minor: bump clippy to 1.88 (#1442)

Author: abr-egn

.evergreen/check-clippy.sh

@@ -5,7 +5,7 @@ set -o errexit
 source ./.evergreen/env.sh
 
 # Pin clippy to the latest version. This should be updated when new versions of Rust are released.
-CLIPPY_VERSION=1.85.0
+CLIPPY_VERSION=1.88.0
 
 rustup install $CLIPPY_VERSION
 

src/action/insert_one.rs

@@ -60,7 +60,7 @@ impl<T: Serialize + Send + Sync> crate::sync::Collection<T> {
     }
 }
 
-/// Inserts a document into a collection.  Construct with ['Collection::insert_one`].
+/// Inserts a document into a collection.  Construct with [`Collection::insert_one`].
 #[must_use]
 pub struct InsertOne<'a> {
     coll: CollRef<'a>,

src/action/search_index.rs

@@ -204,7 +204,7 @@ impl<'a> Action for CreateSearchIndex<'a, Single> {
             .await?;
         match names.len() {
             1 => Ok(names.pop().unwrap()),
-            n => Err(Error::internal(format!("expected 1 index name, got {}", n))),
+            n => Err(Error::internal(format!("expected 1 index name, got {n}"))),
         }
     }
 }

src/bson_util.rs

@@ -196,10 +196,7 @@ pub(crate) fn extend_raw_document_buf(
     for result in other.iter() {
         let (k, v) = result?;
         if keys.contains(k) {
-            return Err(Error::internal(format!(
-                "duplicate raw document key {:?}",
-                k
-            )));
+            return Err(Error::internal(format!("duplicate raw document key {k:?}")));
         }
         this.append(k, v.to_raw_bson());
     }

src/checked.rs

@@ -43,7 +43,7 @@ impl<T> Checked<T> {
         value
             .try_into()
             .map(|v| Self(Some(v)))
-            .map_err(|e| crate::error::Error::invalid_argument(format! {"{}", e}))
+            .map_err(|e| crate::error::Error::invalid_argument(format! {"{e}"}))
     }
 
     pub fn get(self) -> crate::error::Result<T> {
@@ -58,7 +58,7 @@ impl<T> Checked<T> {
     {
         self.get().and_then(|v| {
             v.try_into()
-                .map_err(|e| crate::error::Error::invalid_argument(format!("{}", e)))
+                .map_err(|e| crate::error::Error::invalid_argument(format!("{e}")))
         })
     }
 }

src/client.rs

@@ -556,7 +556,7 @@ impl Client {
         state
             .servers()
             .keys()
-            .map(|stream_address| format!("{}", stream_address))
+            .map(|stream_address| format!("{stream_address}"))
             .collect()
     }
 

src/client/auth.rs

@@ -350,24 +350,21 @@ impl AuthMechanism {
             | AuthMechanism::Plain
             | AuthMechanism::MongoDbCr => Err(ErrorKind::Authentication {
                 message: format!(
-                    "Reauthentication for authentication mechanism {:?} is not supported.",
-                    self
+                    "Reauthentication for authentication mechanism {self:?} is not supported."
                 ),
             }
             .into()),
             #[cfg(feature = "gssapi-auth")]
             AuthMechanism::Gssapi => Err(ErrorKind::Authentication {
                 message: format!(
-                    "Reauthentication for authentication mechanism {:?} is not supported.",
-                    self
+                    "Reauthentication for authentication mechanism {self:?} is not supported."
                 ),
             }
             .into()),
             #[cfg(feature = "aws-auth")]
             AuthMechanism::MongoDbAws => Err(ErrorKind::Authentication {
                 message: format!(
-                    "Reauthentication for authentication mechanism {:?} is not supported.",
-                    self
+                    "Reauthentication for authentication mechanism {self:?} is not supported."
                 ),
             }
             .into()),
@@ -407,7 +404,7 @@ impl FromStr for AuthMechanism {
             .into()),
 
             _ => Err(ErrorKind::InvalidArgument {
-                message: format!("invalid mechanism string: {}", str),
+                message: format!("invalid mechanism string: {str}"),
             }
             .into()),
         }

src/client/auth/aws.rs

@@ -352,7 +352,7 @@ impl AwsCredential {
     /// Obtains credentials from the ECS endpoint.
     async fn get_from_ecs(relative_uri: String, http_client: &HttpClient) -> Result<Self> {
         // Use the local IP address that AWS uses for ECS agents.
-        let uri = format!("http://{}/{}", AWS_ECS_IP, relative_uri);
+        let uri = format!("http://{AWS_ECS_IP}/{relative_uri}");
 
         http_client
             .get(&uri)
@@ -364,16 +364,14 @@ impl AwsCredential {
     /// Obtains temporary credentials for an EC2 instance to use for authentication.
     async fn get_from_ec2(http_client: &HttpClient) -> Result<Self> {
         let temporary_token = http_client
-            .put(format!("http://{}/latest/api/token", AWS_EC2_IP))
+            .put(format!("http://{AWS_EC2_IP}/latest/api/token"))
             .headers(&[("X-aws-ec2-metadata-token-ttl-seconds", "30")])
             .send_and_get_string()
             .await
             .map_err(|_| Error::unknown_authentication_error(MECH_NAME))?;
 
-        let role_name_uri = format!(
-            "http://{}/latest/meta-data/iam/security-credentials/",
-            AWS_EC2_IP
-        );
+        let role_name_uri =
+            format!("http://{AWS_EC2_IP}/latest/meta-data/iam/security-credentials/");
 
         let role_name = http_client
             .get(&role_name_uri)
@@ -382,7 +380,7 @@ impl AwsCredential {
             .await
             .map_err(|_| Error::unknown_authentication_error(MECH_NAME))?;
 
-        let credential_uri = format!("{}/{}", role_name_uri, role_name);
+        let credential_uri = format!("{role_name_uri}/{role_name}");
 
         http_client
             .get(&credential_uri)
@@ -407,7 +405,7 @@ impl AwsCredential {
         let token = self
             .session_token
             .as_ref()
-            .map(|s| format!("x-amz-security-token:{}\n", s))
+            .map(|s| format!("x-amz-security-token:{s}\n"))
             .unwrap_or_default();
 
         // Similarly, we need to put "x-amz-security-token" into the list of signed headers if the
@@ -430,7 +428,6 @@ impl AwsCredential {
               x-mongodb-gs2-cb-flag;\
               x-mongodb-server-nonce\
             ",
-            token_signed_header = token_signed_header,
         );
 
         let body = "Action=GetCallerIdentity&Version=2011-06-15";
@@ -446,19 +443,13 @@ impl AwsCredential {
              content-length:43\n\
              content-type:application/x-www-form-urlencoded\n\
              host:{host}\n\
-             x-amz-date:{date}\n\
+             x-amz-date:{date_str}\n\
              {token}\
              x-mongodb-gs2-cb-flag:n\n\
              x-mongodb-server-nonce:{nonce}\n\n\
              {signed_headers}\n\
              {hashed_body}\
              ",
-            host = host,
-            date = date_str,
-            token = token,
-            nonce = nonce,
-            signed_headers = signed_headers,
-            hashed_body = hashed_body,
         );
 
         let hashed_request = hex::encode(Sha256::digest(request.as_bytes()));
@@ -476,14 +467,10 @@ impl AwsCredential {
         let string_to_sign = format!(
             "\
              AWS4-HMAC-SHA256\n\
-             {full_date}\n\
+             {date_str}\n\
              {small_date}/{region}/sts/aws4_request\n\
              {hashed_request}\
             ",
-            full_date = date_str,
-            small_date = small_date,
-            region = region,
-            hashed_request = hashed_request,
         );
 
         let first_hmac_key = format!("AWS4{}", self.secret_access_key);

src/client/auth/oidc.rs

@@ -163,11 +163,10 @@ impl Callback {
         let resource = resource.to_string();
         let client_id = client_id.map(|s| s.to_string());
         let mut url = format!(
-            "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource={}",
-            resource
+            "http://169.254.169.254/metadata/identity/oauth2/token?api-version=2018-02-01&resource={resource}"
         );
         if let Some(ref client_id) = client_id {
-            url.push_str(&format!("&client_id={}", client_id));
+            url.push_str(&format!("&client_id={client_id}"));
         }
         Self::new_function(
             move |_| {
@@ -182,7 +181,7 @@ impl Callback {
                         .map_err(|e| {
                             Error::authentication_error(
                                 MONGODB_OIDC_STR,
-                                &format!("Failed to get access token from Azure IDMS: {}", e),
+                                &format!("Failed to get access token from Azure IDMS: {e}"),
                             )
                         });
                     let response = response?;
@@ -191,7 +190,7 @@ impl Callback {
                         .map_err(|e| {
                             Error::authentication_error(
                                 MONGODB_OIDC_STR,
-                                &format!("Failed to get access token from Azure IDMS: {}", e),
+                                &format!("Failed to get access token from Azure IDMS: {e}"),
                             )
                         })?
                         .to_string();
@@ -200,17 +199,14 @@ impl Callback {
                         .map_err(|e| {
                             Error::authentication_error(
                                 MONGODB_OIDC_STR,
-                                &format!("Failed to get expires_in from Azure IDMS: {}", e),
+                                &format!("Failed to get expires_in from Azure IDMS: {e}"),
                             )
                         })?
                         .parse::<u64>()
                         .map_err(|e| {
                             Error::authentication_error(
                                 MONGODB_OIDC_STR,
-                                &format!(
-                                    "Failed to parse expires_in from Azure IDMS as u64: {}",
-                                    e
-                                ),
+                                &format!("Failed to parse expires_in from Azure IDMS as u64: {e}"),
                             )
                         })?;
                     let expires = Some(Instant::now() + Duration::from_secs(expires_in));
@@ -231,8 +227,7 @@ impl Callback {
     fn gcp_callback(resource: &str) -> Function {
         use futures_util::FutureExt;
         let url = format!(
-            "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience={}",
-            resource
+            "http://metadata/computeMetadata/v1/instance/service-accounts/default/identity?audience={resource}"
         );
         Self::new_function(
             move |_| {
@@ -247,7 +242,7 @@ impl Callback {
                         .map_err(|e| {
                             Error::authentication_error(
                                 MONGODB_OIDC_STR,
-                                &format!("Failed to get access token from GCP IDMS: {}", e),
+                                &format!("Failed to get access token from GCP IDMS: {e}"),
                             )
                         });
                     let access_token = response?;
@@ -732,8 +727,7 @@ fn get_allowed_hosts(mechanism_properties: Option<&Document>) -> Result<Vec<&str
             .map(|host| {
                 host.as_str().ok_or_else(|| {
                     auth_error(format!(
-                        "`{}` must contain only strings",
-                        ALLOWED_HOSTS_PROP_STR
+                        "`{ALLOWED_HOSTS_PROP_STR}` must contain only strings"
                     ))
                 })
             })
@@ -928,41 +922,34 @@ pub(super) fn validate_credential(credential: &Credential) -> Result<()> {
     for k in properties.keys() {
         if VALID_PROPERTIES.iter().all(|p| *p != k) {
             return Err(Error::invalid_argument(format!(
-                "'{}' is not a valid property for {} authentication",
-                k, MONGODB_OIDC_STR,
+                "'{k}' is not a valid property for {MONGODB_OIDC_STR} authentication",
             )));
         }
     }
     let environment = properties.get_str(ENVIRONMENT_PROP_STR);
     if environment.is_ok() && credential.oidc_callback.is_user_provided() {
         return Err(Error::invalid_argument(format!(
-            "OIDC callback cannot be set for {} authentication, if an `{}` is set",
-            MONGODB_OIDC_STR, ENVIRONMENT_PROP_STR
+            "OIDC callback cannot be set for {MONGODB_OIDC_STR} authentication, if an \
+             `{ENVIRONMENT_PROP_STR}` is set"
         )));
     }
     let has_token_resource = properties.contains_key(TOKEN_RESOURCE_PROP_STR);
     match environment {
         Ok(AZURE_ENVIRONMENT_VALUE_STR) | Ok(GCP_ENVIRONMENT_VALUE_STR) => {
             if !has_token_resource {
                 return Err(Error::invalid_argument(format!(
-                    "`{}` must be set for {} authentication in the `{}` or `{}` `{}`",
-                    TOKEN_RESOURCE_PROP_STR,
-                    MONGODB_OIDC_STR,
-                    AZURE_ENVIRONMENT_VALUE_STR,
-                    GCP_ENVIRONMENT_VALUE_STR,
-                    ENVIRONMENT_PROP_STR,
+                    "`{TOKEN_RESOURCE_PROP_STR}` must be set for {MONGODB_OIDC_STR} \
+                     authentication in the `{AZURE_ENVIRONMENT_VALUE_STR}` or \
+                     `{GCP_ENVIRONMENT_VALUE_STR}` `{ENVIRONMENT_PROP_STR}`",
                 )));
             }
         }
         _ => {
             if has_token_resource {
                 return Err(Error::invalid_argument(format!(
-                    "`{}` must not be set for {} authentication unless using the `{}` or `{}` `{}`",
-                    TOKEN_RESOURCE_PROP_STR,
-                    MONGODB_OIDC_STR,
-                    AZURE_ENVIRONMENT_VALUE_STR,
-                    GCP_ENVIRONMENT_VALUE_STR,
-                    ENVIRONMENT_PROP_STR,
+                    "`{TOKEN_RESOURCE_PROP_STR}` must not be set for {MONGODB_OIDC_STR} \
+                     authentication unless using the `{AZURE_ENVIRONMENT_VALUE_STR}` or \
+                     `{GCP_ENVIRONMENT_VALUE_STR}` `{ENVIRONMENT_PROP_STR}`",
                 )));
             }
         }
@@ -983,27 +970,25 @@ pub(super) fn validate_credential(credential: &Credential) -> Result<()> {
         && credential.username.is_some()
     {
         return Err(Error::invalid_argument(format!(
-            "username must not be set for {} authentication in the {} {}",
-            MONGODB_OIDC_STR, TEST_ENVIRONMENT_VALUE_STR, ENVIRONMENT_PROP_STR,
+            "username must not be set for {MONGODB_OIDC_STR} authentication in the \
+             {TEST_ENVIRONMENT_VALUE_STR} {ENVIRONMENT_PROP_STR}",
         )));
     }
     if credential.password.is_some() {
         return Err(Error::invalid_argument(format!(
-            "password must not be set for {} authentication",
-            MONGODB_OIDC_STR
+            "password must not be set for {MONGODB_OIDC_STR} authentication"
         )));
     }
     if let Ok(env) = environment {
         if VALID_ENVIRONMENTS.iter().all(|e| *e != env) {
             return Err(Error::invalid_argument(format!(
-                "unsupported environment for {} authentication: {}",
-                MONGODB_OIDC_STR, env,
+                "unsupported environment for {MONGODB_OIDC_STR} authentication: {env}",
             )));
         }
     }
     if let Some(allowed_hosts) = properties.get(ALLOWED_HOSTS_PROP_STR) {
         allowed_hosts.as_array().ok_or_else(|| {
-            Error::invalid_argument(format!("`{}` must be an array", ALLOWED_HOSTS_PROP_STR))
+            Error::invalid_argument(format!("`{ALLOWED_HOSTS_PROP_STR}` must be an array"))
         })?;
     }
     Ok(())

src/client/auth/scram.rs

@@ -319,7 +319,7 @@ impl ScramVersion {
             ScramVersion::Sha1 => {
                 // nosemgrep: insecure-hashes
                 let mut md5 = Md5::new(); // mongodb rating: No Fix Needed
-                md5.update(format!("{}:mongo:{}", username, password));
+                md5.update(format!("{username}:mongo:{password}"));
                 Cow::Owned(hex::encode(md5.finalize()))
             }
             ScramVersion::Sha256 => match stringprep::saslprep(password) {
@@ -415,8 +415,8 @@ pub(crate) struct ClientFirst {
 impl ClientFirst {
     fn new(source: &str, username: &str, include_db: bool, server_api: Option<ServerApi>) -> Self {
         let nonce = auth::generate_nonce();
-        let gs2_header = format!("{},,", NO_CHANNEL_BINDING);
-        let bare = format!("{}={},{}={}", USERNAME_KEY, username, NONCE_KEY, nonce);
+        let gs2_header = format!("{NO_CHANNEL_BINDING},,");
+        let bare = format!("{USERNAME_KEY}={username},{NONCE_KEY}={nonce}");
         let full = format!("{}{}", &gs2_header, &bare);
         let end = full.len();
         ClientFirst {
@@ -602,7 +602,7 @@ impl ClientFinal {
         let client_proof =
             base64::encode(xor(client_key.as_ref(), client_signature.as_ref()).as_slice());
 
-        let message = format!("{},{}={}", without_proof, PROOF_KEY, client_proof);
+        let message = format!("{without_proof},{PROOF_KEY}={client_proof}");
 
         Ok(ClientFinal {
             source: source.into(),