From af6bca8109135ad17e7260372f4690957617f584 Mon Sep 17 00:00:00 2001 From: phylum-bot <69485888+phylum-bot@users.noreply.github.com> Date: Mon, 30 Jun 2025 05:36:02 +0000 Subject: [PATCH 1/3] Bump dependencies --- Cargo.lock | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 17d3c3486..99a470509 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -677,9 +677,9 @@ dependencies = [ [[package]] name = "bumpalo" -version = "3.18.1" +version = "3.19.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "793db76d6187cd04dff33004d8e6c9cc4e05cd330500379d2394209271b4aeee" +checksum = "46c5e41b57b8bba42a04676d81cb89e9ee8e859a1a66f80a5a72e1cb76b34d43" dependencies = [ "allocator-api2", ] @@ -3306,9 +3306,9 @@ dependencies = [ [[package]] name = "indexmap" -version = "2.9.0" +version = "2.10.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cea70ddb795996207ad57735b50c5982d8844f38ba9ee5f1aedcfb708a2aa11e" +checksum = "fe4cd85333e22411419a0bcae1297d25e58c9443848b11dc6a86fefe8c78a661" dependencies = [ "equivalent", "hashbrown 0.15.4", @@ -3740,9 +3740,9 @@ checksum = "f9fbbcab51052fe104eb5e5d351cf728d30a5be1fe14d9be8a3b097481fb97de" [[package]] name = "libredox" -version = "0.1.3" +version = "0.1.4" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d" +checksum = "1580801010e535496706ba011c15f8532df6b42297d2e471fec38ceadd8c0638" dependencies = [ "bitflags 2.9.1", "libc", @@ -8176,9 +8176,9 @@ dependencies = [ [[package]] name = "xattr" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0d65cbf2f12c15564212d48f4e3dfb87923d25d611f2aed18f4cb23f0413d89e" +checksum = "af3a19837351dc82ba89f8a125e22a3c475f05aba604acc023d62b2739ae2909" dependencies = [ "libc", "rustix 1.0.7", From 12a1a2ed18d765a9d2b17708c140c4b95843f47c Mon Sep 17 00:00:00 2001 From: Christian Duerr Date: Mon, 30 Jun 2025 17:22:35 +0200 Subject: [PATCH 2/3] Fix clippy warnings --- lockfile/src/cyclonedx.rs | 2 +- lockfile/src/lib.rs | 14 +++++--------- lockfile/src/parse_depfile.rs | 4 ++-- lockfile/src/spdx.rs | 4 ++-- 4 files changed, 10 insertions(+), 14 deletions(-) diff --git a/lockfile/src/cyclonedx.rs b/lockfile/src/cyclonedx.rs index 10ed8d852..97bb56638 100644 --- a/lockfile/src/cyclonedx.rs +++ b/lockfile/src/cyclonedx.rs @@ -261,7 +261,7 @@ mod tests { for path_str in test_paths { let path_buf = PathBuf::from(path_str); let is_lockfile = CycloneDX.is_path_lockfile(&path_buf); - assert!(is_lockfile, "Failed for path: {}", path_str); + assert!(is_lockfile, "Failed for path: {path_str}"); } } diff --git a/lockfile/src/lib.rs b/lockfile/src/lib.rs index ea2715329..3e81707a4 100644 --- a/lockfile/src/lib.rs +++ b/lockfile/src/lib.rs @@ -530,7 +530,7 @@ mod tests { for (file, expected_type) in test_cases { let pkg_type = get_path_format(Path::new(file)); - assert_eq!(pkg_type, Some(*expected_type), "{}", file); + assert_eq!(pkg_type, Some(*expected_type), "{file}"); } } @@ -558,11 +558,10 @@ mod tests { ("cyclonedx", LockfileFormat::CycloneDX), ] { let actual_format = - name.parse().unwrap_or_else(|e| panic!("Could not parse {:?}: {}", name, e)); + name.parse().unwrap_or_else(|e| panic!("Could not parse {name:?}: {e}")); assert_eq!( expected_format, actual_format, - "{:?} should parse as {:?}", - name, expected_format, + "{name:?} should parse as {expected_format:?}", ); } } @@ -591,8 +590,7 @@ mod tests { let actual_name = format.to_string(); assert_eq!( expected_name, &actual_name, - "{:?} should to_string as {:?}", - format, expected_name, + "{format:?} should to_string as {expected_name:?}", ); } } @@ -604,9 +602,7 @@ mod tests { assert_eq!( &expected_name, format.name(), - "{:?}.name() should be {:?}", - format, - expected_name, + "{format:?}.name() should be {expected_name:?}", ); } } diff --git a/lockfile/src/parse_depfile.rs b/lockfile/src/parse_depfile.rs index 914cbceb4..14327f976 100644 --- a/lockfile/src/parse_depfile.rs +++ b/lockfile/src/parse_depfile.rs @@ -119,7 +119,7 @@ fn try_get_packages(path: impl Into, contents: &str) -> Result packages.push(pkg), Err(e) => { if e.is::() { - log::warn!("{:?}", e) + log::warn!("{e:?}") } else { bail!(e) } @@ -732,7 +732,7 @@ mod tests { for path_str in test_paths { let path_buf = PathBuf::from(path_str); let is_lockfile = Spdx.is_path_lockfile(&path_buf); - assert!(is_lockfile, "Failed for path: {}", path_str); + assert!(is_lockfile, "Failed for path: {path_str}"); } } } From a57db1150bb303ed261ca7ffe40c48540de8b109 Mon Sep 17 00:00:00 2001 From: Christian Duerr Date: Mon, 30 Jun 2025 17:43:45 +0200 Subject: [PATCH 3/3] Fix more clippy warnings --- cli/src/api/mod.rs | 8 ++++---- cli/src/auth/server.rs | 10 +++++----- cli/src/bin/phylum.rs | 2 +- cli/src/commands/auth.rs | 2 +- cli/src/commands/extensions/mod.rs | 2 +- cli/src/commands/find_dependency_files.rs | 2 +- cli/src/commands/jobs.rs | 4 ++-- cli/src/commands/project.rs | 8 ++++---- cli/src/format.rs | 12 ++++++------ cli/src/test.rs | 4 ++-- cli/src/update/unix.rs | 6 +++--- cli/tests/extensions/mod.rs | 6 +++--- lockfile/src/parsers/go_mod.rs | 12 ++++++------ 13 files changed, 39 insertions(+), 39 deletions(-) diff --git a/cli/src/api/mod.rs b/cli/src/api/mod.rs index 1a5c3b763..e2320d441 100644 --- a/cli/src/api/mod.rs +++ b/cli/src/api/mod.rs @@ -130,7 +130,7 @@ impl PhylumApi { // here and be done. headers.insert( "Authorization", - HeaderValue::from_str(&format!("Bearer {}", access_token)).unwrap(), + HeaderValue::from_str(&format!("Bearer {access_token}")).unwrap(), ); headers.insert("Accept", HeaderValue::from_str("application/json").unwrap()); @@ -376,7 +376,7 @@ impl PhylumApi { label: label.unwrap_or_else(|| "uncategorized".to_string()), group_name, }; - log::debug!("==> Sending package submission: {:?}", req); + log::debug!("==> Sending package submission: {req:?}"); let resp: SubmitPackageResponse = self.post(endpoints::post_submit_job(&self.config.connection.uri)?, req).await?; Ok(resp.job_id) @@ -451,7 +451,7 @@ impl PhylumApi { && project.organization_name.as_deref() == org && project.group_name.as_deref() == group }) - .ok_or_else(|| anyhow!("No project found with name {:?}", project_name).into()) + .ok_or_else(|| anyhow!("No project found with name {project_name:?}").into()) .map(|project| project.id) } @@ -784,7 +784,7 @@ mod tests { // Request should have been submitted with a bearer token let bearer_token = token_holder.lock().unwrap().take(); - assert_eq!(Some(format!("Bearer {}", DUMMY_ACCESS_TOKEN)), bearer_token); + assert_eq!(Some(format!("Bearer {DUMMY_ACCESS_TOKEN}")), bearer_token); Ok(()) } diff --git a/cli/src/auth/server.rs b/cli/src/auth/server.rs index 08c072167..160ccc14b 100644 --- a/cli/src/auth/server.rs +++ b/cli/src/auth/server.rs @@ -123,10 +123,10 @@ async fn spawn_server_and_get_auth_code( // Get OIDC auth url. let state = state.into(); - let callback_url = Url::parse(&format!("http://{}/", auth_address))?; + let callback_url = Url::parse(&format!("http://{auth_address}/"))?; let authorization_url = build_auth_url(redirect_type, locksmith_settings, &callback_url, code_challenge, &state)?; - debug!("Authorization url is {}", authorization_url); + debug!("Authorization url is {authorization_url}"); // Ensure external auth urls use https, rather than http. let auth_host = authorization_url @@ -162,7 +162,7 @@ async fn spawn_server_and_get_auth_code( let router = Router::new().route("/", get(keycloak_callback_handler)).with_state(state.clone()); // Start server. - debug!("Starting local login server at {:?}", auth_address); + debug!("Starting local login server at {auth_address:?}"); axum::serve(listener, router) .with_graceful_shutdown(async move { notify.notified().await }) .await?; @@ -235,7 +235,7 @@ mod test { let result = handle_auth_flow(AuthAction::Login, None, None, false, &api_uri).await?; - debug!("{:?}", result); + debug!("{result:?}"); Ok(()) } @@ -251,7 +251,7 @@ mod test { let result = handle_auth_flow(AuthAction::Register, None, None, false, &api_uri).await?; - debug!("{:?}", result); + debug!("{result:?}"); Ok(()) } diff --git a/cli/src/bin/phylum.rs b/cli/src/bin/phylum.rs index 0a9edbae4..9baf3513f 100644 --- a/cli/src/bin/phylum.rs +++ b/cli/src/bin/phylum.rs @@ -64,7 +64,7 @@ async fn check_for_updates(config: &mut Config) -> Result<()> { // Update last update check timestamp. config.last_update = Some(now); - config.save().unwrap_or_else(|e| log::error!("Failed to save config: {}", e)); + config.save().unwrap_or_else(|e| log::error!("Failed to save config: {e}")); if update::needs_update(false).await { print::print_update_message(); diff --git a/cli/src/commands/auth.rs b/cli/src/commands/auth.rs index c46de2b73..4b871b427 100644 --- a/cli/src/commands/auth.rs +++ b/cli/src/commands/auth.rs @@ -95,7 +95,7 @@ pub async fn handle_auth_token(config: &Config, matches: &clap::ArgMatches) -> C let api_uri = &config.connection.uri; let access_token = auth::renew_access_token(refresh_token, config.ignore_certs(), api_uri).await?; - println!("{}", access_token); + println!("{access_token}"); Ok(ExitCode::Ok) } else { println!("{refresh_token}"); diff --git a/cli/src/commands/extensions/mod.rs b/cli/src/commands/extensions/mod.rs index 6b48d02ed..e361bf506 100644 --- a/cli/src/commands/extensions/mod.rs +++ b/cli/src/commands/extensions/mod.rs @@ -70,7 +70,7 @@ pub fn add_extensions_subcommands(command: Command) -> Command { let extensions = match installed_extensions() { Ok(extensions) => extensions, Err(e) => { - error!("Couldn't list extensions: {}", e); + error!("Couldn't list extensions: {e}"); return command; }, }; diff --git a/cli/src/commands/find_dependency_files.rs b/cli/src/commands/find_dependency_files.rs index 73e911966..8f1462530 100644 --- a/cli/src/commands/find_dependency_files.rs +++ b/cli/src/commands/find_dependency_files.rs @@ -6,6 +6,6 @@ use crate::commands::{CommandResult, ExitCode}; pub fn handle_command() -> CommandResult { let depfiles = phylum_lockfile::DepFiles::find_at("."); let json = serde_json::to_string(&depfiles)?; - println!("{}", json); + println!("{json}"); Ok(ExitCode::Ok) } diff --git a/cli/src/commands/jobs.rs b/cli/src/commands/jobs.rs index 98f1cdb17..c3ed7f88f 100644 --- a/cli/src/commands/jobs.rs +++ b/cli/src/commands/jobs.rs @@ -180,10 +180,10 @@ pub async fn handle_analyze( jobs_project.group, ) .await?; - debug!("Response => {:?}", job_id); + debug!("Response => {job_id:?}"); if pretty_print { - print_user_success!("Job ID: {}", job_id); + print_user_success!("Job ID: {job_id}"); #[cfg(feature = "vulnreach")] let packages: Vec<_> = packages diff --git a/cli/src/commands/project.rs b/cli/src/commands/project.rs index 0a8c17a56..8793f1803 100644 --- a/cli/src/commands/project.rs +++ b/cli/src/commands/project.rs @@ -112,7 +112,7 @@ async fn handle_create_project( let group = matches.get_one::("group").cloned(); let org = config.org(); - log::info!("Initializing new project: `{}`", project); + log::info!("Initializing new project: `{project}`"); let project_config = create_project(api, project, org.map(|org| org.into()), group.clone(), repository_url) @@ -121,14 +121,14 @@ async fn handle_create_project( Ok(project) => project, Err(PhylumApiError::Response(ResponseError { code: StatusCode::CONFLICT, .. })) => { let formatted_project = format_project_reference(org, group.as_deref(), project, None); - print_user_failure!("Project {} already exists", formatted_project); + print_user_failure!("Project {formatted_project} already exists"); return Ok(ExitCode::AlreadyExists); }, Err(err) => return Err(err.into()), }; config::save_config(Path::new(PROJ_CONF_FILE), &project_config).unwrap_or_else(|err| { - print_user_failure!("Failed to save project file: {}", err); + print_user_failure!("Failed to save project file: {err}"); }); let project_id = Some(project_config.id.to_string()); @@ -307,7 +307,7 @@ async fn handle_link_project( }; config::save_config(Path::new(PROJ_CONF_FILE), &project_config) - .unwrap_or_else(|err| log::error!("Failed to save user credentials to config: {}", err)); + .unwrap_or_else(|err| log::error!("Failed to save user credentials to config: {err}")); let project_id = Some(project_config.id.to_string()); let formatted_project = diff --git a/cli/src/format.rs b/cli/src/format.rs index 00b310032..e50d7fa89 100644 --- a/cli/src/format.rs +++ b/cli/src/format.rs @@ -32,7 +32,7 @@ pub trait Format: Serialize { /// Output JSON format. fn json(&self, writer: &mut W) { let json = serde_json::to_string_pretty(&self).unwrap_or_else(|e| { - log::error!("Failed to serialize json response: {}", e); + log::error!("Failed to serialize json response: {e}"); "".to_string() }); let _ = writeln!(writer, "{json}"); @@ -65,7 +65,7 @@ impl Format for PhylumStatus { ) { let label = style(label).blue(); let _ = match option { - Some(value) => writeln!(writer, "{label}: {}", value), + Some(value) => writeln!(writer, "{label}: {value}"), None => writeln!(writer, "{label}: {}", style("null").italic().green()), }; } @@ -138,7 +138,7 @@ impl Format for PolicyEvaluationResponseRaw { let domain = rejection .source .domain - .map_or_else(|| " ".into(), |domain| format!("[{}]", domain)); + .map_or_else(|| " ".into(), |domain| format!("[{domain}]")); let message = format!("{domain} {}", rejection.title); let colored = match rejection.source.severity { @@ -147,7 +147,7 @@ impl Format for PolicyEvaluationResponseRaw { _ => style(message).red(), }; - let _ = writeln!(writer, " {}", colored); + let _ = writeln!(writer, " {colored}"); } } if !self.dependencies.is_empty() { @@ -156,7 +156,7 @@ impl Format for PolicyEvaluationResponseRaw { // Print web URI for the job results. if let Some(job_link) = &self.job_link { - let _ = writeln!(writer, "You can find the interactive report here:\n {}", job_link); + let _ = writeln!(writer, "You can find the interactive report here:\n {job_link}"); } } } @@ -508,7 +508,7 @@ impl Format for Vulnerability { // Print the callchain as arrow-separated packages. let _ = write!(writer, " {}", path[0]); for package in &path[1..] { - let _ = write!(writer, " {} {}", arrow, package); + let _ = write!(writer, " {arrow} {package}"); } let _ = writeln!(writer); diff --git a/cli/src/test.rs b/cli/src/test.rs index 22e947d06..e2b3dcb21 100644 --- a/cli/src/test.rs +++ b/cli/src/test.rs @@ -121,7 +121,7 @@ pub mod mockito { query_params.get("redirect_uri").expect("redirect_uri not set").to_string(); ResponseTemplate::new(302).insert_header::<&str, &str>( "Location", - &format!("{redirect_uri}/?code={}", DUMMY_AUTH_CODE), + &format!("{redirect_uri}/?code={DUMMY_AUTH_CODE}"), ) }) .mount(&mock_server) @@ -202,7 +202,7 @@ pub mod open { Url::from_str(redirect_uri).expect("Failed to parse redirect_uri"); callback_url.query_pairs_mut().append_pair("code", code).append_pair("state", state); - log::debug!("Calling callback url: {}", callback_url); + log::debug!("Calling callback url: {callback_url}"); // Wait for the server to be up tokio::time::sleep(Duration::from_millis(100)).await; diff --git a/cli/src/update/unix.rs b/cli/src/update/unix.rs index 7ecdd3412..df21ffba4 100644 --- a/cli/src/update/unix.rs +++ b/cli/src/update/unix.rs @@ -33,7 +33,7 @@ pub async fn needs_update(prerelease: bool) -> bool { match updater.get_latest_version(prerelease).await { Ok(latest) => updater.needs_update(CURRENT_VERSION, &latest), Err(e) => { - log::debug!("Failed to get the latest version for update check: {:?}", e); + log::debug!("Failed to get the latest version for update check: {e:?}"); false }, } @@ -150,7 +150,7 @@ impl ApplicationUpdater { self.http_get_json::(&url).await? }; - log::debug!("Found latest version: {:?}", ver); + log::debug!("Found latest version: {ver:?}"); Ok(ver) } @@ -259,7 +259,7 @@ mod tests { let updater = ApplicationUpdater::build_test_instance(mock_server); let latest = updater.get_latest_version(false).await.unwrap(); - log::error!("{:?}", latest); + log::error!("{latest:?}"); assert!("v1.2.3" == latest.tag_name); assert!(updater.needs_update("1.0.2", &latest)); diff --git a/cli/tests/extensions/mod.rs b/cli/tests/extensions/mod.rs index 414e98083..a97b3b70f 100644 --- a/cli/tests/extensions/mod.rs +++ b/cli/tests/extensions/mod.rs @@ -346,11 +346,11 @@ fn fs_sandboxing_success() { let js = format!(" const output = Phylum.runSandboxed({{ cmd: 'cat', - args: ['{}'], - exceptions: {{ run: true, read: ['{0:}'] }}, + args: ['{file_path}'], + exceptions: {{ run: true, read: ['{file_path}'] }}, }}); Deno.exit(output.code); - ", file_path); + "); test_cli .extension(&js) diff --git a/lockfile/src/parsers/go_mod.rs b/lockfile/src/parsers/go_mod.rs index 19714a82c..e4139fadd 100644 --- a/lockfile/src/parsers/go_mod.rs +++ b/lockfile/src/parsers/go_mod.rs @@ -124,26 +124,26 @@ pub fn parse(input: &str) -> IResult<&str, GoDeps> { Ok((input, GoDeps { go: go_directive, modules: packages })) } -fn directive(input: &str) -> IResult<&str, Directive> { +fn directive(input: &str) -> IResult<&str, Directive<'_>> { let (input, _) = take_while(|c: char| c == '\n')(input)?; alt((module_directive, go_directive, require_directive, replace_directive, exclude_directive))( input.trim(), ) } -fn module_directive(input: &str) -> IResult<&str, Directive> { +fn module_directive(input: &str) -> IResult<&str, Directive<'_>> { let (input, module_name) = preceded(tuple((tag("module"), space1)), take_till(|c| c == '\n'))(input)?; Ok((input, Directive::Module(module_name))) } -fn go_directive(input: &str) -> IResult<&str, Directive> { +fn go_directive(input: &str) -> IResult<&str, Directive<'_>> { let (input, go_version) = preceded(tuple((tag("go"), space1)), take_till(|c| c == '\n'))(input)?; Ok((input, Directive::Go(go_version.trim()))) } -fn require_directive(input: &str) -> IResult<&str, Directive> { +fn require_directive(input: &str) -> IResult<&str, Directive<'_>> { let (input, deps) = preceded( tuple((tag("require"), space1)), alt((module_block, map(require_spec, |r| vec![r]))), @@ -167,7 +167,7 @@ fn require_spec(input: &str) -> IResult<&str, Module> { Ok((input, Module { path: module_path.to_string(), version: version.to_string(), indirect })) } -fn replace_directive(input: &str) -> IResult<&str, Directive> { +fn replace_directive(input: &str) -> IResult<&str, Directive<'_>> { preceded(tuple((tag("replace"), space1)), alt((replace_block, map(replace_spec, |r| vec![r]))))( input, ) @@ -212,7 +212,7 @@ fn replace_spec(input: &str) -> IResult<&str, ModuleReplacement> { })) } -fn exclude_directive(input: &str) -> IResult<&str, Directive> { +fn exclude_directive(input: &str) -> IResult<&str, Directive<'_>> { preceded(tuple((tag("exclude"), space1)), alt((module_block, map(require_spec, |r| vec![r]))))( input, )