chore: bump dependency versions (#138)

- bump versions of several dependencies
- replace lazy_static in favour of std::sync::LazyLock

Author: empwilli

Cargo.lock

@@ -7,10 +7,10 @@ license = "MIT OR Apache-2.0"
 name = "omnect-cli"
 readme = "README.md"
 repository = "https://github.com/omnect/omnect-cli"
-version = "0.24.13"
+version = "0.24.14"
 
 [dependencies]
-actix-web = "4.4"
+actix-web = "4.9"
 anyhow = "1"
 # switch back to https://github.com/Azure/azure-sdk-for-rust.git as soon as
 # https://github.com/Azure/azure-sdk-for-rust/pull/1636
@@ -26,31 +26,30 @@ azure_identity = { git = "https://github.com/omnect/azure-sdk-for-rust.git" }
 azure_storage = { git = "https://github.com/omnect/azure-sdk-for-rust.git" }
 azure_storage_blobs = { git = "https://github.com/omnect/azure-sdk-for-rust.git" }
 
-base64 = "0.13"
-bzip2 = "0.4"
-clap = { version = "4.0", features = ["derive"] }
-directories = "5.0"
+base64 = "0.22"
+bzip2 = "0.5"
+clap = { version = "4.5", features = ["derive"] }
+directories = "6.0"
 env_logger = "0.11"
-filemagic = "0.12"
-flate2 = "1.0"
+filemagic = "0.13"
+flate2 = "1.1"
 omnect-crypto = { git = "https://github.com/omnect/omnect-crypto.git", tag = "0.4.0" }
-keyring = "2.0"
-lazy_static = "1.4"
-libfs = "0.5"
+keyring = "3.6"
+libfs = "0.8"
 log = "0.4"
-num_cpus = "1.13"
-oauth2 = "4.4"
-open = "4.1"
-regex = "1.5.5"
-reqwest = { version = "0.11", features = ["json"] }
+num_cpus = "1.16"
+oauth2 = { version = "5.0", features = ["reqwest"] }
+open = "5.3"
+regex = "1.11"
+reqwest = { version = "0.12", features = ["json"] }
 serde = { version = "1.0", features = ["derive"] }
 serde_json = "1.0"
 serde_path_to_error = "0.1"
 sha2 = "0.10"
 stdext = "0.3"
-strum = "0.25"
-strum_macros = "0.25"
-tempfile = "3.10.1"
+strum = "0.27"
+strum_macros = "0.27"
+tempfile = "3.17"
 time = { version = "0.3", features = ["formatting", "serde"] }
 tokio = { version = "1", features = [
     "macros",
@@ -61,19 +60,19 @@ tokio = { version = "1", features = [
     "rt-multi-thread",
 ] }
 toml = "0.8"
-uuid = { version = "0.8", default-features = false, features = ["v4"] }
-url = { version = "2.4" }
-validator = { version = "0.18.1", features = ["derive"] }
+uuid = { version = "1.15", default-features = false, features = ["v4"] }
+url = { version = "2.5" }
+validator = { version = "0.20", features = ["derive"] }
 xz2 = "0.1"
 
 [dev-dependencies]
 assert_cmd = "2.0"
 assert-json-diff = "2.0"
-data-encoding = "2.5"
+data-encoding = "2.8"
 file_diff = "1.0"
-httpmock = "0.6"
+httpmock = "0.7"
 ring = "0.17"
-tar = "0.4.41"
+tar = "0.4"
 
 # metadata for building with cargo-deb (https://crates.io/crates/cargo-deb)
 [package.metadata.deb]

Cargo.toml

@@ -8,7 +8,6 @@ use actix_web::{error, get, web, App, HttpServer};
 use serde::Deserialize;
 
 use oauth2::basic::BasicClient;
-use oauth2::reqwest::async_http_client;
 use oauth2::{
     AuthUrl, AuthorizationCode, ClientId, CsrfToken, PkceCodeChallenge, RedirectUrl, TokenResponse,
     TokenUrl,
@@ -141,13 +140,10 @@ fn store_refresh_token_in_key_ring(auth_info: &AuthInfo, refresh_token: String)
 type Token =
     oauth2::StandardTokenResponse<oauth2::EmptyExtraTokenFields, oauth2::basic::BasicTokenType>;
 async fn request_access_token(auth_info: &AuthInfo) -> Result<Token> {
-    let client = BasicClient::new(
-        ClientId::new(auth_info.client_id.clone()),
-        None,
-        AuthUrl::new(auth_info.auth_url.clone()).unwrap(),
-        Some(TokenUrl::new(auth_info.token_url.clone()).unwrap()),
-    )
-    .set_redirect_uri(RedirectUrl::new(auth_info.redirect_addr.to_string()).unwrap());
+    let client = BasicClient::new(ClientId::new(auth_info.client_id.clone()))
+        .set_auth_uri(AuthUrl::new(auth_info.auth_url.clone()).unwrap())
+        .set_token_uri(TokenUrl::new(auth_info.token_url.clone()).unwrap())
+        .set_redirect_uri(RedirectUrl::new(auth_info.redirect_addr.to_string()).unwrap());
 
     let (pkce_challenge, pkce_verifier) = PkceCodeChallenge::new_random_sha256();
 
@@ -180,29 +176,36 @@ async fn request_access_token(auth_info: &AuthInfo) -> Result<Token> {
     );
     let _ = open::that(auth_url.to_string());
 
+    let async_http_client = oauth2::reqwest::ClientBuilder::new()
+        .redirect(reqwest::redirect::Policy::none())
+        .build()
+        .expect("Failed to request access token: could not create client.");
+
     let auth_code = server_task.await??;
 
     Ok(client
         .exchange_code(AuthorizationCode::new(auth_code))
         .set_pkce_verifier(pkce_verifier)
-        .request_async(async_http_client)
+        .request_async(&async_http_client)
         .await?)
 }
 
 async fn refresh_access_token(auth_info: &AuthInfo) -> Option<Token> {
     let refresh_token = get_refresh_token_from_key_ring(auth_info)?;
     log::debug!("Found refresh token in key ring.");
 
-    let client = BasicClient::new(
-        ClientId::new(auth_info.client_id.clone()),
-        None,
-        AuthUrl::new(auth_info.auth_url.clone()).unwrap(),
-        Some(TokenUrl::new(auth_info.token_url.clone()).unwrap()),
-    );
+    let client = BasicClient::new(ClientId::new(auth_info.client_id.clone()))
+        .set_auth_uri(AuthUrl::new(auth_info.auth_url.clone()).unwrap())
+        .set_token_uri(TokenUrl::new(auth_info.token_url.clone()).unwrap());
+
+    let async_http_client = oauth2::reqwest::ClientBuilder::new()
+        .redirect(reqwest::redirect::Policy::none())
+        .build()
+        .expect("Failed to refresh access token: could not create client.");
 
     let access_token = client
         .exchange_refresh_token(&oauth2::RefreshToken::new(refresh_token))
-        .request_async(async_http_client)
+        .request_async(&async_http_client)
         .await;
 
     access_token.ok()

src/auth.rs

@@ -1,4 +1,5 @@
 use serde::Deserialize;
+use std::sync::LazyLock;
 
 use crate::auth::AuthInfo;
 
@@ -48,21 +49,18 @@ pub struct BackendConfig {
     pub auth: AuthProvider,
 }
 
-lazy_static::lazy_static! {
-    pub static ref AUTH_INFO_PROD: AuthProvider = {
-        let provider = "https://keycloak.omnect.conplement.cloud".to_string();
-        let realm = "cp-prod".to_string();
-        let client_id = "cp-cli".to_string();
-        let bind_addrs = vec!["127.0.0.1:4000".to_string(), "[::1]:4000".to_string()];
-        let redirect = url::Url::parse("http://localhost:4000").unwrap();
+pub static AUTH_INFO_PROD: LazyLock<AuthProvider> = LazyLock::new(|| {
+    let provider = "https://keycloak.omnect.conplement.cloud".to_string();
+    let realm = "cp-prod".to_string();
+    let client_id = "cp-cli".to_string();
+    let bind_addrs = vec!["127.0.0.1:4000".to_string(), "[::1]:4000".to_string()];
+    let redirect = url::Url::parse("http://localhost:4000").unwrap();
 
-        AuthProvider::Keycloak(
-            KeycloakInfo {
-            provider,
-            realm,
-            client_id,
-            bind_addrs,
-            redirect,
-        })
-    };
-}
+    AuthProvider::Keycloak(KeycloakInfo {
+        provider,
+        realm,
+        client_id,
+        bind_addrs,
+        redirect,
+    })
+});

src/config.rs

@@ -3,6 +3,7 @@ use azure_identity::{ClientSecretCredential, TokenCredentialOptions};
 use azure_iot_deviceupdate::DeviceUpdateClient;
 use azure_storage::{shared_access_signature::service_sas::BlobSasPermissions, StorageCredentials};
 use azure_storage_blobs::prelude::{BlobServiceClient, ContainerClient};
+use base64::prelude::*;
 use log::{debug, info};
 use serde::Serialize;
 use sha2::Digest;
@@ -214,10 +215,9 @@ pub async fn import_update(
                 .context("import manifest pah invalid")?
         ))?
         .len();
-    let manifest_sha256 = base64::encode_config(
-        sha2::Sha256::digest(std::fs::read(import_manifest_path).unwrap()),
-        base64::STANDARD,
-    );
+    let manifest_sha256 = BASE64_STANDARD.encode(sha2::Sha256::digest(
+        std::fs::read(import_manifest_path).unwrap(),
+    ));
 
     let manifest: serde_json::Value = serde_json::from_reader(
         OpenOptions::new()
@@ -324,10 +324,9 @@ fn get_file_attributes(file: &Path) -> Result<File> {
 
     let hashes = HashMap::from([(
         "sha256",
-        base64::encode_config(
-            sha2::Sha256::digest(std::fs::read(file).context(format!("cannot read {}", file))?),
-            base64::STANDARD,
-        ),
+        BASE64_STANDARD.encode(sha2::Sha256::digest(
+            std::fs::read(file).context(format!("cannot read {}", file))?,
+        )),
     )]);
 
     Ok(File {

src/device_update.rs

@@ -4,18 +4,16 @@ use crate::file::functions::read_file_from_image;
 use crate::file::functions::Partition;
 use anyhow::{Context, Result};
 use regex::Regex;
+use std::sync::LazyLock;
 
 // NOTE (2024-05-29 Tobias Langer): /etc/os-release is a symlink in our yocto
 // builds. The e2tools-suite cannot handle symlinks so we use its target
 // directly.
 const OS_RELEASE_PATH: &str = "/usr/lib/os-release";
 const OS_RELEASE_PARTITION: Partition = Partition::rootA;
 
-lazy_static::lazy_static! {
-    pub static ref ARCH_REGEX: Regex = {
-        Regex::new(r#"OMNECT_TARGET_ARCH="(?<arch>.*)""#).unwrap()
-    };
-}
+static ARCH_REGEX: LazyLock<Regex> =
+    LazyLock::new(|| Regex::new(r#"OMNECT_TARGET_ARCH="(?<arch>.*)""#).unwrap());
 
 #[allow(non_camel_case_types)]
 pub enum Architecture {

src/image.rs

@@ -1,5 +1,4 @@
 #[macro_use]
-extern crate lazy_static;
 pub mod auth;
 pub mod cli;
 pub mod config;