From 661d88b11f00da845f3031cb0b7edab473a97d4f Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Thu, 10 Jul 2025 17:01:52 +0100 Subject: [PATCH 1/2] versions: Bump oci-spec Try bumping oci-spec to 0.8.1 as it included fixes for vulnerabilities including RUSTSEC-2024-0370 Signed-off-by: stevenhorsman --- src/agent/Cargo.lock | 54 ++++++++++-- src/agent/Cargo.toml | 2 +- src/libs/kata-sys-util/Cargo.toml | 2 +- src/libs/kata-types/Cargo.toml | 2 +- src/libs/protocols/Cargo.toml | 2 +- src/runtime-rs/Cargo.lock | 110 +++++++++++++++++++------ src/runtime-rs/Cargo.toml | 2 +- src/tools/agent-ctl/Cargo.toml | 2 +- src/tools/genpolicy/Cargo.toml | 2 +- src/tools/runk/Cargo.toml | 2 +- src/tools/runk/libcontainer/Cargo.toml | 8 +- 11 files changed, 143 insertions(+), 45 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index d90707db12..f9c8f8d176 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -657,7 +657,7 @@ dependencies = [ "libc", "nix 0.24.3", "notify", - "oci-spec", + "oci-spec 0.6.8", "once_cell", "path-clean", "regex", @@ -2007,8 +2007,8 @@ dependencies = [ "slog-scope", "slog-stdlog", "slog-term", - "strum", - "strum_macros", + "strum 0.26.3", + "strum_macros 0.26.4", "tempfile", "test-utils", "thiserror 1.0.69", @@ -2053,7 +2053,7 @@ dependencies = [ "libc", "mockall", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "once_cell", "pci-ids", "rand", @@ -2080,7 +2080,7 @@ dependencies = [ "hex", "lazy_static", "num_cpus", - "oci-spec", + "oci-spec 0.8.1", "regex", "safe-path", "serde", @@ -2674,11 +2674,28 @@ dependencies = [ "regex", "serde", "serde_json", - "strum", - "strum_macros", + "strum 0.26.3", + "strum_macros 0.26.4", "thiserror 1.0.69", ] +[[package]] +name = "oci-spec" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57e9beda9d92fac7bf4904c34c83340ef1024159faee67179a04e0277523da33" +dependencies = [ + "const_format", + "derive_builder", + "getset", + "regex", + "serde", + "serde_json", + "strum 0.27.1", + "strum_macros 0.27.1", + "thiserror 2.0.12", +] + [[package]] name = "once_cell" version = "1.19.0" @@ -3255,7 +3272,7 @@ name = "protocols" version = "0.1.0" dependencies = [ "async-trait", - "oci-spec", + "oci-spec 0.8.1", "protobuf 3.7.2", "serde", "serde_json", @@ -3659,7 +3676,7 @@ dependencies = [ "libc", "libseccomp", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "path-absolutize", "protobuf 3.7.2", "protocols", @@ -4079,6 +4096,12 @@ version = "0.26.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" +[[package]] +name = "strum" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f64def088c51c9510a8579e3c5d67c65349dcf755e5479ad3d010aa6454e2c32" + [[package]] name = "strum_macros" version = "0.26.4" @@ -4092,6 +4115,19 @@ dependencies = [ "syn 2.0.101", ] +[[package]] +name = "strum_macros" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c77a8c5abcaf0f9ce05d62342b7d298c346515365c36b673df4ebe3ced01fde8" +dependencies = [ + "heck 0.5.0", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.101", +] + [[package]] name = "subprocess" version = "0.2.9" diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index e294a3aacf..95a872955a 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -8,7 +8,7 @@ license = "Apache-2.0" rust-version = "1.85.1" [workspace.dependencies] -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } lazy_static = "1.3.0" ttrpc = { version = "0.8.4", features = ["async"], default-features = false } protobuf = "3.7.2" diff --git a/src/libs/kata-sys-util/Cargo.toml b/src/libs/kata-sys-util/Cargo.toml index a537796cc4..9afad958e8 100644 --- a/src/libs/kata-sys-util/Cargo.toml +++ b/src/libs/kata-sys-util/Cargo.toml @@ -32,7 +32,7 @@ pci-ids = "0.2.5" mockall = "0.13.1" kata-types = { path = "../kata-types" } -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } runtime-spec = { path = "../runtime-spec" } safe-path = { path = "../safe-path" } diff --git a/src/libs/kata-types/Cargo.toml b/src/libs/kata-types/Cargo.toml index 0473ee0426..842b3b8d85 100644 --- a/src/libs/kata-types/Cargo.toml +++ b/src/libs/kata-types/Cargo.toml @@ -31,7 +31,7 @@ sha2 = "0.10.8" flate2 = { version = "1.0", features = ["zlib"] } hex = "0.4" -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } safe-path = { path = "../safe-path" } [dev-dependencies] diff --git a/src/libs/protocols/Cargo.toml b/src/libs/protocols/Cargo.toml index d313a8a8f3..4a2f882db7 100644 --- a/src/libs/protocols/Cargo.toml +++ b/src/libs/protocols/Cargo.toml @@ -16,7 +16,7 @@ async-trait = { version = "0.1.42", optional = true } protobuf = { version = "3.7.2" } serde = { version = "1.0.130", features = ["derive"] } serde_json = "1.0.68" -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } [build-dependencies] ttrpc-codegen = "0.5.0" diff --git a/src/runtime-rs/Cargo.lock b/src/runtime-rs/Cargo.lock index dfa3541603..e18621e9ae 100644 --- a/src/runtime-rs/Cargo.lock +++ b/src/runtime-rs/Cargo.lock @@ -49,7 +49,7 @@ dependencies = [ "log", "logging", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "protobuf 3.7.2", "protocols", "serde", @@ -571,7 +571,7 @@ dependencies = [ "kata-types", "lazy_static", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "persist", "protobuf 3.7.2", "protocols", @@ -601,6 +601,26 @@ dependencies = [ "crossbeam-utils", ] +[[package]] +name = "const_format" +version = "0.2.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "126f97965c8ad46d6d9163268ff28432e8f6a1196a55578867832e3049df63dd" +dependencies = [ + "const_format_proc_macros", +] + +[[package]] +name = "const_format_proc_macros" +version = "0.2.34" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1d57c2eccfb16dbac1f4e61e206105db5820c9d26c3c472bc17c774259ef7744" +dependencies = [ + "proc-macro2", + "quote", + "unicode-xid", +] + [[package]] name = "constant_time_eq" version = "0.3.0" @@ -624,7 +644,7 @@ dependencies = [ "log", "mio 0.8.11", "nix 0.27.1", - "oci-spec", + "oci-spec 0.6.8", "os_pipe", "page_size", "prctl", @@ -1509,14 +1529,14 @@ dependencies = [ [[package]] name = "getset" -version = "0.1.2" +version = "0.1.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e45727250e75cc04ff2846a66397da8ef2b3db8e40e0cef4df67950a07621eb9" +checksum = "9cf0fc11e47561d47397154977bc219f4cf809b2974facc3ccb3b89e2436f912" dependencies = [ - "proc-macro-error", + "proc-macro-error2", "proc-macro2", "quote", - "syn 1.0.109", + "syn 2.0.96", ] [[package]] @@ -1780,7 +1800,7 @@ dependencies = [ "libc", "logging", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "path-clean", "persist", "protobuf 3.7.2", @@ -2088,7 +2108,7 @@ dependencies = [ "libc", "mockall", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "once_cell", "pci-ids", "rand 0.8.5", @@ -2115,7 +2135,7 @@ dependencies = [ "hex", "lazy_static", "num_cpus", - "oci-spec", + "oci-spec 0.8.1", "regex", "safe-path 0.1.0", "serde", @@ -2739,6 +2759,23 @@ dependencies = [ "thiserror 1.0.69", ] +[[package]] +name = "oci-spec" +version = "0.8.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57e9beda9d92fac7bf4904c34c83340ef1024159faee67179a04e0277523da33" +dependencies = [ + "const_format", + "derive_builder", + "getset", + "regex", + "serde", + "serde_json", + "strum 0.27.1", + "strum_macros 0.27.1", + "thiserror 2.0.11", +] + [[package]] name = "once_cell" version = "1.19.0" @@ -3211,27 +3248,25 @@ dependencies = [ ] [[package]] -name = "proc-macro-error" -version = "1.0.4" +name = "proc-macro-error-attr2" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" +checksum = "96de42df36bb9bba5542fe9f1a054b8cc87e172759a1868aa05c1f3acc89dfc5" dependencies = [ - "proc-macro-error-attr", "proc-macro2", "quote", - "syn 1.0.109", - "version_check", ] [[package]] -name = "proc-macro-error-attr" -version = "1.0.4" +name = "proc-macro-error2" +version = "2.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" +checksum = "11ec05c52be0a07b08061f7dd003e7d7092e0472bc731b4af7bb1ef876109802" dependencies = [ + "proc-macro-error-attr2", "proc-macro2", "quote", - "version_check", + "syn 2.0.96", ] [[package]] @@ -3410,7 +3445,7 @@ name = "protocols" version = "0.1.0" dependencies = [ "async-trait", - "oci-spec", + "oci-spec 0.8.1", "protobuf 3.7.2", "serde", "serde_json", @@ -3723,7 +3758,7 @@ dependencies = [ "netlink-sys", "netns-rs", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "persist", "rand 0.8.5", "rtnetlink", @@ -3824,7 +3859,7 @@ dependencies = [ "logging", "netns-rs", "nix 0.25.1", - "oci-spec", + "oci-spec 0.8.1", "opentelemetry", "opentelemetry-jaeger", "persist", @@ -4217,7 +4252,7 @@ dependencies = [ "log", "logging", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "protobuf 3.7.2", "rand 0.8.5", "runtime-spec", @@ -4444,6 +4479,12 @@ version = "0.26.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "8fec0f0aef304996cf250b31b5a10dee7980c85da9d759361292b8bca5a18f06" +[[package]] +name = "strum" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f64def088c51c9510a8579e3c5d67c65349dcf755e5479ad3d010aa6454e2c32" + [[package]] name = "strum_macros" version = "0.24.3" @@ -4470,6 +4511,19 @@ dependencies = [ "syn 2.0.96", ] +[[package]] +name = "strum_macros" +version = "0.27.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c77a8c5abcaf0f9ce05d62342b7d298c346515365c36b673df4ebe3ced01fde8" +dependencies = [ + "heck 0.5.0", + "proc-macro2", + "quote", + "rustversion", + "syn 2.0.96", +] + [[package]] name = "subprocess" version = "0.2.9" @@ -5029,6 +5083,12 @@ version = "1.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1dd624098567895118886609431a7c3b8f516e41d30e0643f03d94592a147e36" +[[package]] +name = "unicode-xid" +version = "0.2.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ebc1c04c71510c7f702b52b7c350734c9ff1295c464a03335b00bb84fc54f853" + [[package]] name = "unix_socket2" version = "0.5.4" @@ -5154,7 +5214,7 @@ dependencies = [ "libc", "logging", "nix 0.24.3", - "oci-spec", + "oci-spec 0.8.1", "persist", "protobuf 3.7.2", "resource", diff --git a/src/runtime-rs/Cargo.toml b/src/runtime-rs/Cargo.toml index 6d8d0d43da..1f87406771 100644 --- a/src/runtime-rs/Cargo.toml +++ b/src/runtime-rs/Cargo.toml @@ -59,7 +59,7 @@ libc = "0.2" log = "0.4.14" netns-rs = "0.1.0" nix = "0.24.2" -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } protobuf = "3.7.2" rand = "0.8.4" serde = { version = "1.0.145", features = ["derive"] } diff --git a/src/tools/agent-ctl/Cargo.toml b/src/tools/agent-ctl/Cargo.toml index 728f549504..5badfbab7e 100644 --- a/src/tools/agent-ctl/Cargo.toml +++ b/src/tools/agent-ctl/Cargo.toml @@ -13,7 +13,7 @@ license = "Apache-2.0" [dependencies] protocols = { path = "../../libs/protocols", features = ["with-serde"] } rustjail = { path = "../../agent/rustjail" } -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } clap = { version = "4.5.40", features = ["derive", "cargo"] } lazy_static = "1.4.0" diff --git a/src/tools/genpolicy/Cargo.toml b/src/tools/genpolicy/Cargo.toml index 1bebc78469..6f76831eab 100644 --- a/src/tools/genpolicy/Cargo.toml +++ b/src/tools/genpolicy/Cargo.toml @@ -52,7 +52,7 @@ serde-transcode = "1.1.1" tokio = { version = "1.38.0", features = ["rt-multi-thread"] } # OCI container specs. -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } # Kata Agent protocol. protocols = { path = "../../libs/protocols", features = ["with-serde"] } diff --git a/src/tools/runk/Cargo.toml b/src/tools/runk/Cargo.toml index de96664127..363dce3d01 100644 --- a/src/tools/runk/Cargo.toml +++ b/src/tools/runk/Cargo.toml @@ -12,7 +12,7 @@ rustjail = { path = "../../agent/rustjail", features = [ "standard-oci-runtime", ] } runtime-spec = { path = "../../libs/runtime-spec" } -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } logging = { path = "../../libs/logging" } liboci-cli = "0.0.4" clap = { version = "4.5.40", features = ["derive", "cargo"] } diff --git a/src/tools/runk/libcontainer/Cargo.toml b/src/tools/runk/libcontainer/Cargo.toml index efe2bb76df..9ce0197a63 100644 --- a/src/tools/runk/libcontainer/Cargo.toml +++ b/src/tools/runk/libcontainer/Cargo.toml @@ -7,9 +7,11 @@ license = "Apache-2.0" edition = "2018" [dependencies] -rustjail = { path = "../../../agent/rustjail", features = ["standard-oci-runtime"] } +rustjail = { path = "../../../agent/rustjail", features = [ + "standard-oci-runtime", +] } runtime-spec = { path = "../../../libs/runtime-spec" } -oci-spec = { version = "0.6.8", features = ["runtime"] } +oci-spec = { version = "0.8.1", features = ["runtime"] } kata-sys-util = { path = "../../../libs/kata-sys-util" } logging = { path = "../../../libs/logging" } derive_builder = "0.10.2" @@ -27,4 +29,4 @@ procfs = "0.14.0" [dev-dependencies] tempfile = "3.19.1" test-utils = { path = "../../../libs/test-utils" } -protocols = { path ="../../../libs/protocols" } +protocols = { path = "../../../libs/protocols" } From 18597588c030752d3907b4d929b5a359e34a80e5 Mon Sep 17 00:00:00 2001 From: stevenhorsman Date: Fri, 11 Jul 2025 08:53:21 +0100 Subject: [PATCH 2/2] agent: Bump cdi version Bump cdi version to the pick up fixes to: - RUSTSEC-2025-0024 - RUSTSEC-2025-0023 - RUSTSEC-2024-0370 Signed-off-by: stevenhorsman --- src/agent/Cargo.lock | 284 +++++++++++++++++++++++-------------------- src/agent/Cargo.toml | 2 +- 2 files changed, 153 insertions(+), 133 deletions(-) diff --git a/src/agent/Cargo.lock b/src/agent/Cargo.lock index f9c8f8d176..4bc41b5a6f 100644 --- a/src/agent/Cargo.lock +++ b/src/agent/Cargo.lock @@ -455,11 +455,11 @@ dependencies = [ [[package]] name = "bit-set" -version = "0.5.3" +version = "0.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0700ddab506f33b20a03b13996eccd309a48e5ff77d0d95926aa0210fb4e95f1" +checksum = "08807e080ed7f9d5433fa9b275196cfc35414f66a0c79d864dc51a0d825231a3" dependencies = [ - "bit-vec", + "bit-vec 0.8.0", ] [[package]] @@ -468,6 +468,12 @@ version = "0.6.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "349f9b6a179ed607305526ca489b34ad0a41aed5f7980fa90eb03160b69598fb" +[[package]] +name = "bit-vec" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e764a1d40d510daf35e07be9eb06e75770908c27d411ee6c92109c9840eaaf7" + [[package]] name = "bitflags" version = "1.3.2" @@ -524,6 +530,12 @@ dependencies = [ "piper", ] +[[package]] +name = "borrow-or-share" +version = "0.2.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3eeab4423108c5d7c744f4d234de88d18d636100093ae04caf4825134b9c3a32" + [[package]] name = "borsh" version = "1.5.7" @@ -647,7 +659,7 @@ dependencies = [ [[package]] name = "cdi" version = "0.1.0" -source = "git+https://github.com/cncf-tags/container-device-interface-rs?rev=fba5677a8e7cc962fc6e495fcec98d7d765e332a#fba5677a8e7cc962fc6e495fcec98d7d765e332a" +source = "git+https://github.com/cncf-tags/container-device-interface-rs?rev=3b1e83dda5efcc83c7a4f134466ec006b37109c9#3b1e83dda5efcc83c7a4f134466ec006b37109c9" dependencies = [ "anyhow", "clap", @@ -657,7 +669,7 @@ dependencies = [ "libc", "nix 0.24.3", "notify", - "oci-spec 0.6.8", + "oci-spec", "once_cell", "path-clean", "regex", @@ -1062,6 +1074,15 @@ version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "48c757948c5ede0e46177b7add2e67155f70e33c07fea8284df6576da70b3719" +[[package]] +name = "email_address" +version = "0.2.9" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e079f19b08ca6239f47f8ba8509c11cf3ea30095831f7fed61441475edd8c449" +dependencies = [ + "serde", +] + [[package]] name = "enumflags2" version = "0.7.11" @@ -1150,9 +1171,9 @@ dependencies = [ [[package]] name = "fancy-regex" -version = "0.13.0" +version = "0.14.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "531e46835a22af56d1e3b66f04844bed63158bc094a628bec1d321d9b4c44bf2" +checksum = "6e24cb5a94bcae1e5408b0effca5cd7172ea3c5755049c5f3af4cd283a165298" dependencies = [ "bit-set", "regex-automata 0.4.9", @@ -1174,18 +1195,6 @@ version = "2.3.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "37909eebbb50d72f9059c3b6d82c0463f2ff062c9e95845c43a6c9c0355411be" -[[package]] -name = "filetime" -version = "0.2.25" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "35c0522e981e68cbfa8c3f978441a5f34b30b96e146b33cd3359176b50fe8586" -dependencies = [ - "cfg-if", - "libc", - "libredox", - "windows-sys 0.59.0", -] - [[package]] name = "fixedbitset" version = "0.2.0" @@ -1212,6 +1221,17 @@ dependencies = [ "bitflags 1.3.2", ] +[[package]] +name = "fluent-uri" +version = "0.3.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1918b65d96df47d3591bed19c5cca17e3fa5d0707318e4b5ef2eae01764df7e5" +dependencies = [ + "borrow-or-share", + "ref-cast", + "serde", +] + [[package]] name = "fnv" version = "1.0.7" @@ -1398,10 +1418,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "335ff9f135e4384c8150d6f27c6daed433577f86b4750418338c01a1a2528592" dependencies = [ "cfg-if", - "js-sys", "libc", "wasi 0.11.0+wasi-snapshot-preview1", - "wasm-bindgen", ] [[package]] @@ -1796,6 +1814,17 @@ dependencies = [ "tokio", ] +[[package]] +name = "inotify" +version = "0.11.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f37dccff2791ab604f9babef0ba14fbe0be30bd368dc541e2b08d07c8aa908f3" +dependencies = [ + "bitflags 2.9.0", + "inotify-sys", + "libc", +] + [[package]] name = "inotify-sys" version = "0.1.5" @@ -1866,15 +1895,6 @@ version = "1.70.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "7943c866cc5cd64cbc25b2e01621d07fa8eb2a1a23160ee81ce38704e97b8ecf" -[[package]] -name = "iso8601" -version = "0.6.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c5c177cff824ab21a6f41079a4c401241c4e8be14f316c4c6b07d5fca351c98d" -dependencies = [ - "nom 8.0.0", -] - [[package]] name = "itertools" version = "0.10.5" @@ -1918,39 +1938,36 @@ version = "0.4.7" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "1c6e529149475ca0b2820835d3dce8fcc41c6b943ca608d32f35b449255e4627" dependencies = [ - "fluent-uri", + "fluent-uri 0.1.4", "serde", "serde_json", ] [[package]] name = "jsonschema" -version = "0.18.3" +version = "0.30.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fa0f4bea31643be4c6a678e9aa4ae44f0db9e5609d5ca9dc9083d06eb3e9a27a" +checksum = "f1b46a0365a611fbf1d2143104dcf910aada96fafd295bab16c60b802bf6fa1d" dependencies = [ "ahash 0.8.12", - "anyhow", "base64 0.22.1", "bytecount", - "clap", + "email_address", "fancy-regex", "fraction", - "getrandom 0.2.16", - "iso8601", + "idna", "itoa", - "memchr", "num-cmp", + "num-traits", "once_cell", - "parking_lot 0.12.3", "percent-encoding", + "referencing", "regex", + "regex-syntax 0.8.5", "reqwest", "serde", "serde_json", - "time", - "url", - "uuid", + "uuid-simd", ] [[package]] @@ -2053,7 +2070,7 @@ dependencies = [ "libc", "mockall", "nix 0.24.3", - "oci-spec 0.8.1", + "oci-spec", "once_cell", "pci-ids", "rand", @@ -2080,7 +2097,7 @@ dependencies = [ "hex", "lazy_static", "num_cpus", - "oci-spec 0.8.1", + "oci-spec", "regex", "safe-path", "serde", @@ -2143,7 +2160,6 @@ checksum = "c0ff37bd590ca25063e35af745c343cb7a0271906fb7b37e4813e8f79f00268d" dependencies = [ "bitflags 2.9.0", "libc", - "redox_syscall 0.5.12", ] [[package]] @@ -2310,18 +2326,6 @@ dependencies = [ "adler2", ] -[[package]] -name = "mio" -version = "0.8.11" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a4a650543ca06a924e8b371db273b2756685faae30f8487da1b56505a8f78b0c" -dependencies = [ - "libc", - "log", - "wasi 0.11.0+wasi-snapshot-preview1", - "windows-sys 0.48.0", -] - [[package]] name = "mio" version = "1.0.3" @@ -2329,6 +2333,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2886843bf800fba2e3377cff24abf6379b4c4d5c6681eaf9ea5b0d15090450bd" dependencies = [ "libc", + "log", "wasi 0.11.0+wasi-snapshot-preview1", "windows-sys 0.52.0", ] @@ -2512,34 +2517,30 @@ dependencies = [ "minimal-lexical", ] -[[package]] -name = "nom" -version = "8.0.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "df9761775871bdef83bee530e60050f7e54b1105350d6884eb0fb4f46c2f9405" -dependencies = [ - "memchr", -] - [[package]] name = "notify" -version = "6.1.1" +version = "8.1.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6205bd8bb1e454ad2e27422015fb5e4f2bcc7e08fa8f27058670d208324a4d2d" +checksum = "3163f59cd3fa0e9ef8c32f242966a7b9994fd7378366099593e0e73077cd8c97" dependencies = [ "bitflags 2.9.0", - "crossbeam-channel", - "filetime", "fsevent-sys", - "inotify", + "inotify 0.11.0", "kqueue", "libc", "log", - "mio 0.8.11", + "mio", + "notify-types", "walkdir", - "windows-sys 0.48.0", + "windows-sys 0.60.2", ] +[[package]] +name = "notify-types" +version = "2.0.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5e0826a989adedc2a244799e823aece04662b66609d96af8dff7ac6df9a8925d" + [[package]] name = "ntapi" version = "0.4.1" @@ -2662,23 +2663,6 @@ dependencies = [ "memchr", ] -[[package]] -name = "oci-spec" -version = "0.6.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3f5a3fe998d50101ae009351fec56d88a69f4ed182e11000e711068c2f5abf72" -dependencies = [ - "derive_builder", - "getset", - "once_cell", - "regex", - "serde", - "serde_json", - "strum 0.26.3", - "strum_macros 0.26.4", - "thiserror 1.0.69", -] - [[package]] name = "oci-spec" version = "0.8.1" @@ -2698,9 +2682,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.19.0" +version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" [[package]] name = "opentelemetry" @@ -2733,10 +2717,10 @@ dependencies = [ ] [[package]] -name = "os_str_bytes" -version = "6.6.1" +name = "outref" +version = "0.5.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e2355d85b9a3786f481747ced0e0ff2ba35213a1f9bd406ed906554d7af805a1" +checksum = "1a80800c0488c3a21695ea981a54918fbb37abf04f4d0720c453632255e2ff0e" [[package]] name = "page_size" @@ -2839,7 +2823,7 @@ version = "0.2.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d88ae3281b415d856e9c2ddbcdd5961e71c1a3e90138512c04d720241853a6af" dependencies = [ - "nom 7.1.3", + "nom", "phf", "phf_codegen", "proc-macro2", @@ -3040,30 +3024,6 @@ dependencies = [ "toml_edit 0.22.26", ] -[[package]] -name = "proc-macro-error" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "da25490ff9892aab3fcf7c36f08cfb902dd3e71ca0f9f9517bea02a73a5ce38c" -dependencies = [ - "proc-macro-error-attr", - "proc-macro2", - "quote", - "syn 1.0.109", - "version_check", -] - -[[package]] -name = "proc-macro-error-attr" -version = "1.0.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" -dependencies = [ - "proc-macro2", - "quote", - "version_check", -] - [[package]] name = "proc-macro-error-attr2" version = "2.0.0" @@ -3272,7 +3232,7 @@ name = "protocols" version = "0.1.0" dependencies = [ "async-trait", - "oci-spec 0.8.1", + "oci-spec", "protobuf 3.7.2", "serde", "serde_json", @@ -3381,10 +3341,44 @@ dependencies = [ ] [[package]] -name = "regex" -version = "1.10.6" +name = "ref-cast" +version = "1.0.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619" +checksum = "4a0ae411dbe946a674d89546582cea4ba2bb8defac896622d6496f14c23ba5cf" +dependencies = [ + "ref-cast-impl", +] + +[[package]] +name = "ref-cast-impl" +version = "1.0.24" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "1165225c21bff1f3bbce98f5a1f889949bc902d3575308cc7b0de30b4f6d27c7" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.101", +] + +[[package]] +name = "referencing" +version = "0.30.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c8eff4fa778b5c2a57e85c5f2fe3a709c52f0e60d23146e2151cbef5893f420e" +dependencies = [ + "ahash 0.8.12", + "fluent-uri 0.3.2", + "once_cell", + "parking_lot 0.12.3", + "percent-encoding", + "serde_json", +] + +[[package]] +name = "regex" +version = "1.11.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b544ef1b4eac5dc2db33ea63606ae9ffcfac26c1416a2806ae0bf5f56b201191" dependencies = [ "aho-corasick", "memchr", @@ -3664,19 +3658,19 @@ dependencies = [ "anyhow", "async-trait", "awaitgroup", - "bit-vec", + "bit-vec 0.6.3", "capctl", "caps", "cfg-if", "cgroups-rs", "futures", - "inotify", + "inotify 0.9.6", "kata-sys-util", "lazy_static", "libc", "libseccomp", "nix 0.24.3", - "oci-spec 0.8.1", + "oci-spec", "path-absolutize", "protobuf 3.7.2", "protocols", @@ -4357,7 +4351,7 @@ dependencies = [ "backtrace", "bytes 1.10.1", "libc", - "mio 1.0.3", + "mio", "parking_lot 0.12.3", "pin-project-lite", "signal-hook-registry", @@ -4705,6 +4699,17 @@ version = "1.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "458f7a779bf54acc9f347480ac654f68407d3aab21269a6e3c9f922acd9e2da9" +[[package]] +name = "uuid-simd" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "23b082222b4f6619906941c17eb2297fff4c2fb96cb60164170522942a200bd8" +dependencies = [ + "outref", + "uuid", + "vsimd", +] + [[package]] name = "valuable" version = "0.1.1" @@ -4729,6 +4734,12 @@ version = "0.9.5" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "0b928f33d975fc6ad9f86c8f283853ad26bdd5b10b7f1542aa2fa15e2289105a" +[[package]] +name = "vsimd" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5c3082ca00d5a5ef149bb8b555a72ae84c9c59f7250f013ac822ac2e49b19c64" + [[package]] name = "vsock" version = "0.2.6" @@ -4919,7 +4930,7 @@ version = "0.1.9" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf221c93e13a30d793f7645a0e7762c55d169dbb0a49671918a2319d289b10bb" dependencies = [ - "windows-sys 0.59.0", + "windows-sys 0.48.0", ] [[package]] @@ -5021,7 +5032,7 @@ checksum = "4286ad90ddb45071efd1a66dfa43eb02dd0dfbae1545ad6cc3c51cf34d7e8ba3" dependencies = [ "windows-result 0.3.2", "windows-strings 0.3.1", - "windows-targets 0.53.0", + "windows-targets 0.53.2", ] [[package]] @@ -5087,6 +5098,15 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "windows-sys" +version = "0.60.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "f2f500e4d28234f72040990ec9d39e3a6b950f9f22d3dba18416c35882612bcb" +dependencies = [ + "windows-targets 0.53.2", +] + [[package]] name = "windows-targets" version = "0.48.5" @@ -5120,9 +5140,9 @@ dependencies = [ [[package]] name = "windows-targets" -version = "0.53.0" +version = "0.53.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1e4c7e8ceaaf9cb7d7507c974735728ab453b67ef8f18febdd7c11fe59dca8b" +checksum = "c66f69fcc9ce11da9966ddb31a40968cad001c5bedeb5c2b82ede4253ab48aef" dependencies = [ "windows_aarch64_gnullvm 0.53.0", "windows_aarch64_msvc 0.53.0", diff --git a/src/agent/Cargo.toml b/src/agent/Cargo.toml index 95a872955a..b63ef7ce7c 100644 --- a/src/agent/Cargo.toml +++ b/src/agent/Cargo.toml @@ -163,7 +163,7 @@ strum.workspace = true strum_macros.workspace = true # Agent Policy -cdi = { git = "https://github.com/cncf-tags/container-device-interface-rs", rev = "fba5677a8e7cc962fc6e495fcec98d7d765e332a" } +cdi = { git = "https://github.com/cncf-tags/container-device-interface-rs", rev = "3b1e83dda5efcc83c7a4f134466ec006b37109c9" } # Local dependencies kata-agent-policy = { workspace = true, optional = true }