Skip to content

Commit

Permalink
Merge pull request wasmerio#5181 from wasmerio/5077-lots-of-cves
Browse files Browse the repository at this point in the history
Sunset `wasmer-registry`, `wasmer-interface` and update misc dependencies
  • Loading branch information
xdoardo authored Oct 28, 2024
2 parents a3751c9 + ded01a6 commit 33a6908
Show file tree
Hide file tree
Showing 85 changed files with 1,180 additions and 11,116 deletions.
1,711 changes: 502 additions & 1,209 deletions Cargo.lock

Large diffs are not rendered by default.

25 changes: 11 additions & 14 deletions Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ version.workspace = true
[dependencies]
wasmer = { version = "=5.0.0-rc.1", path = "lib/api", default-features = false }
wasmer-compiler = { version = "=5.0.0-rc.1", path = "lib/compiler", features = [
"compiler",
"compiler",
], optional = true }
wasmer-compiler-cranelift = { version = "=5.0.0-rc.1", path = "lib/compiler-cranelift", optional = true }
wasmer-compiler-singlepass = { version = "=5.0.0-rc.1", path = "lib/compiler-singlepass", optional = true }
Expand All @@ -31,9 +31,9 @@ wasmer-middlewares = { version = "=5.0.0-rc.1", path = "lib/middlewares", option
cfg-if = "1.0"

tokio = { version = "1.39", features = [
"rt",
"rt-multi-thread",
"macros",
"rt",
"rt-multi-thread",
"macros",
], optional = true }
crossbeam-queue = "0.3.8"

Expand All @@ -57,7 +57,6 @@ members = [
"lib/derive",
"lib/emscripten",
"lib/object",
"lib/registry",
"lib/sys-utils",
"lib/types",
"lib/virtual-io",
Expand All @@ -67,7 +66,6 @@ members = [
"lib/wai-bindgen-wasmer",
"lib/wasi-types",
"lib/wasix",
"lib/wasm-interface",
"lib/journal",
"lib/swift",
"lib/package",
Expand All @@ -78,9 +76,7 @@ members = [
"tests/wasi-wast",
"tests/wasmer-argus",
]
exclude = [
"./lib/cli/tests/packages/axum"
]
exclude = ["./lib/cli/tests/packages/axum"]
resolver = "2"

[workspace.package]
Expand Down Expand Up @@ -116,16 +112,17 @@ rkyv = { version = "0.8.8", features = ["indexmap-2", "bytes-1"] }
memmap2 = { version = "0.6.2" }
toml = { version = "0.5.9", features = ["preserve_order"] }
indexmap = "2"
serde_yaml = "0.9.34"
serde_yaml = { package = "serde_yml", version = "0.0.12" }
libc = { version = "^0.2", default-features = false }
gimli = { version = "0.28.1" }
futures-util = { version = "0.3.31" }
mio = "1"
# MIO 1.0 starts at tokio version 1.39, hence the minimum requirement.
tokio = { version = "1.39.0", default-features = false}
tokio = { version = "1.39.0", default-features = false }
socket2 = "0.5.7"
pretty_assertions = "1.4.0"
base64 = "0.22.0"
time = "0.3.36"

[build-dependencies]
test-generator = { path = "tests/lib/test-generator" }
Expand All @@ -136,9 +133,9 @@ rustc_version = "0.4"

[dev-dependencies]
wasmer = { version = "=5.0.0-rc.1", path = "lib/api", features = [
"compiler",
"singlepass",
"sys",
"compiler",
"singlepass",
"sys",
] }
anyhow = "1.0"
criterion = { version = "0.5", default-features = false }
Expand Down
17 changes: 15 additions & 2 deletions lib/backend-api/Cargo.toml
Original file line number Diff line number Diff line change
Expand Up @@ -19,13 +19,12 @@ wasmer-config = { version = "0.9.0", path = "../config" }
wasmer-package.workspace = true
webc.workspace = true


# crates.io dependencies.
reqwest = { workspace = true, default-features = false, features = ["json"] }

anyhow = "1"
serde = { version = "1", features = ["derive"] }
time = { version = "0.3", features = ["formatting", "parsing"] }
time = { workspace = true, features = ["formatting", "parsing"] }
tokio = { workspace = true }
serde_json = "1"
url = { version = "2", features = ["serde"] }
Expand All @@ -37,6 +36,20 @@ serde_path_to_error = "0.1.14"
harsh = "0.2.2"
merge-streams = "0.1.2"


# Subscriptions.
graphql-ws-client = { version = "0.11.0", features = [
"tungstenite",
"client-cynic",
] }
tokio-tungstenite = { version = "0.24.0", features = [
"rustls-tls-native-roots",
] }
async-tungstenite = { version = "0.28.0", features = [
"tokio-runtime",
"tokio-rustls-native-certs",
] }

[target.'cfg(target_family = "wasm")'.dependencies.getrandom]
version = "0.2.14"
features = ["js"]
Expand Down
1 change: 1 addition & 0 deletions lib/backend-api/src/lib.rs
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ mod error;
pub mod global_id;
pub mod query;
pub mod stream;
pub mod subscription;
pub mod types;

use url::Url;
Expand Down
36 changes: 36 additions & 0 deletions lib/backend-api/src/query.rs
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,42 @@ pub async fn redeploy_app_by_id(
.map(|v| v.redeploy_active_version.map(|v| v.app))
}

/// List all bindings associated with a particular package.
///
/// If a version number isn't provided, this will default to the most recently
/// published version.
pub async fn list_bindings(
client: &WasmerClient,
name: &str,
version: Option<&str>,
) -> Result<Vec<Bindings>, anyhow::Error> {
client
.run_graphql_strict(types::GetBindingsQuery::build(GetBindingsQueryVariables {
name,
version,
}))
.await
.and_then(|b| {
b.package_version
.ok_or(anyhow::anyhow!("No bindings found!"))
})
.map(|v| {
let mut bindings_packages = Vec::new();

for b in v.bindings.into_iter().flatten() {
let pkg = Bindings {
id: b.id.into_inner(),
url: b.url,
language: b.language,
generator: b.generator,
};
bindings_packages.push(pkg);
}

bindings_packages
})
}

/// Revoke an existing token
pub async fn revoke_token(
client: &WasmerClient,
Expand Down
64 changes: 64 additions & 0 deletions lib/backend-api/src/subscription.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
use crate::{
types::{PackageVersionReadySubscription, PackageVersionReadySubscriptionVariables},
WasmerClient,
};
use anyhow::Context;
use async_tungstenite::tungstenite::client::IntoClientRequest;
use cynic::SubscriptionBuilder;
use graphql_ws_client::Subscription;
use reqwest::header::HeaderValue;
use std::future::IntoFuture;

pub async fn package_version_ready(
client: &WasmerClient,
package_version_id: &str,
) -> anyhow::Result<
Subscription<
cynic::StreamingOperation<
PackageVersionReadySubscription,
PackageVersionReadySubscriptionVariables,
>,
>,
> {
let mut url = client.graphql_endpoint().clone();
if url.scheme() == "http" {
url.set_scheme("ws").unwrap();
} else if url.scheme() == "https" {
url.set_scheme("wss").unwrap();
}

let url = url.to_string();
let mut req = url.into_client_request()?;

req.headers_mut().insert(
"Sec-WebSocket-Protocol",
HeaderValue::from_str("graphql-transport-ws").unwrap(),
);

if let Some(token) = client.auth_token() {
req.headers_mut().insert(
reqwest::header::AUTHORIZATION,
HeaderValue::from_str(&format!("Bearer {}", token))?,
);
}

req.headers_mut()
.insert(reqwest::header::USER_AGENT, client.user_agent.clone());

let (connection, _resp) = async_tungstenite::tokio::connect_async(req)
.await
.context("could not connect")?;

let (client, actor) = graphql_ws_client::Client::build(connection).await?;
tokio::spawn(actor.into_future());

let stream = client
.subscribe(PackageVersionReadySubscription::build(
PackageVersionReadySubscriptionVariables {
package_version_id: cynic::Id::new(package_version_id),
},
))
.await?;

Ok(stream)
}
83 changes: 83 additions & 0 deletions lib/backend-api/src/types.rs
Original file line number Diff line number Diff line change
Expand Up @@ -2171,6 +2171,89 @@ mod queries {
#[derive(cynic::Scalar, Debug, Clone)]
pub struct BigInt(pub i64);

#[derive(cynic::Enum, Clone, Copy, Debug, PartialEq, Eq)]
pub enum ProgrammingLanguage {
Python,
Javascript,
}

/// A library that exposes bindings to a Wasmer package.
#[derive(Debug, Clone)]
pub struct Bindings {
/// A unique ID specifying this set of bindings.
pub id: String,
/// The URL which can be used to download the files that were generated
/// (typically as a `*.tar.gz` file).
pub url: String,
/// The programming language these bindings are written in.
pub language: ProgrammingLanguage,
/// The generator used to generate these bindings.
pub generator: BindingsGenerator,
}

#[derive(cynic::QueryVariables, Debug, Clone)]
pub struct GetBindingsQueryVariables<'a> {
pub name: &'a str,
pub version: Option<&'a str>,
}

#[derive(cynic::QueryFragment, Debug, Clone)]
#[cynic(graphql_type = "Query", variables = "GetBindingsQueryVariables")]
pub struct GetBindingsQuery {
#[arguments(name: $name, version: $version)]
#[cynic(rename = "getPackageVersion")]
pub package_version: Option<PackageBindingsVersion>,
}

#[derive(cynic::QueryFragment, Debug, Clone)]
#[cynic(graphql_type = "PackageVersion")]
pub struct PackageBindingsVersion {
pub bindings: Vec<Option<PackageVersionLanguageBinding>>,
}

#[derive(cynic::QueryFragment, Debug, Clone)]
pub struct BindingsGenerator {
pub package_version: PackageVersion,
pub command_name: String,
}

#[derive(cynic::QueryFragment, Debug, Clone)]
pub struct PackageVersionLanguageBinding {
pub id: cynic::Id,
pub language: ProgrammingLanguage,
pub url: String,
pub generator: BindingsGenerator,
pub __typename: String,
}

#[derive(cynic::QueryVariables, Debug)]
pub struct PackageVersionReadySubscriptionVariables {
pub package_version_id: cynic::Id,
}

#[derive(cynic::QueryFragment, Debug)]
#[cynic(
graphql_type = "Subscription",
variables = "PackageVersionReadySubscriptionVariables"
)]
pub struct PackageVersionReadySubscription {
#[arguments(packageVersionId: $package_version_id)]
pub package_version_ready: PackageVersionReadyResponse,
}

#[derive(cynic::QueryFragment, Debug)]
pub struct PackageVersionReadyResponse {
pub state: PackageVersionState,
pub success: bool,
}

#[derive(cynic::Enum, Clone, Copy, Debug)]
pub enum PackageVersionState {
WebcGenerated,
BindingsGenerated,
NativeExesGenerated,
}

#[derive(cynic::InlineFragments, Debug, Clone)]
#[cynic(graphql_type = "Node", variables = "GetDeployAppVersionsByIdVars")]
pub enum NodeDeployAppVersions {
Expand Down
Loading

0 comments on commit 33a6908

Please sign in to comment.