large dependencies update

Cargo.toml

@@ -1,36 +1,28 @@
 [workspace]
 members = [".", "packages/*"]
 
-[package]
+[workspace.package]
-name = "jobboerse"
+version = "0.2.5"
-version = "0.2.4"
 edition = "2021"
 rust-version = "1.60"
+license = "MIT OR Apache-2.0"
+include = ["APACHE-2.0.LICENSE","MIT.LICENSE"]
 repository = "https://www.fs-infmath.uni-kiel.de/git/FS-InfMath/Jobboerse"
 homepage = "https://www.fs-infmath.uni-kiel.de/wiki/Hauptseite"
-license = "MIT OR Apache-2.0"
 readme = "README.md"
-categories = ["command-line-utilities", "web-programming::http-server"] # https://crates.io/category_slugs max. 5
-keywords = ["jobbörse", "webserver", "application"] # max 5. matching [a-zA-Z][a-zA-Z0-9-_]{,19}
-description = "This package provides a webserver for joboffser postings"
 
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+[workspace.dependencies]
-
-[features]
-dev_mode = []
-
-[dependencies]
 actix-files = "0.6.2"
-actix-web = "4.1.0"
+actix-web = "4.2.1"
-actix-session = { version = "0.7.1", features = ["cookie-session"] }
+actix-session = { version = "0.7.2", features = ["cookie-session"] }
 actix-multipart = "0.4.0"
 better_toml_datetime = { path = "packages/better_toml_datetime" }
-cargo-bundle-licenses = { version = "0.5.0", default-features = false }
+cargo-bundle-licenses = { version = "1.0.1", default-features = false }
-chrono = { version = "0.4.20", default-features = false, features = ["std","clock"] }
+chrono = { version = "0.4.22", default-features = false, features = ["std","clock"] }
 chrono-tz = "0.6.3"
-clap = { version = "3.2.16", features = ["derive", "env"] }
+clap = { version = "4.0.10", features = ["derive", "env"] }
-futures-util = "0.3.21"
+futures-util = "0.3.24"
-handlebars = { version = "4.3.3", features = ["dir_source"] }
+handlebars = { version = "4.3.5", features = ["dir_source"] }
 http = "0.2.8"
 lettre = { version = "0.10.1", default-features = false, features = ["sendmail-transport", "tokio1", "builder", "serde"] }
 # use rustls a native tls library rather than openssl,
@@ -42,18 +34,68 @@ mime_guess = "2.0.4"
 multipart_helper = {path = "packages/multipart_helper"}
 pretty_env_logger = "0.4.0"
 rand = "0.8.5"
-serde = { version = "1.0.142", features = ["derive"] } # https://doc.rust-lang.org/cargo/reference/manifest.html
+serde = { version = "1.0.145", features = ["derive"] } # https://doc.rust-lang.org/cargo/reference/manifest.html
-serde_json = "1.0.83"
+serde_json = "1.0.85"
 tempfile = "3.3.0"
-thiserror = "1.0.32"
+thiserror = "1.0.37"
 toml = "0.5.9"
-tokio = "1.20.1"
+tokio = "1.21.2"
-url = { version = "2.2.2", features = ["serde"] }
+url = { version = "2.3.1", features = ["serde"] }
+
+[package]
+name = "jobboerse"
+version.workspace = true
+edition.workspace = true
+rust-version.workspace = true
+repository.workspace = true
+homepage.workspace = true
+license.workspace = true
+readme.workspace = true
+categories = ["command-line-utilities", "web-programming::http-server"] # https://crates.io/category_slugs max. 5
+keywords = ["jobbörse", "webserver", "application"] # max 5. matching [a-zA-Z][a-zA-Z0-9-_]{,19}
+description = "This package provides a webserver for joboffser postings"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[features]
+dev_mode = []
+
+[dependencies]
+
+actix-files = { workspace = true }
+actix-web = { workspace = true }
+actix-session = { workspace = true, features = ["cookie-session"] }
+actix-multipart = { workspace = true }
+better_toml_datetime = { workspace = true }
+cargo-bundle-licenses = { workspace = true, default-features = false }
+chrono = { workspace = true, default-features = false, features = ["std","clock"] }
+chrono-tz = { workspace = true }
+clap = { workspace = true, features = ["derive", "env"] }
+futures-util = { workspace = true }
+handlebars = { workspace = true, features = ["dir_source"] }
+http = { workspace = true }
+lettre = { workspace = true, default-features = false, features = ["sendmail-transport", "tokio1", "builder", "serde"] }
+# use rustls a native tls library rather than openssl,
+# as depending on c dependencies can get annoying even when vendoring
+ldap3 = { workspace = true, default-features = false, features = ["tls-rustls"] }
+listenfd = { workspace = true }
+log = { workspace = true }
+mime_guess = { workspace = true }
+multipart_helper = { workspace = true }
+pretty_env_logger = { workspace = true }
+rand = { workspace = true }
+serde = { workspace = true, features = ["derive"] } # https://doc.rust-lang.org/cargo/reference/manifest.html
+serde_json = { workspace = true }
+tempfile = { workspace = true }
+thiserror = { workspace = true }
+toml = { workspace = true }
+tokio = { workspace = true }
+url = { workspace = true, features = ["serde"] }
 
 [build-dependencies]
-cargo-bundle-licenses = { version = "0.5.0", default-features = false }
+cargo-bundle-licenses = { workspace = true, default-features = false }
-pretty_env_logger = "0.4.0"
+pretty_env_logger = { workspace = true }
-log = "0.4.17"
+log = { workspace = true }
 
 # manually specify autobin here as otherwise some command freak out if we don't copy the src/ folder
 [[bin]]

Changelog.md

@@ -7,18 +7,36 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
-## [0.2.4] (2022-08-04)
+### Fix
+
+- missing lines around lists and headings triggering lints in changelog
+- new clippy lints
+
 ### Change
+
+- upgrade/update dependencies
+- msrv is now 1.64 as we now take advantage of packages inheriting from the workspace
+
+### Removed
+
+- `./scripts/adjust_thirdparty.sh` as it is no longer necessary with cargo-bundle-license version 1.0.0
+
+## [0.2.4] (2022-08-04)
+
+### Change
+
 - reviewer notice now includes a link to the added job offer
 - upgrade dependencies in general
 
 ### Fix
+
 - confirmation dialog for when logged-in as a reviewer
 - updated chrono dependency fixing issue FS-InfMath/Jobboerse#5
 
 ## [0.2.3] (2022-07-27)
 
 ### Change
+
 - upgrade lettre dependency from release candidate version to actual release version
 - upgrade dependencies in general
 - send a publishing notice to the contact address when a submission is published by a review
@@ -27,17 +45,21 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.2.2] (2022-06-26)
 
 ### Add
+
 - faq page
 
 ### Change
+
 - better highlight confirm/retract buttons
 
 ## [0.2.1] (2022-03-10)
 
 ### Add
+
 - reviewer link for manually sending a confirmation email
 
 ### Change
+
 - some internal cleanup
 - reviewer notice email is now send when offer is not pre-approved
   - instead of when confirmation is not skipped
@@ -46,6 +68,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
     while reviewer notice failure is not
 
 ### Fix
+
 - confirmation emails now set the UserAgent and Auto-Submitted headers
 - the error pages using the generic_error_handler now set the Content-Type header
 - prevent error on missing edit action
@@ -54,12 +77,14 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.2.0] (2022-06-09)
 
 ### Add
+
 - ability to edit job offers by reviewers after submission
 - ability for reviewers to filter for offer requiring review
 - ability to change/remove default footer links and add new ones
 - ability to highlight a single job offer
 
 ### Change
+
 - improve error handling
 - split of two small packages
 - a lot of refactoring
@@ -75,60 +100,73 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [0.1.6] (2022-05-26)
 
 ### Change
+
 - increase some form limits
 
 ## [0.1.5] (2022-05-26)
 
 ### Change
+
 - some display/style changes for job offer entries
 - the confirmation email now uses a handlebar template instead of a compiletime format constant string
 
 ### Fix
+
 - /summary should be accessible for anonymous visitors
 
 ## [0.1.4] (2022-05-25)
 
 ### Fix
+
 - replace incorrectly hardcoded path by config value
 
 ## [0.1.3] (2022-05-25)
 
 ### Add
+
 - allow reviewers to skip confirmation of new submissions
 - allow reviewers to delete all expired entries
 
 ### Change
+
 - minimum expiry date for new submissions is now kept up-to-date
 - submission form for reviewers now defaults to pre-reviewed and skip-confirmation
 
 ### Fix
+
 - index route without base path
 - simple login provider should not skip setting the session cookie
 
 ## [0.1.2] (2022-05-25)
 
 ### Add
+
 - systemd service file
 
 ### Change
+
 - improve distribution config
 - set storage path in distribution config
 - reduce default log level from Trace to Info
 
 ### Fix
+
 - incorrect table name in distribution config
 
 ## [0.1.1] (2022-05-25)
 
 ### Added
+
 - commented default config for distributing
 
 ### Change
+
 - strip release build
 
 ## [0.1.0] (2022-05-21)
 
 ### Added
+
 - Initial Version
 - Overview/Landing Page of published Job Offers
 - Reviewer Login with LDAP Integration

README.md

@@ -89,16 +89,12 @@ This file is generated using the `cargo-bundle-licenses` tool and contains licen
 It is manually adjusted to include all not auto-detected licenses.
 When re-generating this file make sure to not lose still relevant manually inserted licenses and to add newly missing licenses.
 
-Currently, `cargo-bundle-licenses` includes absolute paths for some licenses.
-These will differ between machines and usual point into the current user's home directory.
-Wrong paths might cause the test, which checks that the `THIRDPARTY.toml` file is up-to-date, to fail.
-The `./scripts/adjust_thirdparty.sh` script should fix the paths to match the current environment.
 Alternatively, the `THIRDPARTY.toml` may be regenerated as described below.
 Regenerating this file usually requires some manual intervention, to fix licenses that were not automatically detected.
 
 To regenerate this file the cargo-bundle-licenses tool needs to be available.
 It can be installed via `cargo install cargo-bundle-licenses`.
-At least version 0.5.0, as of writing the latest version, is required, for proper handling of complex spdx expressions. 
+At least version 1.0.0, is required, for normalization of license file path located under `$CARGO_HOME`.
 It can then be run with `cargo bundle-licenses --format toml --output THIRDPARTY.toml` to re-generate the file.
 The script `./scripts/generate_thirparty.sh` does just that.
 This needs to be done when dependencies change to adjust the corresponding entries.

dist/arch/PKGBUILD

@@ -33,8 +33,6 @@ prepare()
 	git lfs pull lfs-remote
 
 	cargo fetch --locked --target "$CARCH-unknown-linux-gnu"
-
-	./scripts/adjust_thirdparty.sh
 }
 
 

dist/arch/devel/PKGBUILD

@@ -43,8 +43,6 @@ prepare()
 	git lfs pull lfs-remote
 
 	cargo fetch --locked --target "$CARCH-unknown-linux-gnu"
-
-	./scripts/adjust_thirdparty.sh
 }
 
 

packages/better_toml_datetime/Cargo.toml

@@ -1,13 +1,19 @@
 [package]
 name = "better_toml_datetime"
-version = "0.1.0"
+description = "Small helper crate for usage in the jobboerse crate containing some helpers for working with toml date, datetime and time structs"
-edition = "2021"
+keywords = ["toml", "date", "time"]
-license = "MIT OR Apache-2.0"
+categories = []
-include = ["../../APACHE-2.0.LICENSE","../../MIT.LICENSE"]
+version.workspace = true
+edition.workspace = true
+rust-version.workspace = true
+repository.workspace = true
+homepage.workspace = true
+license.workspace = true
+readme.workspace = true
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-serde = "1.0.137"
+serde = { workspace = true }
-toml = "0.5.9"
+toml = { workspace = true }
-thiserror = "1.0.31"
+thiserror = { workspace = true }

packages/better_toml_datetime/src/lib.rs

@@ -3,7 +3,6 @@ use std::fmt::{Debug, Display, Formatter};
 use std::hash::{Hash, Hasher};
 use std::ops::Deref;
 use std::str::FromStr;
-use thiserror;
 use toml::value::DatetimeParseError;
 
 #[derive(Serialize, Deserialize, Clone)]

packages/multipart_helper/Cargo.toml

@@ -1,15 +1,21 @@
 [package]
 name = "multipart_helper"
-version = "0.1.0"
+description = "A helper crate for handling multipart forms in the jobbörse create"
-edition = "2021"
+keywords = ["multipart/form-data"]
-license = "MIT OR Apache-2.0"
+categories = []
-include = ["../../APACHE-2.0.LICENSE", "../../MIT.LICENSE"]
+version.workspace = true
+edition.workspace = true
+rust-version.workspace = true
+repository.workspace = true
+homepage.workspace = true
+license.workspace = true
+readme.workspace = true
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-actix-multipart = "0.4.0"
+actix-multipart = { workspace = true }
-futures-util = "0.3.21"
+futures-util = { workspace = true }
-tempfile = "3.3.0"
+tempfile = { workspace = true }
-thiserror = "1.0.31"
+thiserror = { workspace = true }
-toml = "0.5.9"
+toml = { workspace = true }

scripts/adjust_thirdparty.sh

@@ -1,6 +0,0 @@
-#!/usr/bin/env bash
-
-# workaround for https://github.com/sstadick/cargo-bundle-licenses/issues/8
-
-CARGO_HOME="${CARGO_HOME:-${HOME}/.cargo}"
-sed --in-place=.bak -E "\:file \(.*/\.cargo/:{s:file \(.*/\.cargo/:file \(${CARGO_HOME}/:g;}" ./THIRDPARTY.toml

src/job_offers.rs

@@ -364,7 +364,7 @@ impl JobOffer<PathBuf> {
                 Ok(Attachment {
                     title: attachment.title.clone(),
                     file_name: attachment.file_name.clone(),
-                    attachment_location: attachment.generate_link(id, req, None)?.into(),
+                    attachment_location: attachment.generate_link(id, req, None)?,
                 })
             })
             .collect::<Result<Vec<_>, UrlGenerationError>>()?;
@@ -734,7 +734,7 @@ impl<'id> MutBorrowedJobOffer<'_, 'id, '_> {
     }
 
     pub(crate) fn mark_as_confirmed(&mut self, token: &str) -> Result<(), ()> {
-        let () = self.data.status.mark_as_confirmed(token)?;
+        self.data.status.mark_as_confirmed(token)?;
         self.dirty = Dirty::Yes;
         Ok(())
     }

src/route.rs

@@ -125,7 +125,7 @@ fn base<'a>(
     config: &'a ServerConfig,
     title: &'a str,
 ) -> Result<BaseData<'a>, UrlGenerationError> {
-    let index_css = req.url_for_static(INDEX_CSS_ROUTE)?.into();
+    let index_css = req.url_for_static(INDEX_CSS_ROUTE)?;
 
     let static_routes = StaticRoutes::new(req)?;
 

src/route/error_handler.rs

@@ -22,7 +22,6 @@ use lettre::address::AddressError;
 use log::{error, warn};
 use multipart_helper::MultipartFieldError;
 use serde_json::json;
-use thiserror::private::DisplayAsDisplay;
 use url::Url;
 
 #[derive(Debug, thiserror::Error)]
@@ -274,7 +273,7 @@ pub(crate) fn unauthorized_error_handler<B>(
         // for a get request we can just return the user to the originally requested page after login,
         // so redirect them to the login page and set the return_to url parameter to the target of the current request
 
-        let req_uri = res.request().uri().as_display().to_string();
+        let req_uri = res.request().uri().to_string();
 
         let login_url = login_url_with_return(res.request(), &req_uri)?;
 

src/route/form_constants.rs

@@ -70,4 +70,4 @@ pub(crate) const ATTACHMENT_FILENAME_EDIT_FIELD: &str = "file_name_edit[]";
 pub(crate) const ATTACHMENT_TITLE_EDIT_FIELD: &str = "file_title_edit[]";
 pub(crate) const ATTACHMENT_FILE_REPLACE_FIELD: &str = "file_replace[]";
 
-pub(crate) const DELETE_ATTACHMENT_FIELD: &'static str = "delete_attachment[]";
+pub(crate) const DELETE_ATTACHMENT_FIELD: &str = "delete_attachment[]";

src/route/job_offer/create.rs

@@ -252,7 +252,7 @@ pub(crate) async fn create_job_offer<'data, 'config>(
         if !is_pre_approved {
             match created_offer.highlight_link(req) {
                 Ok(highlight_url) => {
-                    email::send_reviewer_notice(hb, &email_config, highlight_url).await;
+                    email::send_reviewer_notice(hb, email_config, highlight_url).await;
                 }
                 Err(err) => {
                     error!("Failed to generate highlight link: {}", err)
@@ -268,7 +268,7 @@ pub(crate) async fn create_job_offer<'data, 'config>(
                 job_offer_form.contact,
                 email_config,
                 &ConfirmationEmailData {
-                    confirmation_link: confirm_url.into(),
+                    confirmation_link: confirm_url,
                 },
             )
             .await?;

src/server_config.rs

@@ -1,6 +1,6 @@
 use std::path::{Path, PathBuf};
 
-use clap::{ArgEnum, StructOpt};
+use clap::{Parser, ValueEnum};
 use lettre::message::Mailbox;
 use log::{info, warn};
 use serde::Deserialize;
@@ -95,7 +95,7 @@ impl ProgramConfig {
     }
 }
 
-#[derive(StructOpt, Debug)]
+#[derive(Parser, Debug)]
 #[structopt(name = "jobboerse", version)]
 pub(crate) struct ProgramArguments {
     #[structopt(long, env = "JOBBOERSE_CONFIG", default_value_os_t = ProgramArguments::default_config())]
@@ -104,7 +104,7 @@ pub(crate) struct ProgramArguments {
     #[structopt(short, long, env = "JOBBOERSE_PORT", default_value_t = 8080)]
     pub(crate) port: u16,
 
-    #[structopt(long, env = "JOBBOERSE_MODE", arg_enum, default_value_t)]
+    #[structopt(long, env = "JOBBOERSE_MODE", value_enum, default_value_t)]
     pub(crate) mode: OperationMode,
 }
 
@@ -132,7 +132,7 @@ impl ProgramArguments {
     }
 }
 
-#[derive(Debug, Clone, ArgEnum, Serialize)]
+#[derive(Debug, Clone, ValueEnum, Serialize)]
 pub(crate) enum OperationMode {
     Production,
     #[cfg(feature = "dev_mode")]

src/util.rs

@@ -81,16 +81,15 @@ pub fn toml_datetime_to_chrono_datetime(
         .date
         .as_ref()
         .expect("datetime should contain a date");
-    let toml_time = datetime.time.to_owned().unwrap_or(
+    let toml_time = datetime.time.to_owned().unwrap_or_else(|| {
-        // fallback to midnight
         toml::value::Time {
             hour: 0,
             minute: 0,
             second: 0,
             nanosecond: 0,
         }
-        .into(),
+        .into()
-    );
+    });
 
     let local_datetime = chrono::NaiveDate::from_ymd(
         toml_date.year.into(),