Move all dependencies on the workspace level (#4656)

Cargo.lock

@@ -3364,7 +3364,6 @@ dependencies = [
  "sha2",
  "sqlx",
  "thiserror 2.0.12",
- "time",
  "tokio",
  "tokio-util",
  "tower",

Cargo.toml

@@ -10,6 +10,7 @@ package.authors = ["Element Backend Team"]
 package.edition = "2024"
 package.homepage = "https://element-hq.github.io/matrix-authentication-service/"
 package.repository = "https://github.com/element-hq/matrix-authentication-service/"
+package.publish = false
 
 [workspace.lints.rust]
 unsafe_code = "deny"
@@ -83,6 +84,10 @@ version = "0.1.88"
 [workspace.dependencies.anyhow]
 version = "1.0.98"
 
+# Assert that a value matches a pattern
+[workspace.dependencies.assert_matches]
+version = "1.5.0"
+
 # HTTP router
 [workspace.dependencies.axum]
 version = "0.8.4"
@@ -92,9 +97,29 @@ version = "0.8.4"
 version = "0.10.1"
 features = ["cookie-private", "cookie-key-expansion", "typed-header"]
 
+# Axum macros
+[workspace.dependencies.axum-macros]
+version = "0.5.0"
+
+# AEAD (Authenticated Encryption with Associated Data)
+[workspace.dependencies.aead]
+version = "0.5.2"
+features = ["std"]
+
+# Argon2 password hashing
+[workspace.dependencies.argon2]
+version = "0.5.3"
+features = ["password-hash", "std"]
+
 # Constant-time base64
 [workspace.dependencies.base64ct]
 version = "1.8.0"
+features = ["std"]
+
+# Bcrypt password hashing
+[workspace.dependencies.bcrypt]
+version = "0.17.0"
+default-features = true
 
 # Packed bitfields
 [workspace.dependencies.bitflags]
@@ -107,6 +132,12 @@ version = "1.10.1"
 # UTF-8 paths
 [workspace.dependencies.camino]
 version = "1.1.10"
+features = ["serde1"]
+
+# ChaCha20Poly1305 AEAD
+[workspace.dependencies.chacha20poly1305]
+version = "0.10.1"
+features = ["std"]
 
 # Memory optimisation for short strings
 [workspace.dependencies.compact_str]
@@ -116,6 +147,12 @@ version = "0.9.0"
 [workspace.dependencies.console]
 version = "0.15.11"
 
+# Cookie store
+[workspace.dependencies.cookie_store]
+version = "0.21.1"
+default-features = false
+features = ["serde_json"]
+
 # Time utilities
 [workspace.dependencies.chrono]
 version = "0.4.41"
@@ -127,10 +164,51 @@ features = ["serde", "clock"]
 version = "4.5.40"
 features = ["derive"]
 
+# Object Identifiers (OIDs) as constants
+[workspace.dependencies.const-oid]
+version = "0.9.6"
+features = ["std"]
+
+# Utility for converting between different cases
+[workspace.dependencies.convert_case]
+version = "0.8.0"
+
+# CRC calculation
+[workspace.dependencies.crc]
+version = "3.3.0"
+
 # Cron expressions
 [workspace.dependencies.cron]
 version = "0.15.0"
 
+# CSV parsing and writing
+[workspace.dependencies.csv]
+version = "1.3.1"
+
+# DER encoding
+[workspace.dependencies.der]
+version = "0.7.10"
+features = ["std"]
+
+# Interactive CLI dialogs
+[workspace.dependencies.dialoguer]
+version = "0.11.0"
+default-features = false
+features = ["fuzzy-select", "password"]
+
+# Cryptographic digest algorithms
+[workspace.dependencies.digest]
+version = "0.10.7"
+
+# Load environment variables from .env files
+[workspace.dependencies.dotenvy]
+version = "0.15.7"
+
+# ECDSA algorithms
+[workspace.dependencies.ecdsa]
+version = "0.16.9"
+features = ["signing", "verifying"]
+
 # Elliptic curve cryptography
 [workspace.dependencies.elliptic-curve]
 version = "0.13.8"
@@ -141,16 +219,28 @@ features = ["std", "pem", "sec1"]
 version = "0.10.19"
 features = ["env", "yaml", "test"]
 
+# URL form encoding
+[workspace.dependencies.form_urlencoded]
+version = "1.2.1"
+
 # Utilities for dealing with futures
 [workspace.dependencies.futures-util]
 version = "0.3.31"
 
+# Fixed-size arrays with trait implementations
+[workspace.dependencies.generic-array]
+version = "0.14.7"
+
 # Rate-limiting
 [workspace.dependencies.governor]
 version = "0.10.0"
 default-features = false
 features = ["std", "dashmap", "quanta"]
 
+# HMAC calculation
+[workspace.dependencies.hmac]
+version = "0.12.1"
+
 # HTTP headers
 [workspace.dependencies.headers]
 version = "0.4.1"
@@ -174,7 +264,7 @@ version = "0.1.3"
 # HTTP client and server
 [workspace.dependencies.hyper]
 version = "1.6.0"
-features = ["client", "http1", "http2"]
+features = ["client", "server", "http1", "http2"]
 
 # Additional Hyper utilties
 [workspace.dependencies.hyper-util]
@@ -195,16 +285,67 @@ version = "0.27.7"
 features = ["http1", "http2"]
 default-features = false
 
+# ICU libraries for internationalization
+[workspace.dependencies.icu_calendar]
+version = "1.5.2"
+features = ["compiled_data", "std"]
+[workspace.dependencies.icu_datetime]
+version = "1.5.1"
+features = ["compiled_data", "std"]
+[workspace.dependencies.icu_experimental]
+version = "0.1.0"
+features = ["compiled_data", "std"]
+[workspace.dependencies.icu_locid]
+version = "1.5.0"
+features = ["std"]
+[workspace.dependencies.icu_locid_transform]
+version = "1.5.0"
+features = ["compiled_data", "std"]
+[workspace.dependencies.icu_normalizer]
+version = "1.5.0"
+[workspace.dependencies.icu_plurals]
+version = "1.5.0"
+features = ["compiled_data", "std"]
+[workspace.dependencies.icu_provider]
+version = "1.5.0"
+features = ["std", "sync"]
+[workspace.dependencies.icu_provider_adapters]
+version = "1.5.0"
+features = ["std"]
+
 # HashMap which preserves insertion order
 [workspace.dependencies.indexmap]
 version = "2.9.0"
 features = ["serde"]
 
+# Indented string literals
+[workspace.dependencies.indoc]
+version = "2.0.6"
+
 # Snapshot testing
 [workspace.dependencies.insta]
 version = "1.43.1"
 features = ["yaml", "json"]
 
+# IP network address types
+[workspace.dependencies.ipnetwork]
+version = "0.20.0"
+features = ["serde", "schemars"]
+
+# Iterator utilities
+[workspace.dependencies.itertools]
+version = "0.14.0"
+
+# K256 elliptic curve
+[workspace.dependencies.k256]
+version = "0.13.4"
+features = ["std"]
+
+# RFC 5646 language tags
+[workspace.dependencies.language-tags]
+version = "0.3.2"
+features = ["serde"]
+
 # Email sending
 [workspace.dependencies.lettre]
 version = "0.11.15"
@@ -219,6 +360,14 @@ features = [
     "sendmail-transport",
 ]
 
+# Listening on passed FDs
+[workspace.dependencies.listenfd]
+version = "1.0.2"
+
+# MIME type support
+[workspace.dependencies.mime]
+version = "0.3.17"
+
 # Templates
 [workspace.dependencies.minijinja]
 version = "2.10.2"
@@ -233,10 +382,43 @@ features = ["pycompat"]
 [workspace.dependencies.nonzero_ext]
 version = "0.3.0"
 
-# K256 elliptic curve
-[workspace.dependencies.k256]
-version = "0.13.4"
-features = ["std"]
+# Open Policy Agent support through WASM
+[workspace.dependencies.opa-wasm]
+version = "0.1.5"
+
+# OpenTelemetry
+[workspace.dependencies.opentelemetry]
+version = "0.29.1"
+features = ["trace", "metrics"]
+[workspace.dependencies.opentelemetry-http]
+version = "0.29.0"
+features = ["reqwest"]
+[workspace.dependencies.opentelemetry-jaeger-propagator]
+version = "0.29.0"
+[workspace.dependencies.opentelemetry-otlp]
+version = "0.29.0"
+default-features = false
+features = ["trace", "metrics", "http-proto"]
+[workspace.dependencies.opentelemetry-prometheus]
+version = "0.29.1"
+[workspace.dependencies.opentelemetry-resource-detectors]
+version = "0.8.0"
+[workspace.dependencies.opentelemetry-semantic-conventions]
+version = "0.29.0"
+features = ["semconv_experimental"]
+[workspace.dependencies.opentelemetry-stdout]
+version = "0.29.0"
+features = ["trace", "metrics"]
+[workspace.dependencies.opentelemetry_sdk]
+version = "0.29.0"
+features = [
+    "experimental_trace_batch_span_processor_with_async_runtime",
+    "experimental_metrics_periodicreader_with_async_runtime",
+    "rt-tokio",
+]
+[workspace.dependencies.tracing-opentelemetry]
+version = "0.30.0"
+default-features = false
 
 # P256 elliptic curve
 [workspace.dependencies.p256]
@@ -248,11 +430,28 @@ features = ["std"]
 version = "0.13.1"
 features = ["std"]
 
-# PEM file decoding
+# Text padding utilities
+[workspace.dependencies.pad]
+version = "0.1.6"
+
+# PBKDF2 password hashing
+[workspace.dependencies.pbkdf2]
+version = "0.12.2"
+features = ["password-hash", "std", "simple", "parallel"]
+
+# PEM encoding/decoding
 [workspace.dependencies.pem-rfc7468]
 version = "0.7.0"
 features = ["std"]
 
+# Parser generator
+[workspace.dependencies.pest]
+version = "2.8.0"
+
+# Pest derive macros
+[workspace.dependencies.pest_derive]
+version = "2.8.0"
+
 # Pin projection
 [workspace.dependencies.pin-project-lite]
 version = "0.2.16"
@@ -267,6 +466,14 @@ features = ["std"]
 version = "0.10.2"
 features = ["std", "pkcs5", "encryption"]
 
+# Public Suffix List
+[workspace.dependencies.psl]
+version = "2.1.119"
+
+# Prometheus metrics
+[workspace.dependencies.prometheus]
+version = "0.14.0"
+
 # High-precision clock
 [workspace.dependencies.quanta]
 version = "0.12.6"
@@ -279,12 +486,25 @@ version = "0.3.1"
 [workspace.dependencies.rand_core]
 version = "0.6.4"
 
+# Regular expressions
+[workspace.dependencies.regex]
+version = "1.11.1"
+
 # High-level HTTP client
 [workspace.dependencies.reqwest]
 version = "0.12.20"
 default-features = false
 features = ["http2", "rustls-tls-manual-roots", "charset", "json", "socks"]
 
+# RSA cryptography
+[workspace.dependencies.rsa]
+version = "0.9.8"
+features = ["std", "pem"]
+
+# Fast hash algorithm for HashMap
+[workspace.dependencies.rustc-hash]
+version = "2.1.1"
+
 # Matrix-related types
 [workspace.dependencies.ruma-common]
 version = "0.15.2"
@@ -293,19 +513,31 @@ version = "0.15.2"
 [workspace.dependencies.rustls]
 version = "0.23.27"
 
+# PEM parsing for rustls
+[workspace.dependencies.rustls-pemfile]
+version = "2.2.0"
+
+# PKI types for rustls
+[workspace.dependencies.rustls-pki-types]
+version = "1.12.0"
+
 # Use platform-specific verifier for TLS
 [workspace.dependencies.rustls-platform-verifier]
 version = "0.5.3"
 
+# systemd service status notification
+[workspace.dependencies.sd-notify]
+version = "0.4.5"
+
 # JSON Schema generation
 [workspace.dependencies.schemars]
 version = "0.8.22"
 features = ["url", "chrono", "preserve_order"]
 
-# SHA-2 cryptographic hash algorithm
-[workspace.dependencies.sha2]
-version = "0.10.9"
-features = ["oid"]
+# SEC1 encoding format
+[workspace.dependencies.sec1]
+version = "0.7.3"
+features = ["std"]
 
 # Query builder
 [workspace.dependencies.sea-query]
@@ -348,6 +580,37 @@ features = ["derive"] # Most of the time, if we need serde, we need derive
 version = "1.0.140"
 features = ["preserve_order"]
 
+# URL encoded form serialization
+[workspace.dependencies.serde_urlencoded]
+version = "0.7.1"
+
+# Custom serialization helpers
+[workspace.dependencies.serde_with]
+version = "3.12.0"
+features = ["hex", "chrono"]
+
+# YAML serialization
+[workspace.dependencies.serde_yaml]
+version = "0.9.34"
+
+# SHA-2 cryptographic hash algorithm
+[workspace.dependencies.sha2]
+version = "0.10.9"
+features = ["oid"]
+
+# Digital signature traits
+[workspace.dependencies.signature]
+version = "2.2.0"
+
+# Low-level socket manipulation
+[workspace.dependencies.socket2]
+version = "0.5.10"
+
+# Subject Public Key Info
+[workspace.dependencies.spki]
+version = "0.7.3"
+features = ["std"]
+
 # SQL database support
 [workspace.dependencies.sqlx]
 version = "0.8.6"
@@ -377,6 +640,14 @@ features = ["full"]
 [workspace.dependencies.tokio-stream]
 version = "0.1.17"
 
+# Tokio rustls integration
+[workspace.dependencies.tokio-rustls]
+version = "0.26.2"
+
+# Tokio test utilities
+[workspace.dependencies.tokio-test]
+version = "0.4.4"
+
 # Useful async utilities
 [workspace.dependencies.tokio-util]
 version = "0.7.15"
@@ -405,67 +676,61 @@ features = ["cors", "fs", "add-extension", "set-header"]
 version = "0.1.41"
 [workspace.dependencies.tracing-subscriber]
 version = "0.3.19"
-
-# OpenTelemetry
-[workspace.dependencies.opentelemetry]
-version = "0.29.1"
-features = ["trace", "metrics"]
-
-[workspace.dependencies.opentelemetry-http]
-version = "0.29.0"
-features = ["reqwest"]
-
-[workspace.dependencies.opentelemetry-jaeger-propagator]
-version = "0.29.0"
-
-[workspace.dependencies.opentelemetry-otlp]
-version = "0.29.0"
-default-features = false
-features = ["trace", "metrics", "http-proto"]
-
-[workspace.dependencies.opentelemetry-prometheus]
-version = "0.29.1"
-
-[workspace.dependencies.opentelemetry-resource-detectors]
-version = "0.8.0"
-
-[workspace.dependencies.opentelemetry-semantic-conventions]
-version = "0.29.0"
-features = ["semconv_experimental"]
-
-[workspace.dependencies.opentelemetry-stdout]
-version = "0.29.0"
-features = ["trace", "metrics"]
-
-[workspace.dependencies.opentelemetry_sdk]
-version = "0.29.0"
-features = [
-    "experimental_trace_batch_span_processor_with_async_runtime",
-    "experimental_metrics_periodicreader_with_async_runtime",
-    "rt-tokio",
-]
-
-[workspace.dependencies.tracing-opentelemetry]
-version = "0.30.0"
-default-features = false
-
-[workspace.dependencies.prometheus]
-version = "0.14.0"
+features = ["env-filter"]
+[workspace.dependencies.tracing-appender]
+version = "0.2.3"
 
 # URL manipulation
 [workspace.dependencies.url]
 version = "2.5.4"
 features = ["serde"]
 
+# URL encoding
+[workspace.dependencies.urlencoding]
+version = "2.1.3"
+
 # ULID support
 [workspace.dependencies.ulid]
-version = "=1.1.4"   # Pinned to the latest version which used rand 0.8
-features = ["serde"]
+version = "=1.1.4"           # Pinned to the latest version which used rand 0.8
+features = ["serde", "uuid"]
+
+# UUID support
+[workspace.dependencies.uuid]
+version = "1.17.0"
+
+# HTML escaping
+[workspace.dependencies.v_htmlescape]
+version = "0.15.8"
+
+# Version information generation
+[workspace.dependencies.vergen-gitcl]
+version = "1.0.8"
+features = ["rustc"]
+
+# Directory traversal
+[workspace.dependencies.walkdir]
+version = "2.5.0"
 
 # HTTP mock server
 [workspace.dependencies.wiremock]
 version = "0.6.3"
 
+# User-agent parser
+[workspace.dependencies.woothee]
+version = "0.13.0"
+
+# String writing interface
+[workspace.dependencies.writeable]
+version = "0.5.5"
+
+# Zero memory after use
+[workspace.dependencies.zeroize]
+version = "1.8.1"
+
+# Password strength estimation
+[workspace.dependencies.zxcvbn]
+version = "3.1.0"
+
 [profile.release]
 codegen-units = 1 # Reduce the number of codegen units to increase optimizations
 lto = true        # Enable fat LTO

crates/axum-utils/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -19,13 +19,13 @@ base64ct.workspace = true
 chrono.workspace = true
 headers.workspace = true
 http.workspace = true
-icu_locid = "1.5.0"
-mime = "0.3.17"
+icu_locid.workspace = true
+mime.workspace = true
 rand.workspace = true
 reqwest.workspace = true
 sentry.workspace = true
 serde.workspace = true
-serde_with = "3.12.0"
+serde_with.workspace = true
 serde_json.workspace = true
 thiserror.workspace = true
 tokio.workspace = true

crates/cli/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 build = "build.rs"
 
@@ -20,38 +20,35 @@ bytes.workspace = true
 camino.workspace = true
 chrono.workspace = true
 clap.workspace = true
-console = "0.15.11"
-dialoguer = { version = "0.11.0", default-features = false, features = [
-    "fuzzy-select",
-    "password",
-] }
-dotenvy = "0.15.7"
+console.workspace = true
+dialoguer.workspace = true
+dotenvy.workspace = true
 figment.workspace = true
 futures-util.workspace = true
 headers.workspace = true
 http-body-util.workspace = true
 hyper.workspace = true
-ipnetwork = "0.20.0"
-itertools = "0.14.0"
-listenfd = "1.0.2"
+ipnetwork.workspace = true
+itertools.workspace = true
+listenfd.workspace = true
 rand.workspace = true
 rand_chacha.workspace = true
 reqwest.workspace = true
 rustls.workspace = true
-sd-notify = "0.4.5"
+sd-notify.workspace = true
 serde_json.workspace = true
-serde_yaml = "0.9.34"
+serde_yaml.workspace = true
 sqlx.workspace = true
 tokio.workspace = true
 tokio-util.workspace = true
 tower.workspace = true
 tower-http.workspace = true
 url.workspace = true
-zeroize = "1.8.1"
+zeroize.workspace = true
 
 tracing.workspace = true
-tracing-appender = "0.2.3"
-tracing-subscriber = { workspace = true, features = ["env-filter"] }
+tracing-appender.workspace = true
+tracing-subscriber.workspace = true
 tracing-opentelemetry.workspace = true
 opentelemetry.workspace = true
 opentelemetry-http.workspace = true
@@ -90,7 +87,7 @@ syn2mas.workspace = true
 
 [build-dependencies]
 anyhow.workspace = true
-vergen-gitcl = { version = "1.0.8", features = ["rustc"] }
+vergen-gitcl.workspace = true
 
 [features]
 # Features used for the prebuilt binaries

crates/config/Cargo.toml

@@ -6,41 +6,36 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-tokio.workspace = true
-tracing.workspace = true
 anyhow.workspace = true
-futures-util.workspace = true
-
-camino = { workspace = true, features = ["serde1"] }
+camino.workspace = true
 chrono.workspace = true
 figment.workspace = true
+futures-util.workspace = true
+governor.workspace = true
 hex.workspace = true
-ipnetwork = { version = "0.20.0", features = ["serde", "schemars"] }
+indoc.workspace = true
+ipnetwork.workspace = true
 lettre.workspace = true
+pem-rfc7468.workspace = true
+rand_chacha.workspace = true
+rand.workspace = true
+rustls-pemfile.workspace = true
+rustls-pki-types.workspace = true
 schemars.workspace = true
+serde_json.workspace = true
+serde_with.workspace = true
+serde.workspace = true
+tokio.workspace = true
+tracing.workspace = true
 ulid.workspace = true
 url.workspace = true
 
-serde.workspace = true
-serde_with = { version = "3.12.0", features = ["hex", "chrono"] }
-serde_json.workspace = true
-
-pem-rfc7468 = "0.7.0"
-rustls-pki-types = "1.12.0"
-rustls-pemfile = "2.2.0"
-rand.workspace = true
-rand_chacha.workspace = true
-
-indoc = "2.0.6"
-
-governor.workspace = true
-
 mas-jose.workspace = true
 mas-keystore.workspace = true
 mas-iana.workspace = true

crates/context/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true

crates/data-model/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -18,11 +18,11 @@ thiserror.workspace = true
 serde.workspace = true
 serde_json.workspace = true
 url.workspace = true
-crc = "3.3.0"
+crc.workspace = true
 ulid.workspace = true
 rand.workspace = true
-regex = "1.11.1"
-woothee = "0.13.0"
+regex.workspace = true
+woothee.workspace = true
 ruma-common.workspace = true
 
 mas-iana.workspace = true

crates/email/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true

crates/handlers/Cargo.toml

@@ -6,88 +6,62 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-# Async runtime
-tokio.workspace = true
-tokio-util.workspace = true
-futures-util.workspace = true
-async-trait.workspace = true
-
-# Logging and tracing
-tracing.workspace = true
-opentelemetry.workspace = true
-opentelemetry-semantic-conventions.workspace = true
-
-# Error management
-thiserror.workspace = true
-anyhow.workspace = true
-sentry.workspace = true
-
-# Web server
-hyper.workspace = true
-tower.workspace = true
-tower-http.workspace = true
-axum.workspace = true
-axum-macros = "0.5.0"
-axum-extra.workspace = true
-rustls.workspace = true
-
 aide.workspace = true
+anyhow.workspace = true
+argon2.workspace = true
 async-graphql.workspace = true
-schemars.workspace = true
-
-# HTTP client
-reqwest.workspace = true
-
-# Emails
-lettre.workspace = true
-
-# Database access
-sqlx.workspace = true
-
-# Various structure (de)serialization
-serde.workspace = true
-serde_with = { version = "3.12.0", features = ["hex", "chrono"] }
-serde_json.workspace = true
-serde_urlencoded = "0.7.1"
-
-# Password hashing
-argon2 = { version = "0.5.3", features = ["password-hash", "std"] }
-bcrypt = { version = "0.17.0", default-features = true }
-pbkdf2 = { version = "0.12.2", features = [
-    "password-hash",
-    "std",
-    "simple",
-    "parallel",
-] }
-zeroize = "1.8.1"
-
-# Various data types and utilities
+async-trait.workspace = true
+axum-extra.workspace = true
+axum-macros.workspace = true
+axum.workspace = true
 base64ct.workspace = true
+bcrypt.workspace = true
 camino.workspace = true
 chrono.workspace = true
 elliptic-curve.workspace = true
-hex.workspace = true
+futures-util.workspace = true
 governor.workspace = true
-icu_normalizer = "1.5.0"
-indexmap.workspace = true
-pkcs8.workspace = true
-psl = "2.1.119"
-sha2.workspace = true
-time = "0.3.41"
-url.workspace = true
-mime = "0.3.17"
-minijinja.workspace = true
-minijinja-contrib.workspace = true
-rand.workspace = true
-rand_chacha.workspace = true
 headers.workspace = true
+hex.workspace = true
+hyper.workspace = true
+icu_normalizer.workspace = true
+indexmap.workspace = true
+lettre.workspace = true
+mime.workspace = true
+minijinja-contrib.workspace = true
+minijinja.workspace = true
+opentelemetry-semantic-conventions.workspace = true
+opentelemetry.workspace = true
+pbkdf2.workspace = true
+pkcs8.workspace = true
+psl.workspace = true
+rand_chacha.workspace = true
+rand.workspace = true
+reqwest.workspace = true
+rustls.workspace = true
+schemars.workspace = true
+sentry.workspace = true
+serde_json.workspace = true
+serde_urlencoded.workspace = true
+serde_with.workspace = true
+serde.workspace = true
+sha2.workspace = true
+sqlx.workspace = true
+thiserror.workspace = true
+tokio-util.workspace = true
+tokio.workspace = true
+tower-http.workspace = true
+tower.workspace = true
+tracing.workspace = true
 ulid.workspace = true
+url.workspace = true
+zeroize.workspace = true
 
 mas-axum-utils.workspace = true
 mas-config.workspace = true
@@ -106,13 +80,11 @@ mas-storage.workspace = true
 mas-storage-pg.workspace = true
 mas-templates.workspace = true
 oauth2-types.workspace = true
-zxcvbn = "3.1.0"
+zxcvbn.workspace = true
 
 [dev-dependencies]
 insta.workspace = true
 tracing-subscriber.workspace = true
-cookie_store = { version = "0.21.1", default-features = false, features = [
-    "serde_json",
-] }
+cookie_store.workspace = true
 sqlx.workspace = true
 wiremock.workspace = true

crates/http/Cargo.toml

@@ -7,6 +7,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true

crates/i18n-scan/Cargo.toml

@@ -1,12 +1,12 @@
 [package]
 name = "mas-i18n-scan"
 version.workspace = true
-license.workspace = true
 authors.workspace = true
 edition.workspace = true
+license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -18,6 +18,6 @@ minijinja.workspace = true
 serde_json.workspace = true
 tracing-subscriber.workspace = true
 tracing.workspace = true
-walkdir = "2.5.0"
+walkdir.workspace = true
 
 mas-i18n.workspace = true

crates/i18n/Cargo.toml

@@ -1,30 +1,30 @@
 [package]
 name = "mas-i18n"
 version.workspace = true
-license.workspace = true
 authors.workspace = true
 edition.workspace = true
+license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 camino.workspace = true
-icu_calendar = { version = "1.5.2", features = ["compiled_data", "std"] }
-icu_datetime = { version = "1.5.1", features = ["compiled_data", "std"] }
-icu_locid = { version = "1.5.0", features = ["std"] }
-icu_locid_transform = { version = "1.5.0", features = ["compiled_data", "std"] }
-icu_plurals = { version = "1.5.0", features = ["compiled_data", "std"] }
-icu_provider = { version = "1.5.0", features = ["std", "sync"] }
-icu_provider_adapters = { version = "1.5.0", features = ["std"] }
-icu_experimental = { version = "0.1.0", features = ["compiled_data", "std"] }
-pad = "0.1.6"
-pest = "2.8.0"
-pest_derive = "2.8.0"
-serde.workspace = true
+icu_calendar.workspace = true
+icu_datetime.workspace = true
+icu_experimental.workspace = true
+icu_locid_transform.workspace = true
+icu_locid.workspace = true
+icu_plurals.workspace = true
+icu_provider_adapters.workspace = true
+icu_provider.workspace = true
+pad.workspace = true
+pest_derive.workspace = true
+pest.workspace = true
 serde_json.workspace = true
+serde.workspace = true
 thiserror.workspace = true
-writeable = "0.5.5"
+writeable.workspace = true

crates/iana-codegen/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -15,10 +15,10 @@ workspace = true
 anyhow.workspace = true
 async-trait.workspace = true
 camino.workspace = true
-convert_case = "0.8.0"
-csv = "1.3.1"
+convert_case.workspace = true
+csv.workspace = true
 reqwest.workspace = true
 serde.workspace = true
 tokio.workspace = true
-tracing.workspace = true
 tracing-subscriber.workspace = true
+tracing.workspace = true

crates/iana-codegen/src/generation.rs

@@ -164,8 +164,7 @@ pub fn json_schema_impl(
 ) -> std::fmt::Result {
     write!(
         f,
-        r#"#[cfg(feature = "schemars")]
-impl schemars::JsonSchema for {} {{
+        r#"impl schemars::JsonSchema for {} {{
     fn schema_name() -> String {{
         "{}".to_owned()
     }}
@@ -237,8 +236,7 @@ impl schemars::JsonSchema for {} {{
 pub fn serde_impl(f: &mut std::fmt::Formatter<'_>, section: &Section) -> std::fmt::Result {
     writeln!(
         f,
-        r#"#[cfg(feature = "serde")]
-impl<'de> serde::Deserialize<'de> for {} {{
+        r"impl<'de> serde::Deserialize<'de> for {} {{
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
         D: serde::de::Deserializer<'de>,
@@ -248,7 +246,6 @@ impl<'de> serde::Deserialize<'de> for {} {{
     }}
 }}
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for {} {{
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -256,7 +253,7 @@ impl serde::Serialize for {} {{
     {{
         serializer.serialize_str(&self.to_string())
     }}
-}}"#,
+}}",
         section.key, section.key,
     )
 }

crates/iana-codegen/src/jose.rs

@@ -31,6 +31,7 @@ enum Requirements {
     RecommendedMinus,
     Optional,
     Prohibited,
+    Deprecated,
 }
 
 #[allow(dead_code)]
@@ -78,10 +79,18 @@ impl EnumEntry for WebEncryptionSignatureAlgorithm {
                 if self.reference.contains("RFC7518, Section 3")
                     || self.reference.contains("RFC8037")
                     || self.reference.contains("RFC8812")
+                    || (self
+                        .reference
+                        .contains("RFC-ietf-jose-fully-specified-algorithms")
+                        && self.reference.contains("Section 2"))
                 {
                     Some("JsonWebSignatureAlg")
                 } else if self.reference.contains("RFC7518, Section 4")
                     || self.reference.contains("WebCryptoAPI")
+                    || (self
+                        .reference
+                        .contains("RFC-ietf-jose-fully-specified-algorithms")
+                        && self.reference.contains("Section 3"))
                 {
                     Some("JsonWebEncryptionAlg")
                 } else {

crates/iana-codegen/src/traits.rs

@@ -89,6 +89,13 @@ pub trait EnumEntry: DeserializeOwned + Send + Sync {
             .into_deserialize()
             .filter_map(|item: Result<Self, _>| {
                 item.map(|item| {
+                    if item
+                        .description()
+                        .is_some_and(|desc| desc.contains("TEMPORARY"))
+                    {
+                        return None;
+                    }
+
                     item.key().map(|key| {
                         (
                             key,

crates/iana/Cargo.toml

@@ -7,15 +7,11 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-serde = { workspace = true, optional = true }
-schemars = { workspace = true, optional = true }
-
-[features]
-default = ["serde", "schemars"]
-serde = ["dep:serde"]
-schemars = ["dep:schemars"]
+serde.workspace = true
+schemars.workspace = true

crates/iana/src/jose.rs

@@ -62,6 +62,12 @@ pub enum JsonWebSignatureAlg {
     /// ECDSA using secp256k1 curve and SHA-256
     Es256K,
 
+    /// EdDSA using Ed25519 curve
+    Ed25519,
+
+    /// EdDSA using Ed448 curve
+    Ed448,
+
     /// An unknown value.
     Unknown(String),
 }
@@ -84,6 +90,8 @@ impl core::fmt::Display for JsonWebSignatureAlg {
             Self::None => write!(f, "none"),
             Self::EdDsa => write!(f, "EdDSA"),
             Self::Es256K => write!(f, "ES256K"),
+            Self::Ed25519 => write!(f, "Ed25519"),
+            Self::Ed448 => write!(f, "Ed448"),
             Self::Unknown(value) => write!(f, "{value}"),
         }
     }
@@ -109,12 +117,13 @@ impl core::str::FromStr for JsonWebSignatureAlg {
             "none" => Ok(Self::None),
             "EdDSA" => Ok(Self::EdDsa),
             "ES256K" => Ok(Self::Es256K),
+            "Ed25519" => Ok(Self::Ed25519),
+            "Ed448" => Ok(Self::Ed448),
             value => Ok(Self::Unknown(value.to_owned())),
         }
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebSignatureAlg {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -125,7 +134,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebSignatureAlg {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebSignatureAlg {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -135,7 +143,6 @@ impl serde::Serialize for JsonWebSignatureAlg {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebSignatureAlg {
     fn schema_name() -> String {
         "JsonWebSignatureAlg".to_owned()
@@ -339,6 +346,32 @@ impl schemars::JsonSchema for JsonWebSignatureAlg {
                 ..Default::default()
             }
             .into(),
+            // ---
+            schemars::schema::SchemaObject {
+                metadata: Some(Box::new(schemars::schema::Metadata {
+                    description: Some(
+                        // ---
+                        r"EdDSA using Ed25519 curve".to_owned(),
+                    ),
+                    ..Default::default()
+                })),
+                const_value: Some("Ed25519".into()),
+                ..Default::default()
+            }
+            .into(),
+            // ---
+            schemars::schema::SchemaObject {
+                metadata: Some(Box::new(schemars::schema::Metadata {
+                    description: Some(
+                        // ---
+                        r"EdDSA using Ed448 curve".to_owned(),
+                    ),
+                    ..Default::default()
+                })),
+                const_value: Some("Ed448".into()),
+                ..Default::default()
+            }
+            .into(),
         ];
 
         let description = r#"JSON Web Signature "alg" parameter"#;
@@ -480,7 +513,6 @@ impl core::str::FromStr for JsonWebEncryptionAlg {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebEncryptionAlg {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -491,7 +523,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionAlg {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebEncryptionAlg {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -501,7 +532,6 @@ impl serde::Serialize for JsonWebEncryptionAlg {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebEncryptionAlg {
     fn schema_name() -> String {
         "JsonWebEncryptionAlg".to_owned()
@@ -833,7 +863,6 @@ impl core::str::FromStr for JsonWebEncryptionEnc {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebEncryptionEnc {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -844,7 +873,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionEnc {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebEncryptionEnc {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -854,7 +882,6 @@ impl serde::Serialize for JsonWebEncryptionEnc {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebEncryptionEnc {
     fn schema_name() -> String {
         "JsonWebEncryptionEnc".to_owned()
@@ -992,7 +1019,6 @@ impl core::str::FromStr for JsonWebEncryptionCompressionAlgorithm {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebEncryptionCompressionAlgorithm {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1003,7 +1029,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebEncryptionCompressionAlgorithm {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebEncryptionCompressionAlgorithm {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1013,7 +1038,6 @@ impl serde::Serialize for JsonWebEncryptionCompressionAlgorithm {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebEncryptionCompressionAlgorithm {
     fn schema_name() -> String {
         "JsonWebEncryptionCompressionAlgorithm".to_owned()
@@ -1101,7 +1125,6 @@ impl core::str::FromStr for JsonWebKeyType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebKeyType {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1112,7 +1135,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebKeyType {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1122,7 +1144,6 @@ impl serde::Serialize for JsonWebKeyType {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebKeyType {
     fn schema_name() -> String {
         "JsonWebKeyType".to_owned()
@@ -1249,7 +1270,6 @@ impl core::str::FromStr for JsonWebKeyEcEllipticCurve {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebKeyEcEllipticCurve {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1260,7 +1280,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyEcEllipticCurve {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebKeyEcEllipticCurve {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1270,7 +1289,6 @@ impl serde::Serialize for JsonWebKeyEcEllipticCurve {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebKeyEcEllipticCurve {
     fn schema_name() -> String {
         "JsonWebKeyEcEllipticCurve".to_owned()
@@ -1397,7 +1415,6 @@ impl core::str::FromStr for JsonWebKeyOkpEllipticCurve {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebKeyOkpEllipticCurve {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1408,7 +1425,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyOkpEllipticCurve {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebKeyOkpEllipticCurve {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1418,7 +1434,6 @@ impl serde::Serialize for JsonWebKeyOkpEllipticCurve {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebKeyOkpEllipticCurve {
     fn schema_name() -> String {
         "JsonWebKeyOkpEllipticCurve".to_owned()
@@ -1535,7 +1550,6 @@ impl core::str::FromStr for JsonWebKeyUse {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebKeyUse {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1546,7 +1560,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyUse {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebKeyUse {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1556,7 +1569,6 @@ impl serde::Serialize for JsonWebKeyUse {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebKeyUse {
     fn schema_name() -> String {
         "JsonWebKeyUse".to_owned()
@@ -1677,7 +1689,6 @@ impl core::str::FromStr for JsonWebKeyOperation {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for JsonWebKeyOperation {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -1688,7 +1699,6 @@ impl<'de> serde::Deserialize<'de> for JsonWebKeyOperation {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for JsonWebKeyOperation {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -1698,7 +1708,6 @@ impl serde::Serialize for JsonWebKeyOperation {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for JsonWebKeyOperation {
     fn schema_name() -> String {
         "JsonWebKeyOperation".to_owned()

crates/iana/src/oauth.rs

@@ -59,7 +59,6 @@ impl core::str::FromStr for OAuthAccessTokenType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for OAuthAccessTokenType {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -70,7 +69,6 @@ impl<'de> serde::Deserialize<'de> for OAuthAccessTokenType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for OAuthAccessTokenType {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -80,7 +78,6 @@ impl serde::Serialize for OAuthAccessTokenType {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for OAuthAccessTokenType {
     fn schema_name() -> String {
         "OAuthAccessTokenType".to_owned()
@@ -194,7 +191,6 @@ impl core::str::FromStr for OAuthAuthorizationEndpointResponseType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for OAuthAuthorizationEndpointResponseType {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -205,7 +201,6 @@ impl<'de> serde::Deserialize<'de> for OAuthAuthorizationEndpointResponseType {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for OAuthAuthorizationEndpointResponseType {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -215,7 +210,6 @@ impl serde::Serialize for OAuthAuthorizationEndpointResponseType {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for OAuthAuthorizationEndpointResponseType {
     fn schema_name() -> String {
         "OAuthAuthorizationEndpointResponseType".to_owned()
@@ -333,7 +327,6 @@ impl core::str::FromStr for OAuthTokenTypeHint {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for OAuthTokenTypeHint {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -344,7 +337,6 @@ impl<'de> serde::Deserialize<'de> for OAuthTokenTypeHint {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for OAuthTokenTypeHint {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -354,7 +346,6 @@ impl serde::Serialize for OAuthTokenTypeHint {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for OAuthTokenTypeHint {
     fn schema_name() -> String {
         "OAuthTokenTypeHint".to_owned()
@@ -462,7 +453,6 @@ impl core::str::FromStr for OAuthClientAuthenticationMethod {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for OAuthClientAuthenticationMethod {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -473,7 +463,6 @@ impl<'de> serde::Deserialize<'de> for OAuthClientAuthenticationMethod {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for OAuthClientAuthenticationMethod {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -483,7 +472,6 @@ impl serde::Serialize for OAuthClientAuthenticationMethod {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for OAuthClientAuthenticationMethod {
     fn schema_name() -> String {
         "OAuthClientAuthenticationMethod".to_owned()
@@ -590,7 +578,6 @@ impl core::str::FromStr for PkceCodeChallengeMethod {
     }
 }
 
-#[cfg(feature = "serde")]
 impl<'de> serde::Deserialize<'de> for PkceCodeChallengeMethod {
     fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>
     where
@@ -601,7 +588,6 @@ impl<'de> serde::Deserialize<'de> for PkceCodeChallengeMethod {
     }
 }
 
-#[cfg(feature = "serde")]
 impl serde::Serialize for PkceCodeChallengeMethod {
     fn serialize<S>(&self, serializer: S) -> Result<S::Ok, S::Error>
     where
@@ -611,7 +597,6 @@ impl serde::Serialize for PkceCodeChallengeMethod {
     }
 }
 
-#[cfg(feature = "schemars")]
 impl schemars::JsonSchema for PkceCodeChallengeMethod {
     fn schema_name() -> String {
         "PkceCodeChallengeMethod".to_owned()

crates/jose/Cargo.toml

@@ -7,30 +7,31 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-base64ct = { version = "1.8.0", features = ["std"] }
+base64ct.workspace = true
 chrono.workspace = true
-digest = "0.10.7"
-ecdsa = { version = "0.16.9", features = ["signing", "verifying"] }
+digest.workspace = true
+ecdsa.workspace = true
 elliptic-curve.workspace = true
-generic-array = "0.14.7"
-hmac = "0.12.1"
-k256 = { version = "0.13.4", features = ["ecdsa"] }
-p256 = { version = "0.13.2", features = ["ecdsa"] }
-p384 = { version = "0.13.1", features = ["ecdsa"] }
+generic-array.workspace = true
+hmac.workspace = true
+k256.workspace = true
+p256.workspace = true
+p384.workspace = true
 rand.workspace = true
-rsa = "0.9.8"
+rsa.workspace = true
 schemars.workspace = true
-sec1 = "0.7.3"
-serde.workspace = true
+sec1.workspace = true
 serde_json.workspace = true
-serde_with = "3.12.0"
+serde_with.workspace = true
+serde.workspace = true
 sha2.workspace = true
-signature = "2.2.0"
+signature.workspace = true
 thiserror.workspace = true
 url.workspace = true
 

crates/jose/src/jwa/asymmetric.rs

@@ -167,7 +167,7 @@ impl AsymmetricSigningKey {
                 Ok(Self::es256k(params.try_into()?))
             }
 
-            (JsonWebKeyPrivateParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => {
+            (JsonWebKeyPrivateParameters::Okp(_params), _) => {
                 Err(AsymmetricKeyFromJwkError::UnsupportedAlgorithm { alg: alg.clone() })
             }
 
@@ -401,7 +401,7 @@ impl AsymmetricVerifyingKey {
                 Ok(Self::es256k(params.try_into()?))
             }
 
-            (JsonWebKeyPublicParameters::Okp(_params), JsonWebSignatureAlg::EdDsa) => {
+            (JsonWebKeyPublicParameters::Okp(_params), _) => {
                 Err(AsymmetricKeyFromJwkError::UnsupportedAlgorithm { alg: alg.clone() })
             }
 

crates/keystore/Cargo.toml

@@ -7,15 +7,19 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-aead = { version = "0.5.2", features = ["std"] }
-const-oid = { version = "0.9.6", features = ["std"] }
-der = { version = "0.7.10", features = ["std"] }
+aead.workspace = true
+base64ct.workspace = true
+chacha20poly1305.workspace = true
+const-oid.workspace = true
+der.workspace = true
 elliptic-curve.workspace = true
+generic-array.workspace = true
 k256.workspace = true
 p256.workspace = true
 p384.workspace = true
@@ -23,13 +27,10 @@ pem-rfc7468.workspace = true
 pkcs1.workspace = true
 pkcs8.workspace = true
 rand.workspace = true
-rsa = { version = "0.9.8", features = ["std", "pem"] }
-sec1 = { version = "0.7.3", features = ["std"] }
-spki = { version = "0.7.3", features = ["std"] }
+rsa.workspace = true
+sec1.workspace = true
+spki.workspace = true
 thiserror.workspace = true
-generic-array = "0.14.7"
-chacha20poly1305 = { version = "0.10.1", features = ["std"] }
-base64ct = "1.8.0"
 
 mas-iana.workspace = true
 mas-jose.workspace = true

crates/listener/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -15,25 +15,25 @@ workspace = true
 bytes.workspace = true
 futures-util.workspace = true
 http-body.workspace = true
-hyper = { workspace = true, features = ["server"] }
 hyper-util.workspace = true
+hyper.workspace = true
 pin-project-lite.workspace = true
-socket2 = "0.5.10"
+socket2.workspace = true
 thiserror.workspace = true
-tokio.workspace = true
-tokio-rustls = "0.26.2"
+tokio-rustls.workspace = true
 tokio-util.workspace = true
-tower.workspace = true
+tokio.workspace = true
 tower-http.workspace = true
+tower.workspace = true
 tracing.workspace = true
 
 mas-context.workspace = true
 
 [dev-dependencies]
 anyhow.workspace = true
-rustls-pemfile = "2.2.0"
+rustls-pemfile.workspace = true
+tokio-test.workspace = true
 tokio.workspace = true
-tokio-test = "0.4.4"
 tracing-subscriber.workspace = true
 
 [[example]]

crates/matrix-synapse/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -20,7 +20,7 @@ serde.workspace = true
 thiserror.workspace = true
 tracing.workspace = true
 url.workspace = true
-urlencoding = "2.1.3"
+urlencoding.workspace = true
 
 mas-http.workspace = true
 mas-matrix.workspace = true

crates/matrix/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true

crates/oauth2-types/Cargo.toml

@@ -7,25 +7,26 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 base64ct.workspace = true
-serde.workspace = true
-serde_json.workspace = true
-language-tags = { version = "0.3.2", features = ["serde"] }
-url.workspace = true
-serde_with = { version = "3.12.0", features = ["chrono"] }
 chrono.workspace = true
+indexmap.workspace = true
+language-tags.workspace = true
+serde_json.workspace = true
+serde_with.workspace = true
+serde.workspace = true
 sha2.workspace = true
 thiserror.workspace = true
-indexmap.workspace = true
+url.workspace = true
 
 mas-iana.workspace = true
 mas-jose.workspace = true
 
 [dev-dependencies]
-assert_matches = "1.5.0"
+assert_matches.workspace = true
 insta.workspace = true

crates/oidc-client/Cargo.toml

@@ -7,26 +7,27 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 async-trait.workspace = true
-base64ct = { version = "1.8.0", features = ["std"] }
+base64ct.workspace = true
 chrono.workspace = true
 elliptic-curve.workspace = true
-form_urlencoded = "1.2.1"
+form_urlencoded.workspace = true
 headers.workspace = true
 http.workspace = true
-language-tags = "0.3.2"
-mime = "0.3.17"
+language-tags.workspace = true
+mime.workspace = true
 p256.workspace = true
 rand.workspace = true
 reqwest.workspace = true
-serde.workspace = true
 serde_json.workspace = true
-serde_urlencoded = "0.7.1"
+serde_urlencoded.workspace = true
+serde.workspace = true
 thiserror.workspace = true
 tracing.workspace = true
 url.workspace = true
@@ -38,10 +39,10 @@ mas-keystore.workspace = true
 oauth2-types.workspace = true
 
 [dev-dependencies]
-assert_matches = "1.5.0"
+assert_matches.workspace = true
 bitflags.workspace = true
+http-body-util.workspace = true
 rand_chacha.workspace = true
+rustls.workspace = true
 tokio.workspace = true
 wiremock.workspace = true
-http-body-util.workspace = true
-rustls.workspace = true

crates/policy/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -14,10 +14,10 @@ workspace = true
 [dependencies]
 anyhow.workspace = true
 arc-swap.workspace = true
-opa-wasm = "0.1.5"
-serde.workspace = true
+opa-wasm.workspace = true
+schemars.workspace = true
 serde_json.workspace = true
-schemars = { workspace = true, optional = true }
+serde.workspace = true
 thiserror.workspace = true
 tokio.workspace = true
 tracing.workspace = true
@@ -25,9 +25,5 @@ tracing.workspace = true
 mas-data-model.workspace = true
 oauth2-types.workspace = true
 
-[features]
-jsonschema = ["dep:schemars"]
-
 [[bin]]
 name = "schema"
-required-features = ["jsonschema"]

crates/policy/src/bin/schema.rs

@@ -4,6 +4,11 @@
 // SPDX-License-Identifier: AGPL-3.0-only
 // Please see LICENSE in the repository root for full details.
 
+#![expect(
+    clippy::disallowed_types,
+    reason = "We use Path/PathBuf instead of camino here for simplicity"
+)]
+
 use std::path::{Path, PathBuf};
 
 use mas_policy::model::{
@@ -12,17 +17,14 @@ use mas_policy::model::{
 use schemars::{JsonSchema, r#gen::SchemaSettings};
 
 fn write_schema<T: JsonSchema>(out_dir: Option<&Path>, file: &str) {
-    let mut writer: Box<dyn std::io::Write> = match out_dir {
-        Some(out_dir) => {
-            let path = out_dir.join(file);
-            eprintln!("Writing to {path:?}");
-            let file = std::fs::File::create(path).expect("Failed to create file");
-            Box::new(std::io::BufWriter::new(file))
-        }
-        None => {
-            eprintln!("--- {file} ---");
-            Box::new(std::io::stdout())
-        }
+    let mut writer: Box<dyn std::io::Write> = if let Some(out_dir) = out_dir {
+        let path = out_dir.join(file);
+        eprintln!("Writing to {path:?}");
+        let file = std::fs::File::create(path).expect("Failed to create file");
+        Box::new(std::io::BufWriter::new(file))
+    } else {
+        eprintln!("--- {file} ---");
+        Box::new(std::io::stdout())
     };
 
     let settings = SchemaSettings::draft07().with(|s| {

crates/policy/src/model.rs

@@ -13,12 +13,12 @@ use std::net::IpAddr;
 
 use mas_data_model::{Client, User};
 use oauth2_types::{registration::VerifiedClientMetadata, scope::Scope};
+use schemars::JsonSchema;
 use serde::{Deserialize, Serialize};
 
 /// A well-known policy code.
-#[derive(Deserialize, Debug, Clone, Copy)]
+#[derive(Deserialize, Debug, Clone, Copy, JsonSchema)]
 #[serde(rename_all = "kebab-case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub enum Code {
     /// The username is too short.
     UsernameTooShort,
@@ -71,8 +71,7 @@ impl Code {
 }
 
 /// A single violation of a policy.
-#[derive(Deserialize, Debug)]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
+#[derive(Deserialize, Debug, JsonSchema)]
 pub struct Violation {
     pub msg: String,
     pub redirect_uri: Option<String>,
@@ -111,9 +110,8 @@ impl EvaluationResult {
 }
 
 /// Identity of the requester
-#[derive(Serialize, Debug, Default)]
+#[derive(Serialize, Debug, Default, JsonSchema)]
 #[serde(rename_all = "snake_case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub struct Requester {
     /// IP address of the entity making the request
     pub ip_address: Option<IpAddr>,
@@ -122,8 +120,7 @@ pub struct Requester {
     pub user_agent: Option<String>,
 }
 
-#[derive(Serialize, Debug)]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
+#[derive(Serialize, Debug, JsonSchema)]
 pub enum RegistrationMethod {
     #[serde(rename = "password")]
     Password,
@@ -133,9 +130,8 @@ pub enum RegistrationMethod {
 }
 
 /// Input for the user registration policy.
-#[derive(Serialize, Debug)]
+#[derive(Serialize, Debug, JsonSchema)]
 #[serde(tag = "registration_method")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub struct RegisterInput<'a> {
     pub registration_method: RegistrationMethod,
 
@@ -148,21 +144,16 @@ pub struct RegisterInput<'a> {
 }
 
 /// Input for the client registration policy.
-#[derive(Serialize, Debug)]
+#[derive(Serialize, Debug, JsonSchema)]
 #[serde(rename_all = "snake_case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub struct ClientRegistrationInput<'a> {
-    #[cfg_attr(
-        feature = "jsonschema",
-        schemars(with = "std::collections::HashMap<String, serde_json::Value>")
-    )]
+    #[schemars(with = "std::collections::HashMap<String, serde_json::Value>")]
     pub client_metadata: &'a VerifiedClientMetadata,
     pub requester: Requester,
 }
 
-#[derive(Serialize, Debug)]
+#[derive(Serialize, Debug, JsonSchema)]
 #[serde(rename_all = "snake_case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub enum GrantType {
     AuthorizationCode,
     ClientCredentials,
@@ -171,23 +162,16 @@ pub enum GrantType {
 }
 
 /// Input for the authorization grant policy.
-#[derive(Serialize, Debug)]
+#[derive(Serialize, Debug, JsonSchema)]
 #[serde(rename_all = "snake_case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub struct AuthorizationGrantInput<'a> {
-    #[cfg_attr(
-        feature = "jsonschema",
-        schemars(with = "Option<std::collections::HashMap<String, serde_json::Value>>")
-    )]
+    #[schemars(with = "Option<std::collections::HashMap<String, serde_json::Value>>")]
     pub user: Option<&'a User>,
 
-    #[cfg_attr(
-        feature = "jsonschema",
-        schemars(with = "std::collections::HashMap<String, serde_json::Value>")
-    )]
+    #[schemars(with = "std::collections::HashMap<String, serde_json::Value>")]
     pub client: &'a Client,
 
-    #[cfg_attr(feature = "jsonschema", schemars(with = "String"))]
+    #[schemars(with = "String")]
     pub scope: &'a Scope,
 
     pub grant_type: GrantType,
@@ -196,9 +180,8 @@ pub struct AuthorizationGrantInput<'a> {
 }
 
 /// Input for the email add policy.
-#[derive(Serialize, Debug)]
+#[derive(Serialize, Debug, JsonSchema)]
 #[serde(rename_all = "snake_case")]
-#[cfg_attr(feature = "jsonschema", derive(schemars::JsonSchema))]
 pub struct EmailInput<'a> {
     pub email: &'a str,
 

crates/router/Cargo.toml

@@ -6,14 +6,14 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 axum.workspace = true
+serde_urlencoded.workspace = true
 serde.workspace = true
-serde_urlencoded = "0.7.1"
-url.workspace = true
 ulid.workspace = true
+url.workspace = true

crates/spa/Cargo.toml

@@ -6,13 +6,12 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
+camino.workspace = true
 serde.workspace = true
 thiserror.workspace = true
-camino = { workspace = true, features = ["serde1"] }
-

crates/storage-pg/Cargo.toml

@@ -6,29 +6,28 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 async-trait.workspace = true
-sqlx.workspace = true
-sea-query.workspace = true
-sea-query-binder.workspace = true
 chrono.workspace = true
+futures-util.workspace = true
+opentelemetry-semantic-conventions.workspace = true
+opentelemetry.workspace = true
+rand_chacha.workspace = true
+rand.workspace = true
+sea-query-binder.workspace = true
+sea-query.workspace = true
 serde_json.workspace = true
+sqlx.workspace = true
 thiserror.workspace = true
 tracing.workspace = true
-futures-util.workspace = true
-opentelemetry.workspace = true
-opentelemetry-semantic-conventions.workspace = true
-
-rand.workspace = true
-rand_chacha.workspace = true
+ulid.workspace = true
 url.workspace = true
-uuid = "1.17.0"
-ulid = { workspace = true, features = ["uuid"] }
+uuid.workspace = true
 
 oauth2-types.workspace = true
 mas-storage.workspace = true

crates/storage/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -17,8 +17,8 @@ chrono.workspace = true
 futures-util.workspace = true
 opentelemetry.workspace = true
 rand_core.workspace = true
-serde.workspace = true
 serde_json.workspace = true
+serde.workspace = true
 thiserror.workspace = true
 tracing-opentelemetry.workspace = true
 tracing.workspace = true

crates/syn2mas/Cargo.toml

@@ -6,48 +6,44 @@ authors.workspace = true
 edition.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
-# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+[lints]
+workspace = true
 
 [dependencies]
 anyhow.workspace = true
 arc-swap.workspace = true
 bitflags.workspace = true
 camino.workspace = true
-figment.workspace = true
-serde.workspace = true
-serde_json.workspace = true
-thiserror.workspace = true
-thiserror-ext.workspace = true
-tokio.workspace = true
-tokio-util.workspace = true
-sqlx.workspace = true
 chrono.workspace = true
 compact_str.workspace = true
-tracing.workspace = true
-futures-util = "0.3.31"
-rustc-hash = "2.1.1"
-url.workspace = true
-
-rand.workspace = true
-rand_chacha = "0.3.1"
-uuid = "1.17.0"
-ulid = { workspace = true, features = ["uuid"] }
-
+figment.workspace = true
+futures-util.workspace = true
 mas-config.workspace = true
 mas-iana.workspace = true
 mas-storage.workspace = true
 oauth2-types.workspace = true
-
-opentelemetry.workspace = true
 opentelemetry-semantic-conventions.workspace = true
+opentelemetry.workspace = true
+rand_chacha.workspace = true
+rand.workspace = true
+rustc-hash.workspace = true
+serde_json.workspace = true
+serde.workspace = true
+sqlx.workspace = true
+thiserror-ext.workspace = true
+thiserror.workspace = true
+tokio-util.workspace = true
+tokio.workspace = true
+tracing.workspace = true
+ulid.workspace = true
+url.workspace = true
+uuid.workspace = true
 
 [dev-dependencies]
-mas-storage-pg.workspace = true
-
 anyhow.workspace = true
 insta.workspace = true
 serde.workspace = true
 
-[lints]
-workspace = true
+mas-storage-pg.workspace = true

crates/tasks/Cargo.toml

@@ -6,7 +6,7 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
@@ -14,21 +14,21 @@ workspace = true
 [dependencies]
 anyhow.workspace = true
 async-trait.workspace = true
-cron.workspace = true
 chrono.workspace = true
-rand.workspace = true
+cron.workspace = true
+opentelemetry-semantic-conventions.workspace = true
+opentelemetry.workspace = true
 rand_chacha.workspace = true
+rand.workspace = true
+serde_json.workspace = true
+serde.workspace = true
 sqlx.workspace = true
 thiserror.workspace = true
-tokio.workspace = true
 tokio-util.workspace = true
-tracing.workspace = true
+tokio.workspace = true
 tracing-opentelemetry.workspace = true
-opentelemetry.workspace = true
-opentelemetry-semantic-conventions.workspace = true
+tracing.workspace = true
 ulid.workspace = true
-serde.workspace = true
-serde_json.workspace = true
 
 mas-context.workspace = true
 mas-data-model.workspace = true
@@ -36,6 +36,6 @@ mas-email.workspace = true
 mas-i18n.workspace = true
 mas-matrix.workspace = true
 mas-router.workspace = true
-mas-storage.workspace = true
 mas-storage-pg.workspace = true
+mas-storage.workspace = true
 mas-templates.workspace = true

crates/templates/Cargo.toml

@@ -6,33 +6,30 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
-publish = false
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
-arc-swap.workspace = true
-tracing.workspace = true
-tokio.workspace = true
-walkdir = "2.5.0"
-
 anyhow.workspace = true
-thiserror.workspace = true
-
-minijinja.workspace = true
-minijinja-contrib.workspace = true
-serde.workspace = true
-serde_json.workspace = true
-serde_urlencoded = "0.7.1"
-v_htmlescape = "0.15.8"
-
+arc-swap.workspace = true
 camino.workspace = true
 chrono.workspace = true
-url.workspace = true
 http.workspace = true
-ulid.workspace = true
+minijinja-contrib.workspace = true
+minijinja.workspace = true
 rand.workspace = true
+serde_json.workspace = true
+serde_urlencoded.workspace = true
+serde.workspace = true
+thiserror.workspace = true
+tokio.workspace = true
+tracing.workspace = true
+ulid.workspace = true
+url.workspace = true
+v_htmlescape.workspace = true
+walkdir.workspace = true
 
 oauth2-types.workspace = true
 mas-data-model.workspace = true

crates/tower/Cargo.toml

@@ -7,16 +7,17 @@ edition.workspace = true
 license.workspace = true
 homepage.workspace = true
 repository.workspace = true
+publish.workspace = true
 
 [lints]
 workspace = true
 
 [dependencies]
 http.workspace = true
-tracing.workspace = true
-tracing-opentelemetry.workspace = true
-tower.workspace = true
-opentelemetry.workspace = true
 opentelemetry-http.workspace = true
 opentelemetry-semantic-conventions.workspace = true
+opentelemetry.workspace = true
 pin-project-lite.workspace = true
+tower.workspace = true
+tracing-opentelemetry.workspace = true
+tracing.workspace = true

deny.toml

@@ -57,7 +57,6 @@ deny = [
 multiple-versions = "deny"
 
 skip = [
-    { name = "base64", version = "0.21.7" },         # many dependencies depends on this old version
     { name = "regex-syntax", version = "0.6.29" },   # tracing-subscriber[env-filter] -> matchers depends on the old version
     { name = "regex-automata", version = "0.1.10" }, # ^
     { name = "itertools", version = "0.13.0" },      # zxcvbn depends on this old version

docs/config.schema.json

@@ -543,6 +543,14 @@
         {
           "description": "ECDSA using secp256k1 curve and SHA-256",
           "const": "ES256K"
+        },
+        {
+          "description": "EdDSA using Ed25519 curve",
+          "const": "Ed25519"
+        },
+        {
+          "description": "EdDSA using Ed448 curve",
+          "const": "Ed448"
         }
       ]
     },

misc/update.sh

@@ -14,7 +14,7 @@ cargo run -p mas-config > "${CONFIG_SCHEMA}"
 cargo run -p mas-handlers --bin graphql-schema > "${GRAPHQL_SCHEMA}"
 cargo run -p mas-handlers --bin api-schema > "${API_SCHEMA}"
 cargo run -p mas-i18n-scan -- --update "${BASE_DIR}/templates/" "${BASE_DIR}/translations/en.json"
-OUT_DIR="${POLICIES_SCHEMA}" cargo run -p mas-policy --features jsonschema
+OUT_DIR="${POLICIES_SCHEMA}" cargo run -p mas-policy
 
 cd "${BASE_DIR}/frontend"
 npm run format