From 25ec3317911847620e6059b47217cf9720dfd081 Mon Sep 17 00:00:00 2001 From: Kiril Videlov Date: Tue, 9 Jul 2024 12:11:12 +0200 Subject: [PATCH] move secret module out of core into own crate --- Cargo.lock | 13 +++++++++++++ Cargo.toml | 4 +++- crates/gitbutler-core/src/lib.rs | 1 - crates/gitbutler-core/src/types/mod.rs | 9 --------- crates/gitbutler-core/tests/types/mod.rs | 7 ------- crates/gitbutler-secret/Cargo.toml | 19 +++++++++++++++++++ crates/gitbutler-secret/src/lib.rs | 9 +++++++++ .../src/secret.rs | 2 +- .../src}/sensitive.rs | 2 +- crates/gitbutler-secret/tests/mod.rs | 7 +++++++ crates/gitbutler-tauri/Cargo.toml | 1 + crates/gitbutler-tauri/src/main.rs | 4 ++-- crates/gitbutler-tauri/src/secret.rs | 4 ++-- crates/gitbutler-user/Cargo.toml | 1 + crates/gitbutler-user/src/controller.rs | 2 +- crates/gitbutler-user/src/user.rs | 4 ++-- crates/gitbutler-user/tests/secret/mod.rs | 4 ++-- 17 files changed, 64 insertions(+), 29 deletions(-) create mode 100644 crates/gitbutler-secret/Cargo.toml create mode 100644 crates/gitbutler-secret/src/lib.rs rename crates/{gitbutler-core => gitbutler-secret}/src/secret.rs (99%) rename crates/{gitbutler-core/src/types => gitbutler-secret/src}/sensitive.rs (97%) create mode 100644 crates/gitbutler-secret/tests/mod.rs diff --git a/Cargo.lock b/Cargo.lock index d0ea49213..99a426f01 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2345,6 +2345,17 @@ dependencies = [ "tracing", ] +[[package]] +name = "gitbutler-secret" +version = "0.0.0" +dependencies = [ + "anyhow", + "gix", + "keyring", + "serde", + "tracing", +] + [[package]] name = "gitbutler-serde" version = "0.0.0" @@ -2394,6 +2405,7 @@ dependencies = [ "gitbutler-project", "gitbutler-reference", "gitbutler-repo", + "gitbutler-secret", "gitbutler-testsupport", "gitbutler-user", "gitbutler-virtual", @@ -2449,6 +2461,7 @@ version = "0.0.0" dependencies = [ "anyhow", "gitbutler-core", + "gitbutler-secret", "keyring", "serde", "serde_json", diff --git a/Cargo.toml b/Cargo.toml index ae9c57733..975985678 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -20,7 +20,8 @@ members = [ "crates/gitbutler-branch", "crates/gitbutler-reference", "crates/gitbutler-error", - "crates/gitbutler-serde", + "crates/gitbutler-serde", + "crates/gitbutler-secret", ] resolver = "2" @@ -53,6 +54,7 @@ gitbutler-branch = { path = "crates/gitbutler-branch" } gitbutler-reference = { path = "crates/gitbutler-reference" } gitbutler-error = { path = "crates/gitbutler-error" } gitbutler-serde = { path = "crates/gitbutler-serde" } +gitbutler-secret = { path = "crates/gitbutler-secret" } [profile.release] codegen-units = 1 # Compile crates one after another so the compiler can optimize better diff --git a/crates/gitbutler-core/src/lib.rs b/crates/gitbutler-core/src/lib.rs index bed2f5423..ebeb372d2 100644 --- a/crates/gitbutler-core/src/lib.rs +++ b/crates/gitbutler-core/src/lib.rs @@ -17,7 +17,6 @@ pub mod fs; pub mod git; pub mod id; pub mod path; -pub mod secret; pub mod ssh; pub mod storage; pub mod time; diff --git a/crates/gitbutler-core/src/types/mod.rs b/crates/gitbutler-core/src/types/mod.rs index 82113f4a3..26afe3876 100644 --- a/crates/gitbutler-core/src/types/mod.rs +++ b/crates/gitbutler-core/src/types/mod.rs @@ -1,13 +1,4 @@ pub mod default_true; -/// A type to clearly mark sensitive information using the type-system. As such, it should -/// -/// * *not* be logged -/// * *not* be stored in plain text -/// * *not* be presented in any way unless the user explicitly confirmed it to be displayed. -pub struct Sensitive(pub T); - -mod sensitive; - mod tagged_string; pub use tagged_string::*; diff --git a/crates/gitbutler-core/tests/types/mod.rs b/crates/gitbutler-core/tests/types/mod.rs index 269b6382b..4a0476a09 100644 --- a/crates/gitbutler-core/tests/types/mod.rs +++ b/crates/gitbutler-core/tests/types/mod.rs @@ -1,5 +1,4 @@ use gitbutler_core::types::default_true::DefaultTrue; -use gitbutler_core::types::Sensitive; #[test] #[allow(clippy::bool_assert_comparison)] @@ -18,9 +17,3 @@ fn default_true() { *default_true = false; assert!(!default_true); } - -#[test] -fn sensitive_does_not_debug_print_itself() { - let s = Sensitive("password"); - assert_eq!(format!("{s:?}"), "\"\""); -} diff --git a/crates/gitbutler-secret/Cargo.toml b/crates/gitbutler-secret/Cargo.toml new file mode 100644 index 000000000..f89fb4083 --- /dev/null +++ b/crates/gitbutler-secret/Cargo.toml @@ -0,0 +1,19 @@ +[package] +name = "gitbutler-secret" +version = "0.0.0" +edition = "2021" +authors = ["GitButler "] +publish = false + +[dependencies] +anyhow = "1.0.86" +tracing = "0.1.40" +serde = { workspace = true, features = ["std"]} +gix = { workspace = true, features = ["dirwalk", "credentials", "parallel"] } +keyring.workspace = true + +[[test]] +name="secret" +path = "tests/mod.rs" + +[dev-dependencies] diff --git a/crates/gitbutler-secret/src/lib.rs b/crates/gitbutler-secret/src/lib.rs new file mode 100644 index 000000000..371328a7e --- /dev/null +++ b/crates/gitbutler-secret/src/lib.rs @@ -0,0 +1,9 @@ +pub mod secret; +pub mod sensitive; + +/// A type to clearly mark sensitive information using the type-system. As such, it should +/// +/// * *not* be logged +/// * *not* be stored in plain text +/// * *not* be presented in any way unless the user explicitly confirmed it to be displayed. +pub struct Sensitive(pub T); diff --git a/crates/gitbutler-core/src/secret.rs b/crates/gitbutler-secret/src/secret.rs similarity index 99% rename from crates/gitbutler-core/src/secret.rs rename to crates/gitbutler-secret/src/secret.rs index f46622be9..310e97999 100644 --- a/crates/gitbutler-core/src/secret.rs +++ b/crates/gitbutler-secret/src/secret.rs @@ -3,7 +3,7 @@ //! These are stateless and global, while discouraging storing secrets //! in memory beyond their use. -use crate::types::Sensitive; +use crate::Sensitive; use anyhow::Result; use std::sync::Mutex; diff --git a/crates/gitbutler-core/src/types/sensitive.rs b/crates/gitbutler-secret/src/sensitive.rs similarity index 97% rename from crates/gitbutler-core/src/types/sensitive.rs rename to crates/gitbutler-secret/src/sensitive.rs index a40d75cfd..40e84aa97 100644 --- a/crates/gitbutler-core/src/types/sensitive.rs +++ b/crates/gitbutler-secret/src/sensitive.rs @@ -1,4 +1,4 @@ -use crate::types::Sensitive; +use crate::Sensitive; use serde::{Deserialize, Deserializer, Serialize, Serializer}; use std::ops::{Deref, DerefMut}; diff --git a/crates/gitbutler-secret/tests/mod.rs b/crates/gitbutler-secret/tests/mod.rs new file mode 100644 index 000000000..4cf6ddabe --- /dev/null +++ b/crates/gitbutler-secret/tests/mod.rs @@ -0,0 +1,7 @@ +use gitbutler_secret::Sensitive; + +#[test] +fn sensitive_does_not_debug_print_itself() { + let s = Sensitive("password"); + assert_eq!(format!("{s:?}"), "\"\""); +} diff --git a/crates/gitbutler-tauri/Cargo.toml b/crates/gitbutler-tauri/Cargo.toml index cec8e6e0a..ebdccba38 100644 --- a/crates/gitbutler-tauri/Cargo.toml +++ b/crates/gitbutler-tauri/Cargo.toml @@ -59,6 +59,7 @@ gitbutler-user.workspace = true gitbutler-branch.workspace = true gitbutler-reference.workspace = true gitbutler-error.workspace = true +gitbutler-secret.workspace = true open = "5" [dependencies.tauri] diff --git a/crates/gitbutler-tauri/src/main.rs b/crates/gitbutler-tauri/src/main.rs index d6b3704af..d00b5fc33 100644 --- a/crates/gitbutler-tauri/src/main.rs +++ b/crates/gitbutler-tauri/src/main.rs @@ -25,7 +25,7 @@ use tauri_plugin_log::LogTarget; fn main() { let tauri_context = generate_context!(); - gitbutler_core::secret::set_application_namespace( + gitbutler_secret::secret::set_application_namespace( &tauri_context.config().tauri.bundle.identifier, ); @@ -76,7 +76,7 @@ fn main() { // This isn't an issue for actual release build (i.e. nightly, production), // hence the specific condition. if cfg!(debug_assertions) && cfg!(target_os = "macos") { - gitbutler_core::secret::git_credentials::setup().ok(); + gitbutler_secret::secret::git_credentials::setup().ok(); } // SAFETY(qix-): This is safe because we're initializing the askpass broker here, diff --git a/crates/gitbutler-tauri/src/secret.rs b/crates/gitbutler-tauri/src/secret.rs index a845ed3b9..4b626edc5 100644 --- a/crates/gitbutler-tauri/src/secret.rs +++ b/crates/gitbutler-tauri/src/secret.rs @@ -1,6 +1,6 @@ use crate::error::Error; -use gitbutler_core::secret; -use gitbutler_core::types::Sensitive; +use gitbutler_secret::secret; +use gitbutler_secret::Sensitive; use std::sync::Mutex; use tracing::instrument; diff --git a/crates/gitbutler-user/Cargo.toml b/crates/gitbutler-user/Cargo.toml index b33a4a27d..1886bc0d5 100644 --- a/crates/gitbutler-user/Cargo.toml +++ b/crates/gitbutler-user/Cargo.toml @@ -7,6 +7,7 @@ publish = false [dependencies] gitbutler-core.workspace = true +gitbutler-secret.workspace = true anyhow = "1.0.86" serde = { workspace = true, features = ["std"]} serde_json = { version = "1.0", features = [ "std", "arbitrary_precision" ] } diff --git a/crates/gitbutler-user/src/controller.rs b/crates/gitbutler-user/src/controller.rs index 2b7a4840b..f3c32ebf9 100644 --- a/crates/gitbutler-user/src/controller.rs +++ b/crates/gitbutler-user/src/controller.rs @@ -1,7 +1,7 @@ use super::{storage::Storage, User}; use anyhow::Context; use anyhow::Result; -use gitbutler_core::secret; +use gitbutler_secret::secret; use std::path::PathBuf; /// TODO(ST): rename to `Login` - seems more akin to what it does diff --git a/crates/gitbutler-user/src/user.rs b/crates/gitbutler-user/src/user.rs index 1c24379b7..cb40a5594 100644 --- a/crates/gitbutler-user/src/user.rs +++ b/crates/gitbutler-user/src/user.rs @@ -1,6 +1,6 @@ use anyhow::{Context, Result}; -use gitbutler_core::secret; -use gitbutler_core::types::Sensitive; +use gitbutler_secret::secret; +use gitbutler_secret::Sensitive; use serde::{Deserialize, Serialize}; use std::cell::RefCell; diff --git a/crates/gitbutler-user/tests/secret/mod.rs b/crates/gitbutler-user/tests/secret/mod.rs index 7e1a5480f..0ff30a13e 100644 --- a/crates/gitbutler-user/tests/secret/mod.rs +++ b/crates/gitbutler-user/tests/secret/mod.rs @@ -1,8 +1,8 @@ //! Note that these tests *must* be run in their own process, as they rely on having a deterministic //! credential store. Due to its global nature, tests cannot run in parallel //! (or mixed with parallel tests that set their own credential store) -use gitbutler_core::secret; -use gitbutler_core::types::Sensitive; +use gitbutler_secret::secret; +use gitbutler_secret::Sensitive; use serial_test::serial; #[test]