element-hq · sandhose · Jul 30, 2025 · Jul 30, 2025 · Jul 30, 2025 · Jul 30, 2025
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -26,6 +26,7 @@ all = { level = "deny", priority = -1 }
 pedantic = { level = "warn", priority = -1 }
 
 str_to_string = "deny"
+too_many_lines = "allow"
 
 [workspace.lints.rustdoc]
 broken_intra_doc_links = "deny"
@@ -154,7 +155,7 @@ version = "0.15.11"
 
 # Cookie store
 [workspace.dependencies.cookie_store]
-version = "0.21.1"
+version = "0.22.0"
 default-features = false
 features = ["serde_json"]
 

diff --git a/crates/axum-utils/src/client_authorization.rs b/crates/axum-utils/src/client_authorization.rs
@@ -368,7 +368,6 @@ where
 {
     type Rejection = ClientAuthorizationError;
 
-    #[allow(clippy::too_many_lines)]
     async fn from_request(
         req: Request<axum::body::Body>,
         state: &S,

diff --git a/crates/cli/src/commands/doctor.rs b/crates/cli/src/commands/doctor.rs
@@ -26,7 +26,6 @@ const DOCS_BASE: &str = "https://element-hq.github.io/matrix-authentication-serv
 pub(super) struct Options {}
 
 impl Options {
-    #[allow(clippy::too_many_lines)]
     pub async fn run(self, figment: &Figment) -> anyhow::Result<ExitCode> {
         let _span = info_span!("cli.doctor").entered();
         info!(

diff --git a/crates/cli/src/commands/manage.rs b/crates/cli/src/commands/manage.rs
@@ -207,7 +207,6 @@ enum Subcommand {
 }
 
 impl Options {
-    #[allow(clippy::too_many_lines)]
     pub async fn run(self, figment: &Figment) -> anyhow::Result<ExitCode> {
         use Subcommand as SC;
         let clock = SystemClock::default();

diff --git a/crates/cli/src/commands/server.rs b/crates/cli/src/commands/server.rs
@@ -55,7 +55,6 @@ pub(super) struct Options {
 }
 
 impl Options {
-    #[allow(clippy::too_many_lines)]
     pub async fn run(self, figment: &Figment) -> anyhow::Result<ExitCode> {
         let span = info_span!("cli.run.init").entered();
         let mut shutdown = LifecycleManager::new()?;

diff --git a/crates/cli/src/commands/syn2mas.rs b/crates/cli/src/commands/syn2mas.rs
@@ -88,7 +88,6 @@ const NUM_WRITER_CONNECTIONS: usize = 8;
 
 impl Options {
     #[tracing::instrument("cli.syn2mas.run", skip_all)]
-    #[allow(clippy::too_many_lines)]
     pub async fn run(self, figment: &Figment) -> anyhow::Result<ExitCode> {
         if self.synapse_configuration_files.is_empty() {
             error!("Please specify the path to the Synapse configuration file(s).");

diff --git a/crates/cli/src/server.rs b/crates/cli/src/server.rs
@@ -205,7 +205,6 @@ async fn log_response_middleware(
     response
 }
 
-#[allow(clippy::too_many_lines)]
 pub fn build_router(
     state: AppState,
     resources: &[HttpResource],

diff --git a/crates/cli/src/telemetry/tokio.rs b/crates/cli/src/telemetry/tokio.rs
@@ -9,7 +9,6 @@ use tokio::runtime::RuntimeMetrics;
 use super::METER;
 
 /// Install metrics for the tokio runtime.
-#[allow(clippy::too_many_lines)]
 pub fn observe(metrics: RuntimeMetrics) {
     {
         let metrics = metrics.clone();

diff --git a/crates/config/src/sections/secrets.rs b/crates/config/src/sections/secrets.rs
@@ -303,6 +303,7 @@ impl ConfigurationSection for SecretsConfig {
 }
 
 impl SecretsConfig {
+    #[expect(clippy::similar_names, reason = "Key type names are very similar")]
     #[tracing::instrument(skip_all)]
     pub(crate) async fn generate<R>(mut rng: R) -> anyhow::Result<Self>
     where

diff --git a/crates/handlers/src/admin/v1/mod.rs b/crates/handlers/src/admin/v1/mod.rs
@@ -27,7 +27,6 @@ mod user_registration_tokens;
 mod user_sessions;
 mod users;
 
-#[allow(clippy::too_many_lines)]
 pub fn router<S>() -> ApiRouter<S>
 where
     S: Clone + Send + Sync + 'static,

diff --git a/crates/handlers/src/lib.rs b/crates/handlers/src/lib.rs
@@ -328,7 +328,6 @@ where
     Router::new().merge(human_router).merge(api_router)
 }
 
-#[allow(clippy::too_many_lines)]
 pub fn human_router<S>(templates: Templates) -> Router<S>
 where
     S: Clone + Send + Sync + 'static,

diff --git a/crates/handlers/src/oauth2/authorization/mod.rs b/crates/handlers/src/oauth2/authorization/mod.rs
@@ -109,7 +109,6 @@ fn resolve_response_mode(
     fields(client.id = %params.auth.client_id),
     skip_all,
 )]
-#[allow(clippy::too_many_lines)]
 pub(crate) async fn get(
     mut rng: BoxRng,
     clock: BoxClock,

diff --git a/crates/handlers/src/oauth2/discovery.rs b/crates/handlers/src/oauth2/discovery.rs
@@ -35,7 +35,6 @@ struct DiscoveryResponse {
 }
 
 #[tracing::instrument(name = "handlers.oauth2.discovery.get", skip_all)]
-#[allow(clippy::too_many_lines)]
 pub(crate) async fn get(
     State(key_store): State<Keystore>,
     State(url_builder): State<UrlBuilder>,

diff --git a/crates/handlers/src/oauth2/introspection.rs b/crates/handlers/src/oauth2/introspection.rs
@@ -215,7 +215,6 @@ const SYNAPSE_ADMIN_SCOPE: ScopeToken = ScopeToken::from_static("urn:synapse:adm
     fields(client.id = credentials.client_id()),
     skip_all,
 )]
-#[allow(clippy::too_many_lines)]
 pub(crate) async fn post(
     clock: BoxClock,
     State(http_client): State<reqwest::Client>,

diff --git a/crates/handlers/src/oauth2/token.rs b/crates/handlers/src/oauth2/token.rs
@@ -409,7 +409,6 @@ pub(crate) async fn post(
     Ok((headers, Json(reply)))
 }
 
-#[allow(clippy::too_many_lines)] // TODO: refactor some parts out
 async fn authorization_code_grant(
     mut rng: &mut BoxRng,
     clock: &impl Clock,
@@ -602,7 +601,6 @@ async fn authorization_code_grant(
     Ok((params, repo))
 }
 
-#[allow(clippy::too_many_lines)]
 async fn refresh_token_grant(
     rng: &mut BoxRng,
     clock: &impl Clock,

diff --git a/crates/handlers/src/passwords.rs b/crates/handlers/src/passwords.rs
@@ -625,7 +625,6 @@ mod tests {
         );
     }
 
-    #[allow(clippy::too_many_lines)]
     #[tokio::test]
     async fn hash_verify_and_upgrade() {
         // Tests the whole password manager, by hashing a password and upgrading it

diff --git a/crates/handlers/src/upstream_oauth2/cache.rs b/crates/handlers/src/upstream_oauth2/cache.rs
@@ -165,6 +165,10 @@ impl MetadataCache {
     ///
     /// This spawns a background task that will refresh the cache at the given
     /// interval.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the warm up task could not be started.
     #[tracing::instrument(name = "metadata_cache.warm_up_and_run", skip_all)]
     pub async fn warm_up_and_run<R: RepositoryAccess>(
         &self,
@@ -237,6 +241,10 @@ impl MetadataCache {
     }
 
     /// Get the metadata for the given issuer.
+    ///
+    /// # Errors
+    ///
+    /// Returns an error if the metadata could not be retrieved.
     #[tracing::instrument(name = "metadata_cache.get", fields(%issuer), skip_all)]
     pub async fn get(
         &self,
@@ -290,8 +298,6 @@ impl MetadataCache {
 
 #[cfg(test)]
 mod tests {
-    #![allow(clippy::too_many_lines)]
-
     // XXX: sadly, we can't test HTTPS requests with wiremock, so we can only test
     // 'insecure' discovery
 

diff --git a/crates/handlers/src/upstream_oauth2/callback.rs b/crates/handlers/src/upstream_oauth2/callback.rs
@@ -168,7 +168,7 @@ impl IntoResponse for RouteError {
     fields(upstream_oauth_provider.id = %provider_id),
     skip_all,
 )]
-#[allow(clippy::too_many_lines, clippy::too_many_arguments)]
+#[allow(clippy::too_many_arguments)]
 pub(crate) async fn handler(
     mut rng: BoxRng,
     clock: BoxClock,

diff --git a/crates/handlers/src/views/register/password.rs b/crates/handlers/src/views/register/password.rs
@@ -119,7 +119,7 @@ pub(crate) async fn get(
 }
 
 #[tracing::instrument(name = "handlers.views.password_register.post", skip_all)]
-#[allow(clippy::too_many_lines, clippy::too_many_arguments)]
+#[allow(clippy::too_many_arguments)]
 pub(crate) async fn post(
     mut rng: BoxRng,
     clock: BoxClock,

diff --git a/crates/i18n/src/sprintf/formatter.rs b/crates/i18n/src/sprintf/formatter.rs
@@ -226,7 +226,7 @@ fn to_precision(number: f64, mut placeholder: Placeholder) -> String {
     }
 }
 
-#[allow(clippy::too_many_lines, clippy::match_same_arms)]
+#[allow(clippy::match_same_arms)]
 fn format_value(value: &Value, placeholder: &Placeholder) -> Result<String, FormatError> {
     match (value, &placeholder.type_specifier) {
         (Value::Number(number), ts @ TypeSpecifier::BinaryNumber) => {

diff --git a/crates/iana-codegen/src/generation.rs b/crates/iana-codegen/src/generation.rs
@@ -169,7 +169,6 @@ pub fn json_schema_impl(
         "{}".to_owned()
     }}
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {{
         let enums = vec!["#,
         section.key, section.key,

diff --git a/crates/iana-codegen/src/main.rs b/crates/iana-codegen/src/main.rs
@@ -71,7 +71,6 @@ impl File {
 }
 
 impl Display for File {
-    #[allow(clippy::too_many_lines)]
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         writeln!(
             f,

diff --git a/crates/iana/src/jose.rs b/crates/iana/src/jose.rs
@@ -148,7 +148,6 @@ impl schemars::JsonSchema for JsonWebSignatureAlg {
         "JsonWebSignatureAlg".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -537,7 +536,6 @@ impl schemars::JsonSchema for JsonWebEncryptionAlg {
         "JsonWebEncryptionAlg".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -887,7 +885,6 @@ impl schemars::JsonSchema for JsonWebEncryptionEnc {
         "JsonWebEncryptionEnc".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1043,7 +1040,6 @@ impl schemars::JsonSchema for JsonWebEncryptionCompressionAlgorithm {
         "JsonWebEncryptionCompressionAlgorithm".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1149,7 +1145,6 @@ impl schemars::JsonSchema for JsonWebKeyType {
         "JsonWebKeyType".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1294,7 +1289,6 @@ impl schemars::JsonSchema for JsonWebKeyEcEllipticCurve {
         "JsonWebKeyEcEllipticCurve".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1439,7 +1433,6 @@ impl schemars::JsonSchema for JsonWebKeyOkpEllipticCurve {
         "JsonWebKeyOkpEllipticCurve".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1574,7 +1567,6 @@ impl schemars::JsonSchema for JsonWebKeyUse {
         "JsonWebKeyUse".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -1713,7 +1705,6 @@ impl schemars::JsonSchema for JsonWebKeyOperation {
         "JsonWebKeyOperation".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---

diff --git a/crates/iana/src/oauth.rs b/crates/iana/src/oauth.rs
@@ -83,7 +83,6 @@ impl schemars::JsonSchema for OAuthAccessTokenType {
         "OAuthAccessTokenType".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -215,7 +214,6 @@ impl schemars::JsonSchema for OAuthAuthorizationEndpointResponseType {
         "OAuthAuthorizationEndpointResponseType".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -351,7 +349,6 @@ impl schemars::JsonSchema for OAuthTokenTypeHint {
         "OAuthTokenTypeHint".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -477,7 +474,6 @@ impl schemars::JsonSchema for OAuthClientAuthenticationMethod {
         "OAuthClientAuthenticationMethod".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---
@@ -602,7 +598,6 @@ impl schemars::JsonSchema for PkceCodeChallengeMethod {
         "PkceCodeChallengeMethod".to_owned()
     }
 
-    #[allow(clippy::too_many_lines)]
     fn json_schema(_gen: &mut schemars::r#gen::SchemaGenerator) -> schemars::schema::Schema {
         let enums = vec![
             // ---

diff --git a/crates/jose/src/jwk/mod.rs b/crates/jose/src/jwk/mod.rs
@@ -413,7 +413,6 @@ mod tests {
         assert_eq!(candidates.len(), 1);
     }
 
-    #[allow(clippy::too_many_lines)]
     #[test]
     fn load_keycloak_keys() {
         let jwks = serde_json::json!({

diff --git a/crates/listener/src/proxy_protocol/v1.rs b/crates/listener/src/proxy_protocol/v1.rs
@@ -52,7 +52,6 @@ impl ParseError {
 }
 
 impl ProxyProtocolV1Info {
-    #[allow(clippy::too_many_lines)]
     pub(super) fn parse<B>(buf: &mut B) -> Result<Self, ParseError>
     where
         B: Buf + AsRef<[u8]>,

diff --git a/crates/listener/src/server.rs b/crates/listener/src/server.rs
@@ -290,7 +290,6 @@ where
     }
 }
 
-#[allow(clippy::too_many_lines)]
 pub async fn run_servers<S, B>(
     listeners: impl IntoIterator<Item = Server<S>>,
     soft_shutdown_token: CancellationToken,

diff --git a/crates/oauth2-types/src/registration/mod.rs b/crates/oauth2-types/src/registration/mod.rs
@@ -440,7 +440,6 @@ impl ClientMetadata {
     /// Will return `Err` if validation fails.
     ///
     /// [OpenID Connect Dynamic Client Registration Spec 1.0]: https://openid.net/specs/openid-connect-registration-1_0.html#ClientMetadata
-    #[allow(clippy::too_many_lines)]
     pub fn validate(self) -> Result<VerifiedClientMetadata, ClientMetadataVerificationError> {
         let grant_types = self.grant_types();
         let has_implicit = grant_types.contains(&GrantType::Implicit);
@@ -994,7 +993,6 @@ mod tests {
     }
 
     #[test]
-    #[allow(clippy::too_many_lines)]
     fn validate_response_types() {
         let mut metadata = valid_client_metadata();
 

diff --git a/crates/oauth2-types/src/response_type.rs b/crates/oauth2-types/src/response_type.rs
@@ -272,7 +272,6 @@ mod tests {
     }
 
     #[test]
-    #[allow(clippy::too_many_lines)]
     fn deserialize_response_type() {
         serde_json::from_str::<ResponseType>("\"\"").unwrap_err();
 

diff --git a/crates/oidc-client/src/types/client_credentials.rs b/crates/oidc-client/src/types/client_credentials.rs
@@ -130,7 +130,6 @@ impl ClientCredentials {
 
     /// Apply these [`ClientCredentials`] to the given request with the given
     /// form.
-    #[allow(clippy::too_many_lines)]
     pub(crate) fn authenticated_form<T: Serialize>(
         &self,
         request: reqwest::RequestBuilder,
-Original file line number
+Diff line change
@@ Expand Up / @@ -272,7 +272,6 @@ mod tests { @@
         }
         #[test]
-        #[allow(clippy::too_many_lines)]
         fn deserialize_response_type() {
             serde_json::from_str::<ResponseType>("\"\"").unwrap_err();
@@ Expand Down @@