Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependencies #321

Merged
merged 5 commits into from
Mar 11, 2025
Merged

Update dependencies #321

merged 5 commits into from
Mar 11, 2025

Conversation

djc
Copy link
Member

@djc djc commented Mar 11, 2025

No description provided.

@djc djc requested review from cpu and est31 March 11, 2025 13:14
@cpu
Copy link
Member

cpu commented Mar 11, 2025

Looks like there are a few CI failures :-/

stable 7 months ago is too old for base64ct:

error: rustc 1.80.1 is not supported by the following package: base64ct@1.7.1 requires rustc 1.81

and the botan feature seems broken in a unique way:

error: failed to run custom build command for `botan-sys v0.11.1`

Caused by:
  process didn't exit successfully: `/home/runner/work/rcgen/rcgen/target/debug/build/botan-sys-26e73a74326fe615/build-script-build` (exit status: 101)
  --- stdout
    ERROR: Module policy src/build-data/policy/fips140.txt includes non-existent module sodium in <prohibited>

  --- stderr

@djc
Copy link
Member Author

djc commented Mar 11, 2025

I've reverted the botan upgrade (sticking with 0.11.0 instead of moving to 0.11.1) and filed an issue. For the base64ct failure, I've chosen to remove the rsa-irc example that was relying on the rsa crate (which in turn relies on the base64ct crate). This also removes the need for rand, so it seems like a nice simplification.

cpu
cpu approved these changes Mar 11, 2025
View reviewed changes
Copy link
Member

@cpu cpu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've reverted the botan upgrade (sticking with 0.11.0 instead of moving to 0.11.1) and filed randombit/botan-rs#144.

Thank you!

For the base64ct failure, I've chosen to remove the rsa-irc example that was relying on the rsa crate (which in turn relies on the base64ct crate). This also removes the need for rand, so it seems like a nice simplification.

I'm a 👍 on that. It feels like this example was more important when there wasn't a way to generate RSA private keys w/ rcgen (because of ring limitations). Since that's now handled by aws-lc-rs support and the rsa crate has unresolved vulnerabilities (and RSA is a poor choice in 2025 generally) it seems like an obvious choice to remove it.

est31
est31 reviewed Mar 11, 2025
View reviewed changes
Cargo.toml
# This greatly speeds up rsa key generation times
# (only applies to the dev-dependency of rcgen because cargo
# ignores profile overrides for non leaf packages)
[profile.dev.package.num-bigint-dig]
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I suppose removing this is okay because we now have aws-lc-rs which can also do rsa keygen.

@djc djc added this pull request to the merge queue Mar 11, 2025
Merged via the queue into main with commit 69611c9 Mar 11, 2025
28 checks passed
@djc djc deleted the update-deps branch March 11, 2025 18:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@est31 est31 est31 approved these changes

@cpu cpu cpu approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@djc @cpu @est31