[package] name = "makenotwork" version = "0.10.1" edition = "2024" license-file = "LICENSE" [features] fast-tests = [] [dependencies] # Async trait (for StorageBackend trait object) async-trait = "0.1" # Web framework axum = { version = "0.8.8", features = ["macros"] } axum-extra = { version = "0.10.3", features = ["cookie", "form", "typed-header"] } # OpenAPI spec generation utoipa = { version = "5", features = ["axum_extras", "chrono", "uuid"] } utoipa-axum = "0.2" serde = { version = "1.0.228", features = ["derive"] } serde_json = "1.0.149" tokio = { version = "1.50.0", features = ["macros", "rt-multi-thread", "net", "signal"] } tokio-stream = { version = "0.1", features = ["sync"] } tower = "0.5.3" tower-http = { version = "0.6.8", features = ["trace", "fs", "limit", "request-id", "propagate-header", "set-header"] } tracing = "0.1.44" tracing-subscriber = { version = "0.3.22", features = ["env-filter", "json"] } # Templates askama = "0.13.1" # Environment & Configuration dotenvy = "0.15.7" # Database sqlx = { version = "0.8.6", features = ["runtime-tokio", "postgres", "uuid", "chrono", "migrate"] } uuid = { version = "1.22.0", features = ["v4", "serde"] } chrono = { version = "0.4.44", features = ["serde"] } # Authentication argon2 = "0.5.3" tower-sessions = { version = "0.14.0", features = ["axum-core"] } tower-sessions-sqlx-store = { version = "0.15.0", features = ["postgres"] } # Concurrent hash map (session touch cache) dashmap = "6" # Rate Limiting tower_governor = "0.6.0" governor = "0.8.1" # JWT (SyncKit) jsonwebtoken = "9.3.1" # TOTP / 2FA totp-rs = { version = "5.7", features = ["qr"] } # WebAuthn / Passkeys webauthn-rs = { version = "0.5", features = ["danger-allow-state-serialisation", "conditional-ui"] } webauthn-rs-proto = "0.5" # OpenSSL (transitive dep from git2, webauthn-rs — vendored for cross-compilation) openssl = { version = "0.10", features = ["vendored"] } # Security rand = "0.9" hmac = "0.12.1" sha1 = "0.10.6" sha2 = "0.10.9" subtle = "2.6" hex = "0.4.3" base64 = "0.22.1" # Temp files (content export) tempfile = "3" # File scanning infer = "0.19" goblin = "0.10" zip = "8.2" # Single-stream decompressors for archive-bomb detection (already in the tree # transitively via `zip`; pinned to the resolved versions so no new build). flate2 = "1" bzip2 = "0.4" xz2 = "0.1" zstd = "0.13" yara-x = "1.16" fs2 = "0.4" memmap2 = "0.9" # CSV parsing (import system) csv = "1.3" # CLI clap = { version = "4", features = ["derive"] } # Logging (used by sqlx slow query config) log = "0.4" # Error handling thiserror = "2.0.18" anyhow = "1.0.102" # Email validation (used at notify-me signup and guest-checkout entry points) email_address = "0.2" # Metrics metrics = "0.24" metrics-exporter-prometheus = { version = "0.18.1", default-features = false } # Markdown rendering + documentation engine docengine = { path = "../shared/docengine", features = ["doc-loader", "directives", "frontmatter", "media-urls", "assumptions"] } # Tag standard tagtree = { path = "../shared/tagtree" } # Git source browser git2 = { version = "0.20", features = ["vendored-libgit2"] } syntect = { version = "5", default-features = false, features = ["default-syntaxes", "default-themes", "html", "regex-fancy"] } regex = "1" semver = "1" # S3 Storage s3-storage = { path = "../shared/s3-storage" } # Stripe Payments — async-stripe 1.0.0-rc.5 (split into sub-crates). # The umbrella `async-stripe` provides the HTTP client; resource types live in # per-domain sub-crates. The `deserialize` feature on each resource crate is # required to derive `serde::Deserialize` on Subscription, Invoice, etc — we # parse them from webhook payloads ourselves (no built-in webhook helper in # rc.5; see `payments::webhooks::verify_signature` for our HMAC check). async-stripe = { version = "1.0.0-rc.5", features = ["default-tls"] } async-stripe-shared = { version = "1.0.0-rc.5", features = ["deserialize"] } async-stripe-billing = { version = "1.0.0-rc.5", features = ["deserialize", "subscription", "billing_portal_session"] } async-stripe-checkout = { version = "1.0.0-rc.5", features = ["deserialize", "checkout_session"] } async-stripe-connect = { version = "1.0.0-rc.5", features = ["deserialize", "account", "account_link"] } async-stripe-core = { version = "1.0.0-rc.5", features = ["deserialize", "balance", "refund", "customer"] } async-stripe-payment = { version = "1.0.0-rc.5", features = ["deserialize"] } async-stripe-product = { version = "1.0.0-rc.5", features = ["deserialize", "product", "price"] } async-stripe-types = { version = "1.0.0-rc.5", features = ["deserialize"] } reqwest = { version = "0.12", features = ["json", "cookies"] } urlencoding = "2.1.3" # URL parsing url = "2.5.8" apple-codesign = { version = "0.29.0", default-features = false } authenticode = { version = "0.5.0", features = ["std", "object"] } x509-cert = "0.2.5" const-oid = { version = "0.9", features = ["db"] } object = { version = "0.37", features = ["pe"] } [[bin]] name = "mnw-admin" path = "src/bin/mnw-admin.rs" [dev-dependencies] tower = { version = "0.5.3", features = ["util"] } http-body-util = "0.1" webauthn-authenticator-rs = { version = "0.5", features = ["softpasskey"] } tempfile = "3" proptest = "1" wiremock = "0.6" pom-contract = { path = "../shared/pom-contract" }