Skip to content

Bump clap from 3.2.14 to 3.2.20#11

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/clap-3.2.20
Closed

Bump clap from 3.2.14 to 3.2.20#11
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/cargo/clap-3.2.20

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Sep 2, 2022

Bumps clap from 3.2.14 to 3.2.20.

Release notes

Sourced from clap's releases.

v3.2.20

[3.2.20] - 2022-09-02

Features

  • ArgMatches::get_count help for ArgAction::Count
  • ArgMatches::get_flag help for ArgAction::SetTrue / ArgAction::SetFalse

v3.2.19

[3.2.19] - 2022-08-30

Fixes

  • (help) Ensure required arguments for parent commands aren't shown in their subcommands when using args_conflicts_with_subcommand

v3.2.18

[3.2.18] - 2022-08-29

Fixes

  • (help) Command::print_help now respects Command::colored_help
  • (derive) Improved error messages

v3.2.17

[3.2.17] - 2022-08-12

Fixes

  • (derive) Expose #[clap(id = ...)] attribute to match Arg's latest API

v3.2.16

[3.2.16] - 2022-07-30

Fixes

  • Ensure required arguments appear in errors when they are also members of a group (#4004)

v3.2.15

[3.2.15] - 2022-07-25

Features

  • (derive) New default_values_t and default_values_os_t attributes
Changelog

Sourced from clap's changelog.

[3.2.20] - 2022-09-02

Features

  • ArgMatches::get_count help for ArgAction::Count
  • ArgMatches::get_flag help for ArgAction::SetTrue / ArgAction::SetFalse

[3.2.19] - 2022-08-30

Fixes

  • (help) Ensure required arguments for parent commands aren't shown in their subcommands when using args_conflicts_with_subcommand

[3.2.18] - 2022-08-29

Fixes

  • (help) Command::print_help now respects Command::colored_help
  • (derive) Improved error messages

[3.2.17] - 2022-08-12

Fixes

  • (derive) Expose #[clap(id = ...)] attribute to match Arg's latest API

[3.2.16] - 2022-07-30

Fixes

  • Ensure required arguments appear in errors when they are also members of a group (#4004)

[3.2.15] - 2022-07-25

Features

  • (derive) New default_values_t and default_values_os_t attributes
Commits
  • ddcd13b chore: Release
  • 9d35abc docs: Update changelog
  • 39aba08 Merge pull request #4171 from epage/helper2
  • 2d5fea5 feat(parser): Provide convenience for SetTrue
  • d2a1f5a feat(parser): Provide convenience accessor for Counts
  • 3c91438 chore: Release
  • 75f17b6 docs: Update changelog
  • 19c9222 Merge pull request #4146 from Calder-Ty/bugfix/3861_backport
  • f7af765 fix: Add possible vals to man for positional args
  • cf7f1fa chore: Release
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump clap from 3.2.14 to 3.2.20
4a2a134 
Bumps [clap](https://github.com/clap-rs/clap) from 3.2.14 to 3.2.20.
- [Release notes](https://github.com/clap-rs/clap/releases)
- [Changelog](https://github.com/clap-rs/clap/blob/v3.2.20/CHANGELOG.md)
- [Commits](clap-rs/clap@v3.2.14...v3.2.20)

---
updated-dependencies:
- dependency-name: clap
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file rust Pull requests that update Rust code labels Sep 2, 2022
@dependabot dependabot bot mentioned this pull request Sep 2, 2022
Closed
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Sep 12, 2022

Superseded by #12.

@dependabot dependabot bot closed this Sep 12, 2022
@dependabot dependabot bot deleted the dependabot/cargo/clap-3.2.20 branch September 12, 2022 22:04
Bravo555 added a commit that referenced this pull request Apr 23, 2025
@Bravo555
Merge pull request thin-edge#3555 from Bravo555/feat/pkcs11-uri
3821a79 
feat: Key selection using PKCS #11 URI
Bravo555 added a commit that referenced this pull request May 7, 2025
@Bravo555
Use SoftHSM2 for PKCS #11 guide
02dbd54 
Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request May 7, 2025
@Bravo555
Use SoftHSM2 for PKCS #11 guide
22324da 
Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 6, 2025
@Bravo555
[pkcs11]: Parse pin-value in PKCS11 URIs
e8a2d40 
Parse "pin-value" query attribute if it's present in a PKCS 11 URI.

RFC7512 specifies a "pin-value" query attribute that can be used to
provide the PIN value, which we can use to pass it in the request.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 6, 2025
@Bravo555
feat: Pass PKCS11 PIN in a request URI
b265cc2 
Allows the user to provide a PIN value to be used when logging into
PKCS11 token as a query attribute in the URI, e.g. when the following
value is set as `device.key_uri`:

pkcs11:token=mytoken;object=mykey?pin-value=my-pin

tedge-p11-server will attempt to login to the token using `my-pin`
instead of the default PIN tedge-p11-server was started with.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 7, 2025
@Bravo555
[pkcs11]: Parse pin-value in PKCS11 URIs
ca808d3 
Parse "pin-value" query attribute if it's present in a PKCS 11 URI.

RFC7512 specifies a "pin-value" query attribute that can be used to
provide the PIN value, which we can use to pass it in the request.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 7, 2025
@Bravo555
feat: Pass PKCS11 PIN in a request URI
3801fb7 
Allows the user to provide a PIN value to be used when logging into
PKCS11 token as a query attribute in the URI, e.g. when the following
value is set as `device.key_uri`:

pkcs11:token=mytoken;object=mykey?pin-value=my-pin

tedge-p11-server will attempt to login to the token using `my-pin`
instead of the default PIN tedge-p11-server was started with.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 9, 2025
@Bravo555
[pkcs11]: Parse pin-value in PKCS11 URIs
a8dcc12 
Parse "pin-value" query attribute if it's present in a PKCS 11 URI.

RFC7512 specifies a "pin-value" query attribute that can be used to
provide the PIN value, which we can use to pass it in the request.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Bravo555 added a commit that referenced this pull request Oct 9, 2025
@Bravo555
feat: Pass PKCS11 PIN in a request URI
a22b8d2 
Allows the user to provide a PIN value to be used when logging into
PKCS11 token as a query attribute in the URI, e.g. when the following
value is set as `device.key_uri`:

pkcs11:token=mytoken;object=mykey?pin-value=my-pin

tedge-p11-server will attempt to login to the token using `my-pin`
instead of the default PIN tedge-p11-server was started with.

Because it is sensitive, there are security considerations, of interest
to us being this part of the RFC:

> Section 7.5 of [RFC3986] applies since a PKCS #11 URI may be used in
> world-readable command-line arguments to run applications, stored in
> public configuration files, or otherwise used in clear text.  For
> that reason, the "pin-value" attribute should only be used if the URI
> string itself is protected with the same level of security as the
> token PIN itself otherwise is.

In our case, the challenge is in not showing up these values in the
logs. On tedge-p11-server side as soon as we're parsing URI we can put
in in a secrecy wrapper, to not be able to print it from then on, but
there's nothing preventing printing the value before it's parsed on the
server, or on the client making the request.

Signed-off-by: Marcel Guzik <marcel.guzik@cumulocity.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update Rust code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants