Merge pull request #34 from openSVM/copilot/fix-c14937b0-5157-4e32-844b-30e9e4603a63

0xrinegade · web-flow · commit 5baa3ce1f031 · 2025-06-12T19:16:38.000+08:00
Fix webpki security vulnerability RUSTSEC-2021-0145 by removing unused dependency
diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml
@@ -17,13 +17,13 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Install Rust
-      uses: actions-rs/toolchain@v1
+      uses: dtolnay/rust-toolchain@stable
       with:
         toolchain: stable
         override: true
 
     - name: Install dependencies
-      run: sudo apt-get update && sudo apt-get install -y libudev-dev
+      run: sudo apt-get update && sudo apt-get install -y libudev-dev pkg-config libssl-dev
 
     - name: Set environment variables
       run: |
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -17,7 +17,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libudev-dev
+        run: sudo apt-get update && sudo apt-get install -y libudev-dev pkg-config libssl-dev
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -56,13 +56,14 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libudev-dev
+        run: sudo apt-get update && sudo apt-get install -y libudev-dev pkg-config libssl-dev
       
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
         with:
           profile: minimal
           toolchain: stable
+      
       - name: Cache dependencies
         uses: actions/cache@v4
         with:
@@ -97,7 +98,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libudev-dev
+        run: sudo apt-get update && sudo apt-get install -y libudev-dev pkg-config libssl-dev
       
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -143,7 +144,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libudev-dev
+        run: sudo apt-get update && sudo apt-get install -y libudev-dev pkg-config libssl-dev
         
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
diff --git a/.github/workflows/cross-platform.yml b/.github/workflows/cross-platform.yml
@@ -24,7 +24,7 @@ jobs:
         if: runner.os == 'linux'
         run: |
           sudo apt-get update
-          sudo apt-get install -y libudev-dev
+          sudo apt-get install -y libudev-dev pkg-config libssl-dev
       
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -17,7 +17,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libusb-1.0-0-dev libudev-dev pkg-config
+        run: sudo apt-get update && sudo apt-get install -y libusb-1.0-0-dev libudev-dev pkg-config libssl-dev
       
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -163,7 +163,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install dependencies
-        run: sudo apt-get update && sudo apt-get install -y libusb-1.0-0-dev libudev-dev pkg-config
+        run: sudo apt-get update && sudo apt-get install -y libusb-1.0-0-dev libudev-dev pkg-config libssl-dev
       
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
diff --git a/Cargo.toml b/Cargo.toml
@@ -6,47 +6,48 @@ license = "WTFPL"
 publish = false
 
 [dependencies]
-bincode = "1.3.3"
-borsh = "1.5.6"
-clap = { version = "4.5.32", features = ["derive", "cargo"] }
+bincode = "2.0.1"
+borsh = "1.5.7"
+clap = { version = "4.5.40", features = ["derive", "cargo"] }
 lazy_static = "1.5.0"
 serde = { version = "1.0.219", features = ["derive"] }
 serde_yaml = "0.9.34"
-solana-clap-utils = "2.2.3"
-solana-cli-config = "2.2.3"
-solana-client = "2.2.3"
+solana-clap-utils = "2.2.7"
+solana-cli-config = "2.2.7"
+solana-client = "2.2.7"
 solana-logger = "2.3.1"
-solana-remote-wallet = { version = "2.2.3", optional = true }
-solana-sdk = "2.2.1"
-tokio = { version = "1.44.1", features = ["full"] }
+solana-remote-wallet = { version = "2.2.7", optional = true }
+solana-sdk = "2.2.2"
+tokio = { version = "1.45.1", features = ["full"] }
 thiserror = "2.0.12"
-ssh2 = "0.9.5"
+ssh2 = { version = "0.9.5", features = ["vendored-openssl"] }
 tabular = "0.2.0"
 prettytable-rs = "0.10.0"
-ratatui = "0.30.0-alpha.2"
-crossterm = "0.28.1"
-chrono = "0.4.40"
-tui-logger = "0.17.0"
-anyhow = "1.0.97"
+ratatui = "0.29.0"
+crossterm = "0.29.0"
+chrono = "0.4.41"
+tui-logger = "0.17.3"
+anyhow = "1.0.98"
 futures = "0.3.31"
-rand = "0.9.0"
+rand = "0.9.1"
 colored = "3.0.0"
 url = "2.5.4"
 serde_json = "1.0.140"
 dirs = "6.0.0"
-webpki = "0.22.4"
+
 
 [dev-dependencies]
-assert_cmd = "2.0.16"
+assert_cmd = "2.0.17"
 predicates = "3.1.3"
-tempfile = "3.19.1"
+tempfile = "3.20.0"
 serial_test = "3.2.0"
 mockito = "1.7.0"
-criterion = "0.5.1"
+criterion = "0.6.0"
 
 [features]
 default = []
 remote-wallet = ["solana-remote-wallet"]
 
 [patch.crates-io]
 curve25519-dalek = { git = "https://github.com/dalek-cryptography/curve25519-dalek", tag = "3.2.0" }
+crunchy = { path = "vendor/crunchy" }
diff --git a/rust-toolchain.toml b/rust-toolchain.toml
@@ -0,0 +1,4 @@
+[toolchain]
+channel = "stable"
+components = ["rustfmt", "clippy"]
+targets = ["x86_64-unknown-linux-gnu", "x86_64-apple-darwin", "x86_64-pc-windows-gnu"]
diff --git a/src/main.rs b/src/main.rs
@@ -30,25 +30,6 @@ struct Config {
     no_color: bool,
 }
 
-// Wrapper type for webpki::Error to implement traits
-#[derive(Debug)]
-struct WebPkiError(webpki::Error);
-
-impl std::fmt::Display for WebPkiError {
-    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
-        write!(f, "WebPkiError: {:?}", self.0)
-    }
-}
-
-impl std::error::Error for WebPkiError {}
-
-// Convert from webpki::Error to WebPkiError
-impl From<webpki::Error> for WebPkiError {
-    fn from(error: webpki::Error) -> Self {
-        WebPkiError(error)
-    }
-}
-
 #[tokio::main]
 async fn main() -> Result<(), Box<dyn std::error::Error>> {
     let app_matches = parse_command_line();
diff --git a/src/prelude.rs b/src/prelude.rs
@@ -15,8 +15,6 @@ pub use crate::utils::dashboard;
 pub use crate::utils::examples;
 // Color formatting utilities
 pub use crate::utils::color;
-// WebPKI error wrapper
-pub use crate::utils::webpki_error;
 
 /// Type alias for progress callback functions
 ///
diff --git a/src/utils/mod.rs b/src/utils/mod.rs
@@ -28,8 +28,6 @@ pub mod ssh_deploy;
 pub mod svm_info;
 
 // External dependency wrappers
-/// Wrapper for webpki::Error to implement std::error::Error trait
-pub mod webpki_error;
 
 /// Loads a YAML configuration file and deserializes it into the specified type
 ///
diff --git a/src/utils/webpki_error.rs b/src/utils/webpki_error.rs
diff --git a/vendor/crunchy/Cargo.toml b/vendor/crunchy/Cargo.toml
@@ -0,0 +1,26 @@
+[package]
+name = "crunchy"
+version = "0.2.3"
+authors = ["Eira Fransham <eira@dali99.co.uk>"]
+license = "MIT"
+description = "Crunchy unroller: deterministically unroll constant loops (fixed for cross-compilation)"
+repository = "https://github.com/eira-fransham/crunchy"
+documentation = "https://docs.rs/crunchy"
+keywords = ["unroll", "loop", "const", "for", "deterministic"]
+categories = ["development-tools", "no-std"]
+edition = "2018"
+exclude = ["CHANGELOG.md"]
+
+[features]
+default = ["limit_128"]
+
+std = []
+
+limit_64 = []
+limit_128 = []
+limit_256 = []
+limit_512 = []
+limit_1024 = []
+limit_2048 = []
+
+[build-dependencies]
diff --git a/vendor/crunchy/README.md b/vendor/crunchy/README.md
@@ -0,0 +1,42 @@
+# Fix for crunchy crate cross-compilation issue
+
+This directory contains a patched version of the `crunchy` crate that fixes a Windows cross-compilation issue.
+
+## Problem
+
+The original `crunchy` v0.2.3 crate has a bug when cross-compiling from Unix systems to Windows targets. 
+The issue is in `src/lib.rs` lines 36-40:
+
+```rust
+#[cfg(target_os = "windows")]
+include!(concat!(env!("OUT_DIR"), "\\lib.rs"));
+
+#[cfg(not(target_os = "windows"))]
+include!(concat!(env!("OUT_DIR"), "/lib.rs"));
+```
+
+When cross-compiling from Linux to Windows, `target_os = "windows"` is true, but the build script runs on Linux, 
+so `OUT_DIR` contains a Linux path like `/home/.../target/x86_64-pc-windows-gnu/debug/build/crunchy-xxx/out`. 
+Appending `\\lib.rs` creates an invalid path: `/home/.../out\lib.rs`.
+
+## Solution
+
+The fix uses forward slashes consistently since the build process always runs on the host system:
+
+```rust
+// Always use forward slash since this runs on the host system during build
+include!(concat!(env!("OUT_DIR"), "/lib.rs"));
+```
+
+## Error Fixed
+
+This resolves the error:
+```
+error: couldn't read `/github/workspace/./target/x86_64-pc-windows-gnu/release/build/crunchy-034bbf831537023a/out\lib.rs`: No such file or directory (os error 2)
+```
+
+## Source
+
+Original crate: https://github.com/eira-fransham/crunchy
+Version: 0.2.3
+License: MIT
diff --git a/vendor/crunchy/build.rs b/vendor/crunchy/build.rs
diff --git a/vendor/crunchy/src/lib.rs b/vendor/crunchy/src/lib.rs
