vw_small

Hardened fork of Vaultwarden (https://github.com/dani-garcia/vaultwarden) with fewer features.
git clone https://git.philomathiclife.com/repos/vw_small
Log | Files | Refs | README

commit 0b28ab3be101b58cf27b43da14bcf893fa37c1c8
parent c5bcc340faeb9986a981c506b57588744cab917e
Author: Daniel GarcĂ­a <dani-garcia@users.noreply.github.com>
Date:   Sun,  2 Apr 2023 15:39:36 +0200

Merge pull request #3403 from BlackDex/update-dockerfile-and-rust

Revert setcap, update rust and crates
Diffstat:
M.hadolint.yaml | 2++
MCargo.lock | 237++++++++++++++++++++++++++++++++++++-------------------------------------------
MCargo.toml | 13+++++++------
Mdocker/Dockerfile.j2 | 44++++++++++++++++----------------------------
Mdocker/amd64/Dockerfile | 5+----
Mdocker/amd64/Dockerfile.alpine | 4+---
Mdocker/amd64/Dockerfile.buildkit | 10+---------
Mdocker/amd64/Dockerfile.buildkit.alpine | 9+--------
Mdocker/arm64/Dockerfile | 5+----
Mdocker/arm64/Dockerfile.alpine | 4+---
Mdocker/arm64/Dockerfile.buildkit | 10+---------
Mdocker/arm64/Dockerfile.buildkit.alpine | 9+--------
Mdocker/armv6/Dockerfile | 5+----
Mdocker/armv6/Dockerfile.alpine | 4+---
Mdocker/armv6/Dockerfile.buildkit | 10+---------
Mdocker/armv6/Dockerfile.buildkit.alpine | 9+--------
Mdocker/armv7/Dockerfile | 5+----
Mdocker/armv7/Dockerfile.alpine | 4+---
Mdocker/armv7/Dockerfile.buildkit | 10+---------
Mdocker/armv7/Dockerfile.buildkit.alpine | 9+--------
Mrust-toolchain | 2+-
21 files changed, 149 insertions(+), 261 deletions(-)

diff --git a/.hadolint.yaml b/.hadolint.yaml @@ -7,3 +7,5 @@ ignored: - DL3059 trustedRegistries: - docker.io + - ghcr.io + - quay.io diff --git a/Cargo.lock b/Cargo.lock @@ -120,7 +120,7 @@ dependencies = [ "log", "parking", "polling", - "rustix 0.37.3", + "rustix", "slab", "socket2", "waker-fn", @@ -216,7 +216,7 @@ checksum = "b9ccdd8f2a161be9bd5c023df56f1b2a0bd1d83872ae53b71a84a12c9bf6e842" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -587,9 +587,9 @@ dependencies = [ [[package]] name = "cxx" -version = "1.0.93" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a9c00419335c41018365ddf7e4d5f1c12ee3659ddcf3e01974650ba1de73d038" +checksum = "f61f1b6389c3fe1c316bf8a4dccc90a38208354b330925bce1f74a6c4756eb93" dependencies = [ "cc", "cxxbridge-flags", @@ -599,9 +599,9 @@ dependencies = [ [[package]] name = "cxx-build" -version = "1.0.93" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fb8307ad413a98fff033c8545ecf133e3257747b3bae935e7602aab8aa92d4ca" +checksum = "12cee708e8962df2aeb38f594aae5d827c022b6460ac71a7a3e2c3c2aae5a07b" dependencies = [ "cc", "codespan-reporting", @@ -609,24 +609,24 @@ dependencies = [ "proc-macro2", "quote", "scratch", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] name = "cxxbridge-flags" -version = "1.0.93" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "edc52e2eb08915cb12596d29d55f0b5384f00d697a646dbd269b6ecb0fbd9d31" +checksum = "7944172ae7e4068c533afbb984114a56c46e9ccddda550499caa222902c7f7bb" [[package]] name = "cxxbridge-macro" -version = "1.0.93" +version = "1.0.94" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "631569015d0d8d54e6c241733f944042623ab6df7bc3be7466874b05fcdb1c5f" +checksum = "2345488264226bf682893e25de0769f3360aac9957980ec49361b083ddaa5bc5" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -719,7 +719,7 @@ dependencies = [ "proc-macro2", "proc-macro2-diagnostics", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -839,17 +839,6 @@ dependencies = [ [[package]] name = "errno" -version = "0.2.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f639046355ee4f37944e44f60642c6f3a7efa3cf6b78c78a0d989a8ce6c396a1" -dependencies = [ - "errno-dragonfly", - "libc", - "winapi", -] - -[[package]] -name = "errno" version = "0.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "50d6a0976c999d473fe89ad888d5a284e55366d9dc9038b1ba2aa15128c4afa0" @@ -959,9 +948,9 @@ dependencies = [ [[package]] name = "futures" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "531ac96c6ff5fd7c62263c5e3c67a603af4fcaee2e1a0ae5565ba3a11e69e549" +checksum = "23342abe12aba583913b2e62f22225ff9c950774065e4bfb61a19cd9770fec40" dependencies = [ "futures-channel", "futures-core", @@ -974,9 +963,9 @@ dependencies = [ [[package]] name = "futures-channel" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "164713a5a0dcc3e7b4b1ed7d3b433cabc18025386f9339346e8daf15963cf7ac" +checksum = "955518d47e09b25bbebc7a18df10b81f0c766eaf4c4f1cccef2fca5f2a4fb5f2" dependencies = [ "futures-core", "futures-sink", @@ -984,15 +973,15 @@ dependencies = [ [[package]] name = "futures-core" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "86d7a0c1aa76363dac491de0ee99faf6941128376f1cf96f07db7603b7de69dd" +checksum = "4bca583b7e26f571124fe5b7561d49cb2868d79116cfa0eefce955557c6fee8c" [[package]] name = "futures-executor" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1997dd9df74cdac935c76252744c1ed5794fac083242ea4fe77ef3ed60ba0f83" +checksum = "ccecee823288125bd88b4d7f565c9e58e41858e47ab72e8ea2d64e93624386e0" dependencies = [ "futures-core", "futures-task", @@ -1001,9 +990,9 @@ dependencies = [ [[package]] name = "futures-io" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89d422fa3cbe3b40dca574ab087abb5bc98258ea57eea3fd6f1fa7162c778b91" +checksum = "4fff74096e71ed47f8e023204cfd0aa1289cd54ae5430a9523be060cdb849964" [[package]] name = "futures-lite" @@ -1022,26 +1011,26 @@ dependencies = [ [[package]] name = "futures-macro" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3eb14ed937631bd8b8b8977f2c198443447a8355b6e3ca599f38c975e5a963b6" +checksum = "89ca545a94061b6365f2c7355b4b32bd20df3ff95f02da9329b34ccc3bd6ee72" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.13", ] [[package]] name = "futures-sink" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ec93083a4aecafb2a80a885c9de1f0ccae9dbd32c2bb54b0c3a65690e0b8d2f2" +checksum = "f43be4fe21a13b9781a69afa4985b0f6ee0e1afab2c6f454a8cf30e2b2237b6e" [[package]] name = "futures-task" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd65540d33b37b16542a0438c12e6aeead10d4ac5d05bd3f805b8f35ab592879" +checksum = "76d3d132be6c0e6aa1534069c705a74a5997a356c0dc2f86a47765e5617c5b65" [[package]] name = "futures-timer" @@ -1051,9 +1040,9 @@ checksum = "e64b03909df88034c26dc1547e8970b91f98bdb65165d6a4e9110d94263dbb2c" [[package]] name = "futures-util" -version = "0.3.27" +version = "0.3.28" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3ef6b17e481503ec85211fed8f39d1970f128935ca1f814cd32ac4a6842e84ab" +checksum = "26b01e40b772d54cf6c6d721c1d1abd0647a0106a12ecaa1c186273392a69533" dependencies = [ "futures-channel", "futures-core", @@ -1082,9 +1071,9 @@ dependencies = [ [[package]] name = "generic-array" -version = "0.14.6" +version = "0.14.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" +checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a" dependencies = [ "typenum", "version_check", @@ -1412,19 +1401,19 @@ dependencies = [ [[package]] name = "ipnet" -version = "2.7.1" +version = "2.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30e22bd8629359895450b59ea7a776c850561b96a3b1d31321c1949d9e6c9146" +checksum = "12b6ee2129af8d4fb011108c73d99a1b83a85977f23b82460c0ae2e25bb4b57f" [[package]] name = "is-terminal" -version = "0.4.5" +version = "0.4.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8687c819457e979cc940d09cb16e42a1bf70aa6b60a549de6d3a62a0ee90c69e" +checksum = "256017f749ab3117e93acb91063009e1f1bb56d03965b14c2c8df4eb02c524d8" dependencies = [ "hermit-abi 0.3.1", "io-lifetimes", - "rustix 0.36.11", + "rustix", "windows-sys 0.45.0", ] @@ -1491,9 +1480,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "lettre" -version = "0.10.3" +version = "0.10.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d8033576bf9f051fce6cb92b6264114b4340896c352a9ff38b67bd4cde924635" +checksum = "76bd09637ae3ec7bd605b8e135e757980b3968430ff2b1a4a94fb7769e50166d" dependencies = [ "async-std", "async-trait", @@ -1562,15 +1551,9 @@ checksum = "0717cef1bc8b636c6e1c1bbdefc09e6322da8a9321966e8928ef80d20f7f770f" [[package]] name = "linux-raw-sys" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f051f77a7c8e6957c0696eac88f26b0117e54f52d3fc682ab19397a8812846a4" - -[[package]] -name = "linux-raw-sys" -version = "0.3.0" +version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd550e73688e6d578f0ac2119e32b797a327631a42f9433e59d02e139c8df60d" +checksum = "d59d8c75012853d2e872fb56bc8a2e53718e2cafe1a4c823143141c6d90c322f" [[package]] name = "lock_api" @@ -1717,9 +1700,9 @@ dependencies = [ [[package]] name = "multer" -version = "2.0.4" +version = "2.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6ed4198ce7a4cbd2a57af78d28c6fbb57d81ac5f1d6ad79ac6c5587419cbdf22" +checksum = "01acbdc23469fd8fe07ab135923371d5f5a422fbf9c522158677c8eb15bc51c2" dependencies = [ "bytes", "encoding_rs", @@ -1729,7 +1712,7 @@ dependencies = [ "log", "memchr", "mime", - "spin 0.9.6", + "spin 0.9.7", "tokio", "tokio-util", "version_check", @@ -1863,9 +1846,9 @@ checksum = "b7e5500299e16ebb147ae15a00a942af264cf3688f47923b8fc2cd5858f23ad3" [[package]] name = "openssl" -version = "0.10.48" +version = "0.10.49" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "518915b97df115dd36109bfa429a48b8f737bd05508cf9588977b599648926d2" +checksum = "4d2f106ab837a24e03672c59b1239669a0596406ff657c3c0835b6b7f0f35a33" dependencies = [ "bitflags 1.3.2", "cfg-if", @@ -1878,13 +1861,13 @@ dependencies = [ [[package]] name = "openssl-macros" -version = "0.1.0" +version = "0.1.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b501e44f11665960c7e7fcf062c7d96a14ade4aa98116c004b2e37b5be7d736c" +checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.13", ] [[package]] @@ -1904,11 +1887,10 @@ dependencies = [ [[package]] name = "openssl-sys" -version = "0.9.83" +version = "0.9.84" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "666416d899cf077260dac8698d60a60b435a46d57e82acb1be3d0dad87284e5b" +checksum = "3a20eace9dc2d82904039cb76dcf50fb1a0bba071cfd1629720b5d6f1ddba0fa" dependencies = [ - "autocfg", "cc", "libc", "openssl-src", @@ -1946,7 +1928,7 @@ checksum = "9069cbb9f99e3a5083476ccb29ceb1de18b9118cafa53e90c9551235de2b9521" dependencies = [ "cfg-if", "libc", - "redox_syscall", + "redox_syscall 0.2.16", "smallvec", "windows-sys 0.45.0", ] @@ -1997,7 +1979,7 @@ dependencies = [ "proc-macro2", "proc-macro2-diagnostics", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -2017,9 +1999,9 @@ checksum = "478c572c3d73181ff3c2539045f6eb99e5491218eae919370993b890cdbdd98e" [[package]] name = "pest" -version = "2.5.6" +version = "2.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8cbd939b234e95d72bc393d51788aec68aeeb5d51e748ca08ff3aad58cb722f7" +checksum = "7b1403e8401ad5dedea73c626b99758535b342502f8d1e361f4a2dd952749122" dependencies = [ "thiserror", "ucd-trie", @@ -2027,9 +2009,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.5.6" +version = "2.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a81186863f3d0a27340815be8f2078dd8050b14cd71913db9fbda795e5f707d7" +checksum = "be99c4c1d2fc2769b1d00239431d711d08f6efedcecb8b6e30707160aee99c15" dependencies = [ "pest", "pest_generator", @@ -2037,22 +2019,22 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.5.6" +version = "2.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75a1ef20bf3193c15ac345acb32e26b3dc3223aff4d77ae4fc5359567683796b" +checksum = "e56094789873daa36164de2e822b3888c6ae4b4f9da555a1103587658c805b1e" dependencies = [ "pest", "pest_meta", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.13", ] [[package]] name = "pest_meta" -version = "2.5.6" +version = "2.5.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5e3b284b1f13a20dc5ebc90aff59a51b8d7137c221131b52a7260c08cbc1cc80" +checksum = "6733073c7cff3d8459fda0e42f13a047870242aed8b509fe98000928975f359e" dependencies = [ "once_cell", "pest", @@ -2178,9 +2160,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.53" +version = "1.0.55" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "ba466839c78239c09faf015484e5cc04860f88242cff4d03eb038f04b4699b73" +checksum = "1d0dd4be24fcdcfeaa12a432d588dc59bbad6cad3510c67e74a2b6b2fc950564" dependencies = [ "unicode-ident", ] @@ -2193,7 +2175,7 @@ checksum = "606c4ba35817e2922a308af55ad51bab3645b59eae5c570d4a6cf07e36bd493b" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", "version_check", "yansi", ] @@ -2311,6 +2293,15 @@ dependencies = [ ] [[package]] +name = "redox_syscall" +version = "0.3.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "567664f262709473930a4bf9e51bf2ebf3348f2e748ccc50dea20646858f8f29" +dependencies = [ + "bitflags 1.3.2", +] + +[[package]] name = "ref-cast" version = "1.0.16" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -2327,7 +2318,7 @@ checksum = "8d2275aab483050ab2a7364c1a46604865ee7d6906684e08db0f090acf74f9e7" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -2358,9 +2349,9 @@ checksum = "f162c6dd7b008981e4d40210aca20b4bd0f9b60ca9271061b07f78537722f2e1" [[package]] name = "reqwest" -version = "0.11.15" +version = "0.11.16" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0ba30cc2c0cd02af1222ed216ba659cdb2f879dfe3181852fe7c50b1d0005949" +checksum = "27b71749df584b7f4cac2c426c127a7c785a5106cc98f7a8feb044115f0fa254" dependencies = [ "async-compression", "base64 0.21.0", @@ -2497,7 +2488,7 @@ dependencies = [ "proc-macro2", "quote", "rocket_http", - "syn 2.0.10", + "syn 2.0.13", "unicode-xid", ] @@ -2554,29 +2545,15 @@ dependencies = [ [[package]] name = "rustix" -version = "0.36.11" +version = "0.37.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "db4165c9963ab29e422d6c26fbc1d37f15bace6b2810221f9d925023480fcf0e" +checksum = "d097081ed288dfe45699b72f5b5d648e5f15d64d900c7080273baa20c16a6849" dependencies = [ "bitflags 1.3.2", - "errno 0.2.8", + "errno", "io-lifetimes", "libc", - "linux-raw-sys 0.1.4", - "windows-sys 0.45.0", -] - -[[package]] -name = "rustix" -version = "0.37.3" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "62b24138615de35e32031d041a09032ef3487a616d901ca4db224e7d557efae2" -dependencies = [ - "bitflags 1.3.2", - "errno 0.3.0", - "io-lifetimes", - "libc", - "linux-raw-sys 0.3.0", + "linux-raw-sys", "windows-sys 0.45.0", ] @@ -2699,9 +2676,9 @@ checksum = "bebd363326d05ec3e2f532ab7660680f3b02130d780c299bca73469d521bc0ed" [[package]] name = "serde" -version = "1.0.158" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "771d4d9c4163ee138805e12c710dd365e4f44be8be0503cb1bb9eb989425d9c9" +checksum = "3c04e8343c3daeec41f58990b9d77068df31209f2af111e059e9fe9646693065" dependencies = [ "serde_derive", ] @@ -2718,20 +2695,20 @@ dependencies = [ [[package]] name = "serde_derive" -version = "1.0.158" +version = "1.0.159" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e801c1712f48475582b7696ac71e0ca34ebb30e09338425384269d9717c62cad" +checksum = "4c614d17805b093df4b147b51339e7e44bf05ef59fba1e45d83500bcfb4d8585" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] name = "serde_json" -version = "1.0.94" +version = "1.0.95" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "1c533a59c9d8a93a09c6ab31f0fd5e5f4dd1b8fc9434804029839884765d04ea" +checksum = "d721eca97ac802aa7777b701877c8004d950fc142651367300d21c1cc0194744" dependencies = [ "itoa", "ryu", @@ -2862,9 +2839,9 @@ checksum = "6e63cff320ae2c57904679ba7cb63280a3dc4613885beafb148ee7bf9aa9042d" [[package]] name = "spin" -version = "0.9.6" +version = "0.9.7" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b5d6e0250b93c8427a177b849d144a96d5acc57006149479403d7861ab721e34" +checksum = "c0959fd6f767df20b231736396e4f602171e00d95205676286e79d4a4eb67bef" [[package]] name = "stable-pattern" @@ -2909,9 +2886,9 @@ dependencies = [ [[package]] name = "syn" -version = "2.0.10" +version = "2.0.13" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5aad1363ed6d37b84299588d62d3a7d95b5a5c2d9aad5c85609fda12afaa1f40" +checksum = "4c9da457c5285ac1f936ebd076af6dac17a61cfe7826f2076b4d015cf47bc8ec" dependencies = [ "proc-macro2", "quote", @@ -2933,15 +2910,15 @@ dependencies = [ [[package]] name = "tempfile" -version = "3.4.0" +version = "3.5.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "af18f7ae1acd354b992402e9ec5864359d693cd8a79dcbef59f76891701c1e95" +checksum = "b9fbec84f381d5795b08656e4912bec604d162bff9291d6189a78f4c8ab87998" dependencies = [ "cfg-if", "fastrand", - "redox_syscall", - "rustix 0.36.11", - "windows-sys 0.42.0", + "redox_syscall 0.3.5", + "rustix", + "windows-sys 0.45.0", ] [[package]] @@ -2970,7 +2947,7 @@ checksum = "f9456a42c5b0d803c8cd86e73dd7cc9edd429499f37a3550d286d5e86720569f" dependencies = [ "proc-macro2", "quote", - "syn 2.0.10", + "syn 2.0.13", ] [[package]] @@ -3038,14 +3015,13 @@ checksum = "1f3ccbac311fea05f86f61904b462b55fb3df8837a366dfc601a0161d0532f20" [[package]] name = "tokio" -version = "1.26.0" +version = "1.27.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "03201d01c3c27a29c8a5cee5b55a93ddae1ccf6f08f65365c2c918f8c1b76f64" +checksum = "d0de47a4eecbe11f498978a9b29d792f0d2692d1dd003650c24c76510e3bc001" dependencies = [ "autocfg", "bytes", "libc", - "memchr", "mio", "num_cpus", "parking_lot", @@ -3058,13 +3034,13 @@ dependencies = [ [[package]] name = "tokio-macros" -version = "1.8.2" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d266c00fde287f55d3f1c3e96c500c362a2b8c695076ec180f27918820bc6df8" +checksum = "61a573bdc87985e9d6ddeed1b3d864e8a302c847e40d647746df2f1de209d1ce" dependencies = [ "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.13", ] [[package]] @@ -3437,6 +3413,7 @@ dependencies = [ "job_scheduler_ng", "jsonwebtoken", "lettre", + "libmimalloc-sys", "libsqlite3-sys", "log", "mimalloc", diff --git a/Cargo.toml b/Cargo.toml @@ -65,12 +65,12 @@ rmpv = "1.0.0" # MessagePack library dashmap = "5.4.0" # Async futures -futures = "0.3.27" -tokio = { version = "1.26.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } +futures = "0.3.28" +tokio = { version = "1.27.0", features = ["rt-multi-thread", "fs", "io-util", "parking_lot", "time", "signal"] } # A generic serialization/deserialization framework -serde = { version = "1.0.158", features = ["derive"] } -serde_json = "1.0.94" +serde = { version = "1.0.159", features = ["derive"] } +serde_json = "1.0.95" # A safe, extensible ORM and Query builder diesel = { version = "2.0.3", features = ["chrono", "r2d2"] } @@ -122,7 +122,7 @@ email_address = "0.2.4" handlebars = { version = "4.3.6", features = ["dir_source"] } # HTTP client (Used for favicons, version check, DUO and HIBP API) -reqwest = { version = "0.11.15", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } +reqwest = { version = "0.11.16", features = ["stream", "json", "gzip", "brotli", "socks", "cookies", "trust-dns"] } # Favicon extraction libraries html5gum = "0.5.2" @@ -152,7 +152,8 @@ semver = "1.0.17" # Allow overriding the default memory allocator # Mainly used for the musl builds, since the default musl malloc is very slow -mimalloc = { version = "0.1.34", features = ["secure"], default-features = false, optional = true } +mimalloc = { version = "=0.1.34", features = ["secure"], default-features = false, optional = true } +libmimalloc-sys = "=0.1.30" which = "4.4.0" # Argon2 library with support for the PHC format diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 @@ -2,40 +2,42 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - -{% set build_stage_base_image = "rust:1.68.1-bullseye" %} +{% set rust_version = "1.68.2" %} +{% set debian_version = "bullseye" %} +{% set alpine_version = "3.17" %} +{% set build_stage_base_image = "rust:%s-%s" % (rust_version, debian_version) %} {% if "alpine" in target_file %} {% if "amd64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.68.1" %} -{% set runtime_stage_base_image = "alpine:3.17" %} +{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-%s" % rust_version %} +{% set runtime_stage_base_image = "alpine:%s" % alpine_version %} {% set package_arch_target = "x86_64-unknown-linux-musl" %} {% elif "armv7" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.68.1" %} -{% set runtime_stage_base_image = "balenalib/armv7hf-alpine:3.17" %} +{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-%s" % rust_version %} +{% set runtime_stage_base_image = "balenalib/armv7hf-alpine:%s" % alpine_version %} {% set package_arch_target = "armv7-unknown-linux-musleabihf" %} {% elif "armv6" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.68.1" %} -{% set runtime_stage_base_image = "balenalib/rpi-alpine:3.17" %} +{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-%s" % rust_version %} +{% set runtime_stage_base_image = "balenalib/rpi-alpine:%s" % alpine_version %} {% set package_arch_target = "arm-unknown-linux-musleabi" %} {% elif "arm64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.68.1" %} -{% set runtime_stage_base_image = "balenalib/aarch64-alpine:3.17" %} +{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-%s" % rust_version %} +{% set runtime_stage_base_image = "balenalib/aarch64-alpine:%s" % alpine_version %} {% set package_arch_target = "aarch64-unknown-linux-musl" %} {% endif %} {% elif "amd64" in target_file %} -{% set runtime_stage_base_image = "debian:bullseye-slim" %} +{% set runtime_stage_base_image = "debian:%s-slim" % debian_version %} {% elif "arm64" in target_file %} -{% set runtime_stage_base_image = "balenalib/aarch64-debian:bullseye" %} +{% set runtime_stage_base_image = "balenalib/aarch64-debian:%s" % debian_version %} {% set package_arch_name = "arm64" %} {% set package_arch_target = "aarch64-unknown-linux-gnu" %} {% set package_cross_compiler = "aarch64-linux-gnu" %} {% elif "armv6" in target_file %} -{% set runtime_stage_base_image = "balenalib/rpi-debian:bullseye" %} +{% set runtime_stage_base_image = "balenalib/rpi-debian:%s" % debian_version %} {% set package_arch_name = "armel" %} {% set package_arch_target = "arm-unknown-linux-gnueabi" %} {% set package_cross_compiler = "arm-linux-gnueabi" %} {% elif "armv7" in target_file %} -{% set runtime_stage_base_image = "balenalib/armv7hf-debian:bullseye" %} +{% set runtime_stage_base_image = "balenalib/armv7hf-debian:%s" % debian_version %} {% set package_arch_name = "armhf" %} {% set package_arch_target = "armv7-unknown-linux-gnueabihf" %} {% set package_cross_compiler = "arm-linux-gnueabihf" %} @@ -108,7 +110,6 @@ RUN dpkg --add-architecture {{ package_arch_name }} \ --no-install-recommends \ gcc-{{ package_cross_compiler }} \ libc6-dev{{ package_arch_prefix }} \ - libcap2-bin \ libmariadb-dev{{ package_arch_prefix }} \ libmariadb-dev-compat{{ package_arch_prefix }} \ libmariadb3{{ package_arch_prefix }} \ @@ -131,7 +132,6 @@ ENV CC_{{ package_arch_target | replace("-", "_") }}="/usr/bin/{{ package_cross_ RUN apt-get update \ && apt-get install -y \ --no-install-recommends \ - libcap2-bin \ libmariadb-dev \ libpq-dev {% endif %} @@ -174,18 +174,6 @@ RUN touch src/main.rs # your actual source files being built RUN {{ mount_rust_cache -}} cargo build --features ${DB} --release{{ package_arch_target_param }} -{% if "buildkit" in target_file %} -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -{% if package_arch_target is defined %} -RUN setcap cap_net_bind_service=+ep target/{{ package_arch_target }}/release/vaultwarden -{% else %} -RUN setcap cap_net_bind_service=+ep target/release/vaultwarden -{% endif %} -{% endif %} - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -45,7 +44,6 @@ RUN mkdir -pv "${CARGO_HOME}" \ RUN apt-get update \ && apt-get install -y \ --no-install-recommends \ - libcap2-bin \ libmariadb-dev \ libpq-dev @@ -79,7 +77,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,7 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=x86_64-unknown-linux-musl - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/amd64/Dockerfile.buildkit b/docker/amd64/Dockerfile.buildkit @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -45,7 +44,6 @@ RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/. RUN apt-get update \ && apt-get install -y \ --no-install-recommends \ - libcap2-bin \ libmariadb-dev \ libpq-dev @@ -79,12 +77,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/amd64/Dockerfile.buildkit.alpine b/docker/amd64/Dockerfile.buildkit.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,12 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=x86_64-unknown-linux-musl -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/x86_64-unknown-linux-musl/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture arm64 \ --no-install-recommends \ gcc-aarch64-linux-gnu \ libc6-dev:arm64 \ - libcap2-bin \ libmariadb-dev:arm64 \ libmariadb-dev-compat:arm64 \ libmariadb3:arm64 \ @@ -98,7 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,7 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=aarch64-unknown-linux-musl - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/arm64/Dockerfile.buildkit b/docker/arm64/Dockerfile.buildkit @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture arm64 \ --no-install-recommends \ gcc-aarch64-linux-gnu \ libc6-dev:arm64 \ - libcap2-bin \ libmariadb-dev:arm64 \ libmariadb-dev-compat:arm64 \ libmariadb3:arm64 \ @@ -98,12 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=aarch64-unknown-linux-gnu -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/aarch64-unknown-linux-gnu/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/arm64/Dockerfile.buildkit.alpine b/docker/arm64/Dockerfile.buildkit.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,12 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=aarch64-unknown-linux-musl -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/aarch64-unknown-linux-musl/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture armel \ --no-install-recommends \ gcc-arm-linux-gnueabi \ libc6-dev:armel \ - libcap2-bin \ libmariadb-dev:armel \ libmariadb-dev-compat:armel \ libmariadb3:armel \ @@ -98,7 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -76,7 +75,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=arm-unknown-linux-musleabi - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv6/Dockerfile.buildkit b/docker/armv6/Dockerfile.buildkit @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture armel \ --no-install-recommends \ gcc-arm-linux-gnueabi \ libc6-dev:armel \ - libcap2-bin \ libmariadb-dev:armel \ libmariadb-dev-compat:armel \ libmariadb3:armel \ @@ -98,12 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=arm-unknown-linux-gnueabi -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/arm-unknown-linux-gnueabi/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv6/Dockerfile.buildkit.alpine b/docker/armv6/Dockerfile.buildkit.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -76,12 +75,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=arm-unknown-linux-musleabi -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/arm-unknown-linux-musleabi/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture armhf \ --no-install-recommends \ gcc-arm-linux-gnueabihf \ libc6-dev:armhf \ - libcap2-bin \ libmariadb-dev:armhf \ libmariadb-dev-compat:armhf \ libmariadb3:armhf \ @@ -98,7 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,7 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN cargo build --features ${DB} --release --target=armv7-unknown-linux-musleabihf - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv7/Dockerfile.buildkit b/docker/armv7/Dockerfile.buildkit @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM rust:1.68.1-bullseye as build +FROM rust:1.68.2-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -48,7 +47,6 @@ RUN dpkg --add-architecture armhf \ --no-install-recommends \ gcc-arm-linux-gnueabihf \ libc6-dev:armhf \ - libcap2-bin \ libmariadb-dev:armhf \ libmariadb-dev-compat:armhf \ libmariadb3:armhf \ @@ -98,12 +96,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=armv7-unknown-linux-gnueabihf -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/armv7-unknown-linux-gnueabihf/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/docker/armv7/Dockerfile.buildkit.alpine b/docker/armv7/Dockerfile.buildkit.alpine @@ -2,7 +2,6 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. - # Using multistage build: # https://docs.docker.com/develop/develop-images/multistage-build/ # https://whitfin.io/speeding-up-rust-docker-builds/ @@ -27,7 +26,7 @@ FROM vaultwarden/web-vault@sha256:aa6ba791911a815ea570ec2ddc59992481c6ba8fbb65eed4f7074b463430d3ee as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.2 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ @@ -74,12 +73,6 @@ RUN touch src/main.rs # your actual source files being built RUN --mount=type=cache,target=/root/.cargo/git --mount=type=cache,target=/root/.cargo/registry cargo build --features ${DB} --release --target=armv7-unknown-linux-musleabihf -# Add the `cap_net_bind_service` capability to allow listening on -# privileged (< 1024) ports even when running as a non-root user. -# This is only done if building with BuildKit; with the legacy -# builder, the `COPY` instruction doesn't carry over capabilities. -RUN setcap cap_net_bind_service=+ep target/armv7-unknown-linux-musleabihf/release/vaultwarden - ######################## RUNTIME IMAGE ######################## # Create a new stage with a minimal image # because we already have a binary built diff --git a/rust-toolchain b/rust-toolchain @@ -1 +1 @@ -1.68.1 +1.68.2