Brooooooklyn
chore: bump up Rust crate keyring to v3
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| keyring | dependencies | major | 2 -> 3 |
Release Notes
hwchen/keyring-rs (keyring)
v3.2.0: : Improve secret-service handling of targets
As reported in #201 and now fixed in #204, the secret-service credential store implementation could not disambiguate credentials that were created with different targets unless the collections containing those targets had already been unlocked.
The fix for this issue introduces a compatibility break: secret-service credentials created by the keyring v1 implementation, which were readable using platform-independent code in keyring v2, are no longer readable without using platform-specific code in v3. The necessary platform-specific code is very simple, and it has been added to the CLI (both for documentation purposes and to allow the CLI to access v1 credentials). The comments in issue #204 explain why the decision was made to add this secret-service-specific compatibility break; these include the fact that keyring v2 was released 18 months ago so only those users who haven't changed their password in a very long time would still have a v1 credential in their secret-service store.
The README has been updated to address this compatibility break and to provide recommendations for keyring clients who want to update their code to make sure users with old credentials are not impacted.
v3.1.0: : enhance the CLI
As reported in #201, the CLI had a couple of problems:
- It didn't allow empty user names, even on platforms where that's supported.
- Its debugging output on
Ambiguouserrors provided no information about the underlying platform credentials.
The first issue was just a bug, now fixed.
The second issue stemmed from the fact that platform-independent code couldn't get at the details of the underlying platform-specific credentials. To fix this, the CredentialAPI had to be extended to provide access to the underlying platform credential's implementation of the std::fmt::Debug trait, and each of the keying credential stores extended to implement the new API.
To make this API extension backward-compatible, a default implementation was provided that did what the former code did: it revealed nothing. But that allows this release to be a SerVer-compatible dot release, rather than a major release.
v3.0.5: : update docs and clean up dead code
As reported in #132, using the secret-service asynchronously via the keyring wrapper can lead to deadlocks. The docs have been updated to make this clear, and a recommendation has been added to use the sync-secret-service feature so as to avoid any issues related to async runtimes, even if the calling app may already be asynchronous.
While this fix was being made, it was discovered that new clippy lints in Rust 1.80 had been added. These lints revealed some dead code related to windows testing, and some documentation that was "legal" per the markdown spec but slightly ambiguous in intent. Both of these other issues were also fixed.
There are no code changes in this release relative to v3.0.4.
v3.0.4: : expose cross-platform module alias
As reported in #197, there's no way for a client to access an instance of the default credential builder with platform-independent code. This releases fixes that oversight, and provides an example as part of the documentation of the credential module.
v3.0.3: : Fix feature linux-native
Earlier releases didn't correctly use the keyring when the linux-native feature was specified. This release does.
Thanks to @Brooooooklyn for finding this issue!
v3.0.2
- add missing implementations for iOS
set_secretandget_secret
v3.0.1
- add back missing
Synctrait on errors.
v3.0.0
- add
dbus-secret-servicedependency to allow use on *n*x without an async runtime - (API change) rework feature controls on included keystores: now there is a feature for each keystore, and that keystore is included in a build if and only if its feature is specified and the keystore is supported by the target OS.
- (API change) add direct support for setting and reading binary secret data, not just UTF-8 strings.
Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
- [ ] If you want to rebase/retry this PR, check this box
This PR was generated by Mend Renovate. View the repository job log.
![renovate[bot] avatar](https://avatars.githubusercontent.com/in/2740?v=4 "Published by a pub.dev verified publisher"){kind=small}