refactor(auth): Replace module-level lint suppression with field-level attributes and add zeroization tests #60
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…l for targeted scope Co-authored-by: doublegate <[email protected]>
Copilot
AI
changed the title
[WIP] Address feedback on dependency consolidation and GitHub Actions upgrades
refactor(auth): Replace module-level lint suppression with field-level attributes
Jan 10, 2026
doublegate
approved these changes
Jan 10, 2026
Owner
doublegate
left a comment
doublegate
left a comment
There was a problem hiding this comment.
Reviewed / Approved -- DG 1/10
Contributor
There was a problem hiding this comment.
Pull request overview
This PR refactors lint suppression in the SASL authentication module to replace broad module-level #![allow(unused_assignments)] with targeted field-level attributes. Additionally, it removes incorrect #[zeroize(skip)] attributes that were preventing proper memory zeroization of sensitive credential data.
Changes:
- Removed module-level
#![allow(unused_assignments)]from auth.rs - Added field-level
#[allow(unused_assignments)]to fields that trigger the lint due to the Zeroize derive macro - Removed
#[zeroize(skip)]fromSaslCredentials.passwordandSecureString.innerto enable proper security guarantees
Owner
|
@copilot apply changes based on the comments in this thread |
…critical fields Co-authored-by: doublegate <[email protected]>
Copilot
AI
changed the title
refactor(auth): Replace module-level lint suppression with field-level attributes
refactor(auth): Replace module-level lint suppression with field-level attributes and add zeroization tests
Jan 10, 2026
doublegate
approved these changes
Jan 10, 2026
Owner
doublegate
left a comment
doublegate
left a comment
There was a problem hiding this comment.
Reviewed / Approved -- DG 1/10
doublegate
added a commit
that referenced
this pull request
Jan 10, 2026
…grades (closes #24, #46-56) (#59) * chore(deps): Consolidate dependency updates and GitHub Actions upgrades This PR consolidates updates from multiple open dependency PRs: ## Cargo Dependency Updates Applied: - criterion: 0.5.1 -> 0.8.1 (major version, benchmark framework) - ratatui: 0.29.0 -> 0.30.0 (TUI framework with breaking changes) - serde_json: 1.0.145 -> 1.0.148 - rustls-pki-types: 1.0 -> 1.13.2 - tracing: 0.1.43 -> 0.1.44 - tracing-subscriber: 0.3.20 -> 0.3.22 - clap: 4.5.48 -> 4.5.53 - open: 5.0 -> 5.3.3 - regex: 1.12 -> 1.12.1 ## GitHub Actions Updates Applied: - actions/cache: v4 -> v5 - actions/upload-artifact: v5 -> v6 - actions/download-artifact: v6 -> v7 ## Breaking Changes Resolved: - ratatui 0.30: Added `clear_region` method and `Error` type to Backend trait - Fixed clippy warnings in auth.rs (Zeroize derive pattern) - Fixed clippy unnecessary_unwrap in GUI button component ## Excluded from Consolidation: - iced 0.14.0 (PR #45): Extensive breaking changes requiring major GUI refactor - Would require changes to: scrollable API, application API, Style structs, text_input::Status enum, spacing types, and more - Recommended as separate PR for dedicated migration effort ## PRs Already Merged (content in main): - PR #27, #32: Phase 4 scripting documentation already present ## Verification: - Zero compilation errors - Zero clippy warnings (with -D warnings) - 60 unit tests passing - 49 doctests passing - Release build successful Closes #24, #46, #47, #48, #49, #50, #51, #52, #53, #54, #55, #56 Related: #27, #32 (already merged) Excluded: #45 (iced 0.14.0 - breaking changes too extensive) Co-Authored-By: Claude Opus 4.5 <[email protected]> * refactor(auth): Replace module-level lint suppression with field-level attributes and add zeroization tests (#60) * Initial plan * refactor(auth): Move lint suppression from module-level to field-level for targeted scope Co-authored-by: doublegate <[email protected]> * test(auth): Add comprehensive zeroization test coverage for security-critical fields Co-authored-by: doublegate <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: doublegate <[email protected]> * fix(ci): Resolve all failing CI checks for PR #59 - Fix auth.rs formatting: Remove trailing whitespace and format unsafe blocks properly according to rustfmt rules - Fix dependency-review-config.yml: Remove conflicting deny-licenses (cannot have both allow-licenses and deny-licenses), use proper purl format for package specifications (pkg:cargo/package-name) - Fix Windows cargo-nextest timeout: Replace cargo install with taiki-e/install-action pre-built binaries to avoid 10+ minute compilation time that caused timeouts Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): Expand allowed licenses for Dependency Review check Add comprehensive license list for Rust ecosystem compatibility: - Unicode licenses: Unicode-DFS-2016, Unicode-3.0 - Compression: Zlib, zlib-acknowledgement - Mozilla: MPL-2.0 - Boost: BSL-1.0 - LLVM: Apache-2.0 WITH LLVM-exception - OpenSSL, BlueOak-1.0.0, CC-BY-3.0/4.0, WTFPL, Ring, MIT-0, NCSA Add package allowlist for crates with special license definitions: - Unicode crates (unicode-ident, unicode-normalization, etc.) - Cryptography crates (ring, webpki, rustls-webpki) - OpenSSL bindings - lab crate (low OpenSSF scorecard but essential) Remove openssl-sys from deny-packages list. Fixes Dependency Review check failure on PR #59. Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): Remove invalid 'Ring' from allow-licenses list Ring is not a valid SPDX license identifier. The ring crate uses ISC license, which is already in the allow list. The ring package is also in the allow-dependencies-licenses list to ensure it passes checks. Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): add unicode-properties to allow-dependencies-licenses The [email protected] crate uses "MIT/Apache-2.0" as its license string, which is not valid SPDX format (should be "MIT OR Apache-2.0"). GitHub's dependency-review-action cannot validate non-SPDX license strings. Adding the package to allow-dependencies-licenses bypasses the SPDX validation while still allowing the dependency since both MIT and Apache-2.0 are approved licenses. Co-Authored-By: Claude Opus 4.5 <[email protected]> --------- Co-authored-by: Claude Opus 4.5 <[email protected]> Co-authored-by: Copilot <[email protected]> Co-authored-by: doublegate <[email protected]>
doublegate
added a commit
that referenced
this pull request
Jan 10, 2026
…ity fix (#64) * chore(deps): Consolidate dependency updates and GitHub Actions upgrades This PR consolidates updates from multiple open dependency PRs: ## Cargo Dependency Updates Applied: - criterion: 0.5.1 -> 0.8.1 (major version, benchmark framework) - ratatui: 0.29.0 -> 0.30.0 (TUI framework with breaking changes) - serde_json: 1.0.145 -> 1.0.148 - rustls-pki-types: 1.0 -> 1.13.2 - tracing: 0.1.43 -> 0.1.44 - tracing-subscriber: 0.3.20 -> 0.3.22 - clap: 4.5.48 -> 4.5.53 - open: 5.0 -> 5.3.3 - regex: 1.12 -> 1.12.1 ## GitHub Actions Updates Applied: - actions/cache: v4 -> v5 - actions/upload-artifact: v5 -> v6 - actions/download-artifact: v6 -> v7 ## Breaking Changes Resolved: - ratatui 0.30: Added `clear_region` method and `Error` type to Backend trait - Fixed clippy warnings in auth.rs (Zeroize derive pattern) - Fixed clippy unnecessary_unwrap in GUI button component ## Excluded from Consolidation: - iced 0.14.0 (PR #45): Extensive breaking changes requiring major GUI refactor - Would require changes to: scrollable API, application API, Style structs, text_input::Status enum, spacing types, and more - Recommended as separate PR for dedicated migration effort ## PRs Already Merged (content in main): - PR #27, #32: Phase 4 scripting documentation already present ## Verification: - Zero compilation errors - Zero clippy warnings (with -D warnings) - 60 unit tests passing - 49 doctests passing - Release build successful Closes #24, #46, #47, #48, #49, #50, #51, #52, #53, #54, #55, #56 Related: #27, #32 (already merged) Excluded: #45 (iced 0.14.0 - breaking changes too extensive) Co-Authored-By: Claude Opus 4.5 <[email protected]> * refactor(auth): Replace module-level lint suppression with field-level attributes and add zeroization tests (#60) * Initial plan * refactor(auth): Move lint suppression from module-level to field-level for targeted scope Co-authored-by: doublegate <[email protected]> * test(auth): Add comprehensive zeroization test coverage for security-critical fields Co-authored-by: doublegate <[email protected]> --------- Co-authored-by: copilot-swe-agent[bot] <[email protected]> Co-authored-by: doublegate <[email protected]> * fix(ci): Resolve all failing CI checks for PR #59 - Fix auth.rs formatting: Remove trailing whitespace and format unsafe blocks properly according to rustfmt rules - Fix dependency-review-config.yml: Remove conflicting deny-licenses (cannot have both allow-licenses and deny-licenses), use proper purl format for package specifications (pkg:cargo/package-name) - Fix Windows cargo-nextest timeout: Replace cargo install with taiki-e/install-action pre-built binaries to avoid 10+ minute compilation time that caused timeouts Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): Expand allowed licenses for Dependency Review check Add comprehensive license list for Rust ecosystem compatibility: - Unicode licenses: Unicode-DFS-2016, Unicode-3.0 - Compression: Zlib, zlib-acknowledgement - Mozilla: MPL-2.0 - Boost: BSL-1.0 - LLVM: Apache-2.0 WITH LLVM-exception - OpenSSL, BlueOak-1.0.0, CC-BY-3.0/4.0, WTFPL, Ring, MIT-0, NCSA Add package allowlist for crates with special license definitions: - Unicode crates (unicode-ident, unicode-normalization, etc.) - Cryptography crates (ring, webpki, rustls-webpki) - OpenSSL bindings - lab crate (low OpenSSF scorecard but essential) Remove openssl-sys from deny-packages list. Fixes Dependency Review check failure on PR #59. Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): Remove invalid 'Ring' from allow-licenses list Ring is not a valid SPDX license identifier. The ring crate uses ISC license, which is already in the allow list. The ring package is also in the allow-dependencies-licenses list to ensure it passes checks. Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(ci): add unicode-properties to allow-dependencies-licenses The [email protected] crate uses "MIT/Apache-2.0" as its license string, which is not valid SPDX format (should be "MIT OR Apache-2.0"). GitHub's dependency-review-action cannot validate non-SPDX license strings. Adding the package to allow-dependencies-licenses bypasses the SPDX validation while still allowing the dependency since both MIT and Apache-2.0 are approved licenses. Co-Authored-By: Claude Opus 4.5 <[email protected]> * fix(security): Patch RUSTSEC-2026-0002 lru soundness vulnerability Apply security fix for vulnerable lru 0.12.5 in iced_glyphon dependency. Security Fix Applied: - Vendor patched iced_glyphon 0.6.0 with lru updated to 0.16.3 - Add Cargo patch to use vendored version - Resolves RUSTSEC-2026-0002 (IterMut violating Stacked Borrows) Dependency Chain Fixed: rustirc -> rustirc-gui -> iced 0.13.1 -> iced_wgpu -> iced_glyphon -> lru Code Quality Improvements: - Add Default derive to PluginCapabilities (clippy::derivable_impls) - Add dead_code allows for reserved Phase 4+ fields in ScriptApi Related to PR #45 (iced 0.14.0). Full iced migration deferred as it requires 82+ breaking API changes - recommended for separate PR. PRs #27, #32 superseded - Phase 4 documentation already in main branch. Co-Authored-By: Claude Opus 4.5 <[email protected]> --------- Co-authored-by: Claude Opus 4.5 <[email protected]> Co-authored-by: Copilot <[email protected]> Co-authored-by: doublegate <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pull Request
Description
Replaced overly broad module-level
#![allow(unused_assignments)]with targeted field-level attributes in SASL authentication structs. Also removed incorrect#[zeroize(skip)]attributes that were preventing proper memory zeroization of sensitive credential data. Added comprehensive test coverage to verify security-critical zeroization behavior.Type of Change
Changes Made
#![allow(unused_assignments)]fromcrates/rustirc-core/src/auth.rs#[allow(unused_assignments)]to fields inSaslCredentials(username, password, authzid) andSecureString(inner) that deriveZeroize/ZeroizeOnDrop#[zeroize(skip)]fromSaslCredentials.passwordandSecureString.innerto enable proper memory clearingtest_secure_string_zeroization: VerifiesSecureStringproperly zeroes memorytest_sasl_credentials_zeroization: VerifiesSaslCredentialsproperly zeroes all fieldstest_secure_string_zeroize_on_drop: Compile-time verification ofZeroizeOnDroptrait implementationtest_sasl_credentials_zeroize_on_drop: Compile-time verification ofZeroizeOnDroptrait implementationBefore:
After:
Testing
Test Details
-D warnings: All checks pass, no warnings generatedManuallyDropto safely verify memory is zeroed before deallocationScreenshots (if applicable)
N/A
Performance Impact
Security Considerations
Removing
#[zeroize(skip)]ensures sensitive credential fields are properly cleared from memory on drop. New tests verify this security-critical behavior works correctly.Breaking Changes
Checklist
💡 You can make Copilot smarter by setting up custom instructions, customizing its development environment and configuring Model Context Protocol (MCP) servers. Learn more Copilot coding agent tips in the docs.
Note
Focuses
unused_assignmentslint suppression to specific fields and enables proper zeroization of sensitive data.#![allow(unused_assignments)]fromcrates/rustirc-core/src/auth.rs#[allow(unused_assignments)]toSaslCredentials(username,password,authzid) andSecureString(inner)#[zeroize(skip)]fromSaslCredentials.passwordandSecureString.inner, allowingZeroize/ZeroizeOnDropto clear memoryWritten by Cursor Bugbot for commit 5e7be54. This will update automatically on new commits. Configure here.