7 +40,7 @@ flate2 = "1.0.19" zeitstempel = "0.2.0" crossbeam-channel = "0.5" thiserror = "2" -uniffi = { version = "0.29.3", default-features = false } +uniffi = { version = "0.31.0", default-features = false } env_logger = { version = "0.10.0", default-features = false, optional = true } malloc_size_of_derive = "0.1.3" malloc_size_of = { version = "0.2.2", package = "wr_malloc_size_of", default-features = false, features = ["once_cell"] } @@ -58,7 +58,7 @@ ctor = "0.2.2" criterion = "0.7.0" [build-dependencies] -uniffi = { version = "0.29.3", default-features = false, features = ["build"] } +uniffi = { version = "0.31.0", default-features = false, features = ["build"] } [features] # Enable `env_logger`. Only works on non-Android non-iOS targets. diff --git a/glean-core/build/Cargo.toml b/glean-core/build/Cargo.toml index a49b837a08..8f3bf3396d 100644 --- a/glean-core/build/Cargo.toml +++ b/glean-core/build/Cargo.toml @@ -13,7 +13,7 @@ include = [ "/src", "/Cargo.toml", ] -rust-version = "1.82" +rust-version = "1.87" [dependencies] xshell-venv = "1.1.0" diff --git a/glean-core/rlb/Cargo.toml b/glean-core/rlb/Cargo.toml index 86712fd68c..f3b3a97241 100644 --- a/glean-core/rlb/Cargo.toml +++ b/glean-core/rlb/Cargo.toml @@ -15,7 +15,7 @@ include = [ "/tests", "/Cargo.toml", ] -rust-version = "1.82" +rust-version = "1.87" [badges] circle-ci = { repository = "mozilla/glean", branch = "main" } diff --git a/supply-chain/audits.toml b/supply-chain/audits.toml index 87ca7c79c5..6e70d0ea50 100644 --- a/supply-chain/audits.toml +++ b/supply-chain/audits.toml @@ -19,16 +19,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2021-11-22" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2021-10-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_bindgen]] who = "Jan-Erik Rediger " @@ -41,16 +41,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_bindgen]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2021-11-22" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_bindgen]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2021-10-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_build]] who = "Jan-Erik Rediger " @@ -63,16 +63,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_build]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2021-11-22" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_build]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2021-10-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_checksum_derive]] who = "Jan-Erik Rediger " @@ -85,16 +85,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_checksum_derive]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2023-11-20" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_checksum_derive]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2023-01-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_core]] who = "Jan-Erik Rediger " @@ -107,16 +107,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_core]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2023-11-20" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_core]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2023-01-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_internal_macros]] who = "Jan-Erik Rediger " @@ -136,16 +136,16 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_macros]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2021-11-22" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_macros]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2021-10-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_meta]] who = "Jan-Erik Rediger " @@ -158,16 +158,24 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_meta]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2023-11-20" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_meta]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2022-09-13" -end = "2026-01-13" +end = "2027-01-08" + +[[wildcard-audits.uniffi_pipeline]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +user-id = 111105 # Mark Hammond (mhammond) +start = "2025-10-08" +end = "2027-01-14" +notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_testing]] who = "Jan-Erik Rediger " @@ -180,30 +188,30 @@ notes = "Maintained by the Glean and Application Services teams" [[wildcard-audits.uniffi_testing]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2023-11-20" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_testing]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2023-01-27" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_udl]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" -user-id = 111105 +user-id = 111105 # Mark Hammond (mhammond) start = "2023-11-20" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.uniffi_udl]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" user-id = 127697 # bendk start = "2023-10-18" -end = "2026-01-13" +end = "2027-01-08" [[wildcard-audits.weedle2]] who = "Jan-Erik Rediger " @@ -239,12 +247,27 @@ criteria = "safe-to-deploy" delta = "0.11.1 -> 0.12.0" notes = "No new unsafe usage, mostly dependency updates and smaller API changes" +[[audits.askama]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.13.1 -> 0.14.0" + [[audits.askama_derive]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" delta = "0.11.2 -> 0.12.1" notes = "Dependency updates, a new toml dependency and some API changes. No unsafe use." +[[audits.askama_derive]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.13.1 -> 0.14.0" + +[[audits.askama_parser]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "0.13.0 -> 0.14.0" + [[audits.basic-toml]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" @@ -536,6 +559,16 @@ criteria = "safe-to-deploy" delta = "1.0.163 -> 1.0.179" notes = "Internal refactorings and some new trait implementations" +[[audits.serde]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.227 -> 1.0.228" + +[[audits.serde_core]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.227 -> 1.0.228" + [[audits.serde_derive]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" @@ -548,11 +581,22 @@ criteria = "safe-to-deploy" delta = "1.0.163 -> 1.0.179" notes = "Internal refactorings and dependency updates" +[[audits.serde_derive]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.227 -> 1.0.228" + [[audits.serde_json]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" delta = "1.0.89 -> 1.0.138" +[[audits.serde_spanned]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +delta = "1.0.3 -> 1.0.4" +notes = "Unchanged" + [[audits.siphasher]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" @@ -604,6 +648,17 @@ who = "Lars Eggert " criteria = "safe-to-deploy" delta = "0.1.2 -> 0.1.4" +[[audits.toml_datetime]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +version = "0.7.5+spec-1.1.0" +notes = "Pure data type crate with some datetime parsing. No unsafe." + +[[audits.toml_writer]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +version = "1.0.6+spec-1.1.0" + [[audits.unicase]] who = "Jan-Erik Rediger " criteria = "safe-to-deploy" @@ -727,6 +782,18 @@ user-id = 3618 # David Tolnay (dtolnay) start = "2019-10-09" end = "2026-06-10" +[[trusted.toml]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2022-12-14" +end = "2027-01-08" + +[[trusted.toml_parser]] +criteria = "safe-to-deploy" +user-id = 6743 # Ed Page (epage) +start = "2025-07-08" +end = "2027-01-08" + [[trusted.wasm-bindgen]] criteria = "safe-to-deploy" user-id = 1 # Alex Crichton (alexcrichton) diff --git a/supply-chain/config.toml b/supply-chain/config.toml index 934f4107fa..141b9c22dc 100644 --- a/supply-chain/config.toml +++ b/supply-chain/config.toml @@ -176,10 +176,6 @@ criteria = "safe-to-deploy" version = "3.4.0" criteria = "safe-to-deploy" -[[exemptions.toml]] -version = "0.5.10" -criteria = "safe-to-deploy" - [[exemptions.uuid]] version = "1.3.0" criteria = "safe-to-deploy" diff --git a/supply-chain/imports.lock b/supply-chain/imports.lock index 197b1b8b49..e5d7dccb99 100644 --- a/supply-chain/imports.lock +++ b/supply-chain/imports.lock @@ -91,59 +91,82 @@ user-id = 3618 user-login = "dtolnay" user-name = "David Tolnay" +[[publisher.toml]] +version = "0.9.6" +when = "2025-09-15" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + +[[publisher.toml_parser]] +version = "1.0.2" +when = "2025-08-04" +user-id = 6743 +user-login = "epage" +user-name = "Ed Page" + [[publisher.uniffi]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_bindgen]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_build]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_core]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_internal_macros]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_macros]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_meta]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_pipeline]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.uniffi_udl]] -version = "0.29.4" -when = "2025-07-24" -user-id = 127697 -user-login = "bendk" +version = "0.31.0" +when = "2026-01-14" +user-id = 111105 +user-login = "mhammond" +user-name = "Mark Hammond" [[publisher.wasm-bindgen]] version = "0.2.99" @@ -1199,8 +1222,8 @@ who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.78" notes = """ -Grepped for \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits -(except for a benign \"fs\" hit in a doc comment) +Grepped for "crypt", "cipher", "fs", "net" - there were no hits +(except for a benign "fs" hit in a doc comment) Notes from the `unsafe` review can be found in https://crrev.com/c/5385745. """ @@ -1305,8 +1328,8 @@ who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.35" notes = """ -Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits -(except for benign \"net\" hit in tests and \"fs\" hit in README.md) +Grepped for "unsafe", "crypt", "cipher", "fs", "net" - there were no hits +(except for benign "net" hit in tests and "fs" hit in README.md) """ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" @@ -1453,11 +1476,25 @@ delta = "1.0.216 -> 1.0.217" notes = "Minimal changes, nothing unsafe" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.serde]] +who = "Daniel Cheng " +criteria = "safe-to-deploy" +delta = "1.0.217 -> 1.0.218" +notes = "No changes outside comments and documentation." +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.218 -> 1.0.219" +notes = "Just allowing `clippy::elidable_lifetime_names`." +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.serde_derive]] who = "Lukasz Anforowicz " criteria = "safe-to-deploy" version = "1.0.197" -notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" +notes = 'Grepped for "unsafe", "crypt", "cipher", "fs", "net" - there were no hits' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] @@ -1476,7 +1513,7 @@ aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_p who = "Lukasz Anforowicz " criteria = "safe-to-deploy" delta = "1.0.202 -> 1.0.203" -notes = "Grepped for \"unsafe\", \"crypt\", \"cipher\", \"fs\", \"net\" - there were no hits" +notes = 'Grepped for "unsafe", "crypt", "cipher", "fs", "net" - there were no hits' aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" [[audits.google.audits.serde_derive]] @@ -1546,6 +1583,20 @@ delta = "1.0.216 -> 1.0.217" notes = "No changes" aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" +[[audits.google.audits.serde_derive]] +who = "Daniel Cheng " +criteria = "safe-to-deploy" +delta = "1.0.217 -> 1.0.218" +notes = "No changes outside comments and documentation." +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + +[[audits.google.audits.serde_derive]] +who = "Lukasz Anforowicz " +criteria = "safe-to-deploy" +delta = "1.0.218 -> 1.0.219" +notes = "Minor changes (clippy tweaks, using `mem::take` instead of `mem::replace`)." +aggregated-from = "https://chromium.googlesource.com/chromium/src/+/main/third_party/rust/chromium_crates_io/supply-chain/audits.toml?format=TEXT" + [[audits.google.audits.synstructure]] who = "Manish Goregaokar " criteria = "safe-to-deploy" @@ -1728,13 +1779,57 @@ who = "David Cook " criteria = "safe-to-deploy" delta = "1.12.1 -> 1.13.0" -[[audits.mozilla.wildcard-audits.uniffi_pipeline]] -who = "Ben Dean-Kawamura " +[[audits.isrg.audits.serde]] +who = "J.C. Jones " +criteria = "safe-to-deploy" +delta = "1.0.219 -> 1.0.224" + +[[audits.isrg.audits.serde]] +who = "J.C. Jones " criteria = "safe-to-deploy" -user-id = 127697 # bendk -start = "2021-10-27" -end = "2026-02-01" -notes = "Maintained by the Glean and Application Services teams" +delta = "1.0.224 -> 1.0.225" + +[[audits.isrg.audits.serde]] +who = "Tim Geoghegan " +criteria = "safe-to-deploy" +delta = "1.0.225 -> 1.0.226" + +[[audits.isrg.audits.serde_core]] +who = "J.C. Jones " +criteria = "safe-to-deploy" +version = "1.0.224" + +[[audits.isrg.audits.serde_core]] +who = "J.C. Jones " +criteria = "safe-to-deploy" +delta = "1.0.224 -> 1.0.225" + +[[audits.isrg.audits.serde_core]] +who = "Tim Geoghegan " +criteria = "safe-to-deploy" +delta = "1.0.225 -> 1.0.226" + +[[audits.isrg.audits.serde_derive]] +who = "J.C. Jones " +criteria = "safe-to-deploy" +delta = "1.0.219 -> 1.0.224" + +[[audits.isrg.audits.serde_derive]] +who = "J.C. Jones " +criteria = "safe-to-deploy" +delta = "1.0.224 -> 1.0.225" + +[[audits.isrg.audits.serde_derive]] +who = "Tim Geoghegan " +criteria = "safe-to-deploy" +delta = "1.0.225 -> 1.0.226" + +[[audits.mozilla.wildcard-audits.uniffi_internal_macros]] +who = "Jan-Erik Rediger " +criteria = "safe-to-deploy" +user-id = 111105 # Mark Hammond (mhammond) +start = "2025-03-18" +end = "2026-03-25" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" [[audits.mozilla.audits.android-tzdata]] @@ -2079,6 +2174,38 @@ delta = "1.1.0 -> 2.1.1" notes = "Simple hashing crate, no unsafe code." aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" +[[audits.mozilla.audits.serde]] +who = "Erich Gubler " +criteria = "safe-to-deploy" +delta = "1.0.226 -> 1.0.227" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.serde_core]] +who = "Erich Gubler " +criteria = "safe-to-deploy" +delta = "1.0.226 -> 1.0.227" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.serde_derive]] +who = "Erich Gubler " +criteria = "safe-to-deploy" +delta = "1.0.226 -> 1.0.227" +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.serde_spanned]] +who = "Ben Dean-Kawamura " +criteria = "safe-to-deploy" +version = "1.0.3" +notes = "Relatively simple Serde trait implementations. No IO or unsafe code." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + +[[audits.mozilla.audits.siphasher]] +who = "Emilio Cobos Álvarez " +criteria = "safe-to-deploy" +delta = "0.3.11 -> 1.0.1" +notes = "Only change to the crate source is adding documentation." +aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" + [[audits.mozilla.audits.tempfile]] who = "Mike Hommey " criteria = "safe-to-deploy" @@ -2103,12 +2230,6 @@ criteria = "safe-to-deploy" delta = "0.16.0 -> 0.16.1" aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" -[[audits.mozilla.audits.toml]] -who = "Mike Hommey " -criteria = "safe-to-deploy" -delta = "0.5.10 -> 0.5.11" -aggregated-from = "https://hg.mozilla.org/mozilla-central/raw-file/tip/supply-chain/audits.toml" - [[audits.mozilla.audits.unicode-normalization]] who = "Mike Hommey " criteria = "safe-to-deploy" diff --git a/tools/embedded-uniffi-bindgen/Cargo.toml b/tools/embedded-uniffi-bindgen/Cargo.toml index 9c58875226..b444aab2bf 100644 --- a/tools/embedded-uniffi-bindgen/Cargo.toml +++ b/tools/embedded-uniffi-bindgen/Cargo.toml @@ -8,8 +8,8 @@ publish = false [dependencies] anyhow = "1" camino = "1.1.1" -uniffi = { version = "0.29.3", default-features = false, features = ["bindgen", "cargo-metadata"] } -cargo_metadata = { version = "0.19" } +uniffi = { version = "0.31.0", default-features = false, features = ["bindgen", "cargo-metadata"] } +glob = "0.3.2" [lib] test = false diff --git a/tools/embedded-uniffi-bindgen/src/main.rs b/tools/embedded-uniffi-bindgen/src/main.rs index dce42852c7..680c364dc1 100644 --- a/tools/embedded-uniffi-bindgen/src/main.rs +++ b/tools/embedded-uniffi-bindgen/src/main.rs @@ -6,13 +6,7 @@ use std::env; use anyhow::{bail, Context}; use camino::Utf8PathBuf; - -#[derive(Copy, Clone, Eq, PartialEq, Hash)] -enum TargetLanguage { - Kotlin, - Swift, - Python, -} +use uniffi::TargetLanguage; fn parse_language(lang: &str) -> anyhow::Result { match lang { @@ -24,59 +18,23 @@ fn parse_language(lang: &str) -> anyhow::Result { } fn gen_bindings( - library_file: &camino::Utf8Path, - config_file: Option<&camino::Utf8Path>, + library_file: camino::Utf8PathBuf, + config_file: Option, languages: Vec, - out_dir: &camino::Utf8Path, + out_dir: camino::Utf8PathBuf, crate_name: Option, ) -> anyhow::Result<()> { - use uniffi::generate_bindings_library_mode; - use uniffi::{KotlinBindingGenerator, PythonBindingGenerator, SwiftBindingGenerator}; - - use uniffi::CargoMetadataConfigSupplier; - let mut cmd = cargo_metadata::MetadataCommand::new(); - cmd.no_deps(); - let metadata = cmd.exec().context("error running cargo metadata")?; - let config_supplier = CargoMetadataConfigSupplier::from(metadata); - - for language in languages { - match language { - TargetLanguage::Kotlin => { - generate_bindings_library_mode( - library_file, - crate_name.clone(), - &KotlinBindingGenerator, - &config_supplier, - config_file, - out_dir, - false, - )?; - } - TargetLanguage::Python => { - generate_bindings_library_mode( - library_file, - crate_name.clone(), - &PythonBindingGenerator, - &config_supplier, - config_file, - out_dir, - false, - )?; - } - TargetLanguage::Swift => { - generate_bindings_library_mode( - library_file, - crate_name.clone(), - &SwiftBindingGenerator, - &config_supplier, - config_file, - out_dir, - false, - )?; - } - }; - } - Ok(()) + use uniffi::{generate, GenerateOptions}; + let opts = GenerateOptions { + languages, + source: library_file, + out_dir, + config_override: config_file, + format: false, + crate_filter: crate_name, + metadata_no_deps: false, + }; + generate(opts) } fn main() -> anyhow::Result<()> { @@ -120,23 +78,23 @@ fn main() -> anyhow::Result<()> { let out_dir = out_dir.map(Utf8PathBuf::from); let config = config.map(Utf8PathBuf::from); - if library_file.is_none() { + let Some(library_file) = library_file else { bail!("Need path to library file."); - } + }; if target_languages.is_empty() { bail!("Need at least one language to generate code for."); } - if out_dir.is_none() { + let Some(out_dir) = out_dir else { bail!("Need output directory.") - } + }; gen_bindings( - &library_file.unwrap(), - config.as_deref(), + library_file, + config, target_languages, - &out_dir.unwrap(), + out_dir, Some(String::from("glean_core")), )?;