update dependencies (#4639)

## Issue Addressed

updates underlying dependencies and removes the ignored `RUSTSEC`'s for `cargo audit`.

Also switches `procinfo` to `procfs` on `eth2` to remove the `nom` warning, `procinfo` is unmaintained see [here](https://github.com/danburkert/procinfo-rs/issues/46).
This commit is contained in:
João Oliveira 2023-08-28 00:55:28 +00:00
parent 14924dbc95
commit c258270d6a
17 changed files with 887 additions and 523 deletions

1212
Cargo.lock generated

File diff suppressed because it is too large Load Diff

View File

@ -91,7 +91,8 @@ resolver = "2"
[patch]
[patch.crates-io]
warp = { git = "https://github.com/macladson/warp", rev="7e75acc368229a46a236a8c991bf251fe7fe50ef" }
# TODO: remove when 0.3.6 get's released.
warp = { git = "https://github.com/seanmonstar/warp.git", rev="149913fe" }
[profile.maxperf]
inherits = "release"

View File

@ -206,9 +206,8 @@ arbitrary-fuzz:
# Runs cargo audit (Audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database)
audit:
# cargo install --force cargo-audit
cargo audit --ignore RUSTSEC-2020-0071 --ignore RUSTSEC-2022-0093 \
--ignore RUSTSEC-2023-0052 --ignore RUSTSEC-2023-0053
cargo install --force cargo-audit
cargo audit --ignore RUSTSEC-2023-0052
# Runs `cargo vendor` to make sure dependencies can be vendored for packaging, reproducibility and archival purpose.
vendor:

View File

@ -50,4 +50,4 @@ keccak-hash = "0.10.0"
hash256-std-hasher = "0.15.2"
triehash = "0.8.4"
hash-db = "0.15.2"
pretty_reqwest_error = { path = "../../common/pretty_reqwest_error" }
pretty_reqwest_error = { path = "../../common/pretty_reqwest_error" }

View File

@ -35,14 +35,8 @@ tokio = { version = "1.14.0", features = ["full"] }
[target.'cfg(target_os = "linux")'.dependencies]
psutil = { version = "3.2.2", optional = true }
procinfo = { version = "0.4.2", optional = true }
procfs = { version = "0.15.1", optional = true }
[features]
default = ["lighthouse"]
lighthouse = [
"proto_array",
"psutil",
"procinfo",
"store",
"slashing_protection",
]
lighthouse = ["proto_array", "psutil", "procfs", "store", "slashing_protection"]

View File

@ -95,8 +95,8 @@ pub struct ValidatorInclusionData {
#[cfg(target_os = "linux")]
use {
procinfo::pid, psutil::cpu::os::linux::CpuTimesExt,
psutil::memory::os::linux::VirtualMemoryExt, psutil::process::Process,
psutil::cpu::os::linux::CpuTimesExt, psutil::memory::os::linux::VirtualMemoryExt,
psutil::process::Process,
};
/// Reports on the health of the Lighthouse instance.
@ -238,7 +238,7 @@ pub struct ProcessHealth {
/// The pid of this process.
pub pid: u32,
/// The number of threads used by this pid.
pub pid_num_threads: i32,
pub pid_num_threads: i64,
/// The total resident memory used by this pid.
pub pid_mem_resident_set_size: u64,
/// The total virtual memory used by this pid.
@ -262,7 +262,12 @@ impl ProcessHealth {
.memory_info()
.map_err(|e| format!("Unable to get process memory info: {:?}", e))?;
let stat = pid::stat_self().map_err(|e| format!("Unable to get stat: {:?}", e))?;
let me = procfs::process::Process::myself()
.map_err(|e| format!("Unable to get process: {:?}", e))?;
let stat = me
.stat()
.map_err(|e| format!("Unable to get stat: {:?}", e))?;
let process_times = process
.cpu_times()
.map_err(|e| format!("Unable to get process cpu times : {:?}", e))?;

View File

@ -7,7 +7,7 @@ edition = "2021"
build = "build.rs"
[build-dependencies]
zip = "0.5.8"
zip = "0.6"
eth2_config = { path = "../eth2_config"}
[dev-dependencies]
@ -18,4 +18,4 @@ serde_yaml = "0.8.13"
types = { path = "../../consensus/types"}
ethereum_ssz = "0.5.0"
eth2_config = { path = "../eth2_config"}
discv5 = "0.3.1"
discv5 = "0.3.1"

View File

@ -17,6 +17,6 @@ sloggers = { version = "2.1.1", features = ["json"] }
slog-async = "2.7.0"
take_mut = "0.2.2"
parking_lot = "0.12.1"
serde = "1.0.153"
serde = "1.0.153"
serde_json = "1.0.94"
chrono = "0.4.23"
chrono = { version = "0.4", default-features = false, features = ["clock", "std"] }

View File

@ -10,10 +10,14 @@ pub fn set_builder_origins(
default_origin: (IpAddr, u16),
) -> Result<Builder, String> {
if let Some(allow_origin) = allow_origin {
let origins = allow_origin
.split(',')
.map(|s| verify_cors_origin_str(s).map(|_| s))
.collect::<Result<Vec<_>, _>>()?;
let mut origins = vec![];
for origin in allow_origin.split(',') {
verify_cors_origin_str(origin)?;
if origin == "*" {
return Ok(builder.allow_any_origin());
}
origins.push(origin)
}
Ok(builder.allow_origins(origins))
} else {
let origin = match default_origin.0 {

View File

@ -87,7 +87,7 @@ pub fn scrape_process_health_metrics() {
// This will silently fail if we are unable to observe the health. This is desired behaviour
// since we don't support `Health` for all platforms.
if let Ok(health) = ProcessHealth::observe() {
set_gauge(&PROCESS_NUM_THREADS, health.pid_num_threads as i64);
set_gauge(&PROCESS_NUM_THREADS, health.pid_num_threads);
set_gauge(&PROCESS_RES_MEM, health.pid_mem_resident_set_size as i64);
set_gauge(&PROCESS_VIRT_MEM, health.pid_mem_virtual_memory_size as i64);
set_gauge(&PROCESS_SECONDS, health.pid_process_seconds_total as i64);

View File

@ -11,6 +11,7 @@ use lighthouse_network::PeerId;
use std::fs::File;
use std::io::{Read, Write};
use std::net::{IpAddr, Ipv4Addr, Ipv6Addr};
use std::path::Path;
use std::path::PathBuf;
use std::process::Command;
use std::str::FromStr;
@ -1460,15 +1461,20 @@ fn disable_inbound_rate_limiter_flag() {
#[test]
fn http_allow_origin_flag() {
CommandLineTest::new()
.flag("http-allow-origin", Some("127.0.0.99"))
.flag("http", None)
.flag("http-allow-origin", Some("http://127.0.0.99"))
.run_with_zero_port()
.with_config(|config| {
assert_eq!(config.http_api.allow_origin, Some("127.0.0.99".to_string()));
assert_eq!(
config.http_api.allow_origin,
Some("http://127.0.0.99".to_string())
);
});
}
#[test]
fn http_allow_origin_all_flag() {
CommandLineTest::new()
.flag("http", None)
.flag("http-allow-origin", Some("*"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.allow_origin, Some("*".to_string())));
@ -1476,6 +1482,7 @@ fn http_allow_origin_all_flag() {
#[test]
fn http_allow_sync_stalled_flag() {
CommandLineTest::new()
.flag("http", None)
.flag("http-allow-sync-stalled", None)
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.allow_sync_stalled, true));
@ -1483,32 +1490,29 @@ fn http_allow_sync_stalled_flag() {
#[test]
fn http_enable_beacon_processor() {
CommandLineTest::new()
.flag("http", None)
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.enable_beacon_processor, true));
CommandLineTest::new()
.flag("http", None)
.flag("http-enable-beacon-processor", Some("true"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.enable_beacon_processor, true));
CommandLineTest::new()
.flag("http", None)
.flag("http-enable-beacon-processor", Some("false"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.enable_beacon_processor, false));
}
#[test]
fn http_tls_flags() {
let dir = TempDir::new().expect("Unable to create temporary directory");
CommandLineTest::new()
.flag("http", None)
.flag("http-enable-tls", None)
.flag(
"http-tls-cert",
dir.path().join("certificate.crt").as_os_str().to_str(),
)
.flag(
"http-tls-key",
dir.path().join("private.key").as_os_str().to_str(),
)
.flag("http-tls-cert", Some("tests/tls/cert.pem"))
.flag("http-tls-key", Some("tests/tls/key.rsa"))
.run_with_zero_port()
.with_config(|config| {
let tls_config = config
@ -1516,14 +1520,15 @@ fn http_tls_flags() {
.tls_config
.as_ref()
.expect("tls_config was empty.");
assert_eq!(tls_config.cert, dir.path().join("certificate.crt"));
assert_eq!(tls_config.key, dir.path().join("private.key"));
assert_eq!(tls_config.cert, Path::new("tests/tls/cert.pem"));
assert_eq!(tls_config.key, Path::new("tests/tls/key.rsa"));
});
}
#[test]
fn http_spec_fork_default() {
CommandLineTest::new()
.flag("http", None)
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.spec_fork_name, None));
}
@ -1531,6 +1536,7 @@ fn http_spec_fork_default() {
#[test]
fn http_spec_fork_override() {
CommandLineTest::new()
.flag("http", None)
.flag("http-spec-fork", Some("altair"))
.run_with_zero_port()
.with_config(|config| assert_eq!(config.http_api.spec_fork_name, Some(ForkName::Altair)));

View File

@ -0,0 +1,24 @@
-----BEGIN CERTIFICATE-----
MIIEADCCAmigAwIBAgICAcgwDQYJKoZIhvcNAQELBQAwLDEqMCgGA1UEAwwhcG9u
eXRvd24gUlNBIGxldmVsIDIgaW50ZXJtZWRpYXRlMB4XDTE2MDgxMzE2MDcwNFoX
DTIyMDIwMzE2MDcwNFowGTEXMBUGA1UEAwwOdGVzdHNlcnZlci5jb20wggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCpVhh1/FNP2qvWenbZSghari/UThwe
dynfnHG7gc3JmygkEdErWBO/CHzHgsx7biVE5b8sZYNEDKFojyoPHGWK2bQM/FTy
niJCgNCLdn6hUqqxLAml3cxGW77hAWu94THDGB1qFe+eFiAUnDmob8gNZtAzT6Ky
b/JGJdrEU0wj+Rd7wUb4kpLInNH/Jc+oz2ii2AjNbGOZXnRz7h7Kv3sO9vABByYe
LcCj3qnhejHMqVhbAT1MD6zQ2+YKBjE52MsQKU/xhUpu9KkUyLh0cxkh3zrFiKh4
Vuvtc+n7aeOv2jJmOl1dr0XLlSHBlmoKqH6dCTSbddQLmlK7dms8vE01AgMBAAGj
gb4wgbswDAYDVR0TAQH/BAIwADALBgNVHQ8EBAMCBsAwHQYDVR0OBBYEFMeUzGYV
bXwJNQVbY1+A8YXYZY8pMEIGA1UdIwQ7MDmAFJvEsUi7+D8vp8xcWvnEdVBGkpoW
oR6kHDAaMRgwFgYDVQQDDA9wb255dG93biBSU0EgQ0GCAXswOwYDVR0RBDQwMoIO
dGVzdHNlcnZlci5jb22CFXNlY29uZC50ZXN0c2VydmVyLmNvbYIJbG9jYWxob3N0
MA0GCSqGSIb3DQEBCwUAA4IBgQBsk5ivAaRAcNgjc7LEiWXFkMg703AqDDNx7kB1
RDgLalLvrjOfOp2jsDfST7N1tKLBSQ9bMw9X4Jve+j7XXRUthcwuoYTeeo+Cy0/T
1Q78ctoX74E2nB958zwmtRykGrgE/6JAJDwGcgpY9kBPycGxTlCN926uGxHsDwVs
98cL6ZXptMLTR6T2XP36dAJZuOICSqmCSbFR8knc/gjUO36rXTxhwci8iDbmEVaf
BHpgBXGU5+SQ+QM++v6bHGf4LNQC5NZ4e4xvGax8ioYu/BRsB/T3Lx+RlItz4zdU
XuxCNcm3nhQV2ZHquRdbSdoyIxV5kJXel4wCmOhWIq7A2OBKdu5fQzIAzzLi65EN
RPAKsKB4h7hGgvciZQ7dsMrlGw0DLdJ6UrFyiR5Io7dXYT/+JP91lP5xsl6Lhg9O
FgALt7GSYRm2cZdgi9pO9rRr83Br1VjQT1vHz6yoZMXSqc4A2zcN2a2ZVq//rHvc
FZygs8miAhWPzqnpmgTj1cPiU1M=
-----END CERTIFICATE-----

View File

@ -0,0 +1,27 @@
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAqVYYdfxTT9qr1np22UoIWq4v1E4cHncp35xxu4HNyZsoJBHR
K1gTvwh8x4LMe24lROW/LGWDRAyhaI8qDxxlitm0DPxU8p4iQoDQi3Z+oVKqsSwJ
pd3MRlu+4QFrveExwxgdahXvnhYgFJw5qG/IDWbQM0+ism/yRiXaxFNMI/kXe8FG
+JKSyJzR/yXPqM9ootgIzWxjmV50c+4eyr97DvbwAQcmHi3Ao96p4XoxzKlYWwE9
TA+s0NvmCgYxOdjLEClP8YVKbvSpFMi4dHMZId86xYioeFbr7XPp+2njr9oyZjpd
Xa9Fy5UhwZZqCqh+nQk0m3XUC5pSu3ZrPLxNNQIDAQABAoIBAFKtZJgGsK6md4vq
kyiYSufrcBLaaEQ/rkQtYCJKyC0NAlZKFLRy9oEpJbNLm4cQSkYPXn3Qunx5Jj2k
2MYz+SgIDy7f7KHgr52Ew020dzNQ52JFvBgt6NTZaqL1TKOS1fcJSSNIvouTBerK
NCSXHzfb4P+MfEVe/w1c4ilE+kH9SzdEo2jK/sRbzHIY8TX0JbmQ4SCLLayr22YG
usIxtIYcWt3MMP/G2luRnYzzBCje5MXdpAhlHLi4TB6x4h5PmBKYc57uOVNngKLd
YyrQKcszW4Nx5v0a4HG3A5EtUXNCco1+5asXOg2lYphQYVh2R+1wgu5WiDjDVu+6
EYgjFSkCgYEA0NBk6FDoxE/4L/4iJ4zIhu9BptN8Je/uS5c6wRejNC/VqQyw7SHb
hRFNrXPvq5Y+2bI/DxtdzZLKAMXOMjDjj0XEgfOIn2aveOo3uE7zf1i+njxwQhPu
uSYA9AlBZiKGr2PCYSDPnViHOspVJjxRuAgyWM1Qf+CTC0D95aj0oz8CgYEAz5n4
Cb3/WfUHxMJLljJ7PlVmlQpF5Hk3AOR9+vtqTtdxRjuxW6DH2uAHBDdC3OgppUN4
CFj55kzc2HUuiHtmPtx8mK6G+otT7Lww+nLSFL4PvZ6CYxqcio5MPnoYd+pCxrXY
JFo2W7e4FkBOxb5PF5So5plg+d0z/QiA7aFP1osCgYEAtgi1rwC5qkm8prn4tFm6
hkcVCIXc+IWNS0Bu693bXKdGr7RsmIynff1zpf4ntYGpEMaeymClCY0ppDrMYlzU
RBYiFNdlBvDRj6s/H+FTzHRk2DT/99rAhY9nzVY0OQFoQIXK8jlURGrkmI/CYy66
XqBmo5t4zcHM7kaeEBOWEKkCgYAYnO6VaRtPNQfYwhhoFFAcUc+5t+AVeHGW/4AY
M5qlAlIBu64JaQSI5KqwS0T4H+ZgG6Gti68FKPO+DhaYQ9kZdtam23pRVhd7J8y+
xMI3h1kiaBqZWVxZ6QkNFzizbui/2mtn0/JB6YQ/zxwHwcpqx0tHG8Qtm5ZAV7PB
eLCYhQKBgQDALJxU/6hMTdytEU5CLOBSMby45YD/RrfQrl2gl/vA0etPrto4RkVq
UrkDO/9W4mZORClN3knxEFSTlYi8YOboxdlynpFfhcs82wFChs+Ydp1eEsVHAqtu
T+uzn0sroycBiBfVB949LExnzGDFUkhG0i2c2InarQYLTsIyHCIDEA==
-----END RSA PRIVATE KEY-----

View File

@ -260,6 +260,7 @@ fn http_flag() {
fn http_address_flag() {
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http", None)
.flag("http-address", Some("127.0.0.99"))
.flag("unencrypted-http-transport", None)
.run()
@ -269,6 +270,7 @@ fn http_address_flag() {
fn http_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http", None)
.flag("http-address", Some("::1"))
.flag("unencrypted-http-transport", None)
.run()
@ -279,6 +281,7 @@ fn http_address_ipv6_flag() {
fn missing_unencrypted_http_transport_flag() {
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("http", None)
.flag("http-address", Some("127.0.0.99"))
.run()
.with_config(|config| assert_eq!(config.http_api.listen_addr, addr));
@ -286,6 +289,7 @@ fn missing_unencrypted_http_transport_flag() {
#[test]
fn http_port_flag() {
CommandLineTest::new()
.flag("http", None)
.flag("http-port", Some("9090"))
.run()
.with_config(|config| assert_eq!(config.http_api.listen_port, 9090));
@ -293,6 +297,7 @@ fn http_port_flag() {
#[test]
fn http_allow_origin_flag() {
CommandLineTest::new()
.flag("http", None)
.flag("http-allow-origin", Some("http://localhost:9009"))
.run()
.with_config(|config| {
@ -305,6 +310,7 @@ fn http_allow_origin_flag() {
#[test]
fn http_allow_origin_all_flag() {
CommandLineTest::new()
.flag("http", None)
.flag("http-allow-origin", Some("*"))
.run()
.with_config(|config| assert_eq!(config.http_api.allow_origin, Some("*".to_string())));
@ -312,12 +318,14 @@ fn http_allow_origin_all_flag() {
#[test]
fn http_allow_keystore_export_default() {
CommandLineTest::new()
.flag("http", None)
.run()
.with_config(|config| assert!(!config.http_api.allow_keystore_export));
}
#[test]
fn http_allow_keystore_export_present() {
CommandLineTest::new()
.flag("http", None)
.flag("http-allow-keystore-export", None)
.run()
.with_config(|config| assert!(config.http_api.allow_keystore_export));
@ -325,12 +333,14 @@ fn http_allow_keystore_export_present() {
#[test]
fn http_store_keystore_passwords_in_secrets_dir_default() {
CommandLineTest::new()
.flag("http", None)
.run()
.with_config(|config| assert!(!config.http_api.store_passwords_in_secrets_dir));
}
#[test]
fn http_store_keystore_passwords_in_secrets_dir_present() {
CommandLineTest::new()
.flag("http", None)
.flag("http-store-passwords-in-secrets-dir", None)
.run()
.with_config(|config| assert!(config.http_api.store_passwords_in_secrets_dir));
@ -348,6 +358,7 @@ fn metrics_flag() {
fn metrics_address_flag() {
let addr = "127.0.0.99".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-address", Some("127.0.0.99"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
@ -356,6 +367,7 @@ fn metrics_address_flag() {
fn metrics_address_ipv6_flag() {
let addr = "::1".parse::<IpAddr>().unwrap();
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-address", Some("::1"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.listen_addr, addr));
@ -363,6 +375,7 @@ fn metrics_address_ipv6_flag() {
#[test]
fn metrics_port_flag() {
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-port", Some("9090"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.listen_port, 9090));
@ -370,6 +383,7 @@ fn metrics_port_flag() {
#[test]
fn metrics_allow_origin_flag() {
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-allow-origin", Some("http://localhost:9009"))
.run()
.with_config(|config| {
@ -382,6 +396,7 @@ fn metrics_allow_origin_flag() {
#[test]
fn metrics_allow_origin_all_flag() {
CommandLineTest::new()
.flag("metrics", None)
.flag("metrics-allow-origin", Some("*"))
.run()
.with_config(|config| assert_eq!(config.http_metrics.allow_origin, Some("*".to_string())));

View File

@ -26,6 +26,6 @@ serde_derive = "1.0.116"
serde_yaml = "0.8.13"
eth2_network_config = { path = "../../common/eth2_network_config" }
serde_json = "1.0.58"
zip = "0.5.13"
zip = "0.6"
lazy_static = "1.4.0"
parking_lot = "0.12.0"
parking_lot = "0.12.0"

View File

@ -41,6 +41,7 @@ tokio-postgres = "0.7.5"
http_api = { path = "../beacon_node/http_api" }
beacon_chain = { path = "../beacon_node/beacon_chain" }
network = { path = "../beacon_node/network" }
testcontainers = "0.14.0"
# TODO: update to 0.15 when released: https://github.com/testcontainers/testcontainers-rs/issues/497
testcontainers = { git = "https://github.com/testcontainers/testcontainers-rs/", rev = "0f2c9851" }
unused_port = { path = "../common/unused_port" }
task_executor = { path = "../common/task_executor" }

View File

@ -23,6 +23,7 @@ use watch::{
};
use log::error;
use std::collections::HashMap;
use std::env;
use std::net::SocketAddr;
use std::time::Duration;
@ -30,7 +31,42 @@ use tokio::{runtime, task::JoinHandle};
use tokio_postgres::{config::Config as PostgresConfig, Client, NoTls};
use unused_port::unused_tcp4_port;
use testcontainers::{clients::Cli, images::postgres::Postgres, RunnableImage};
use testcontainers::{clients::Cli, core::WaitFor, Image, RunnableImage};
#[derive(Debug)]
pub struct Postgres(HashMap<String, String>);
impl Default for Postgres {
fn default() -> Self {
let mut env_vars = HashMap::new();
env_vars.insert("POSTGRES_DB".to_owned(), "postgres".to_owned());
env_vars.insert("POSTGRES_HOST_AUTH_METHOD".into(), "trust".into());
Self(env_vars)
}
}
impl Image for Postgres {
type Args = ();
fn name(&self) -> String {
"postgres".to_owned()
}
fn tag(&self) -> String {
"11-alpine".to_owned()
}
fn ready_conditions(&self) -> Vec<WaitFor> {
vec![WaitFor::message_on_stderr(
"database system is ready to accept connections",
)]
}
fn env_vars(&self) -> Box<dyn Iterator<Item = (&String, &String)> + '_> {
Box::new(self.0.iter())
}
}
type E = MainnetEthSpec;