max / makenotwork

5.2 KB · 165 lines History Blame Raw

1	[package]
2	name = "makenotwork"
3	version = "0.10.1"
4	edition = "2024"
5	license-file = "LICENSE"
6
7	[features]
8	fast-tests = []
9
10	[dependencies]
11	# Async trait (for StorageBackend trait object)
12	async-trait = "0.1"
13
14	# Web framework
15	axum = { version = "0.8.8", features = ["macros"] }
16	axum-extra = { version = "0.10.3", features = ["cookie", "form", "typed-header"] }
17
18	# OpenAPI spec generation
19	utoipa = { version = "5", features = ["axum_extras", "chrono", "uuid"] }
20	utoipa-axum = "0.2"
21	serde = { version = "1.0.228", features = ["derive"] }
22	serde_json = "1.0.149"
23	tokio = { version = "1.50.0", features = ["macros", "rt-multi-thread", "net", "signal"] }
24	tokio-stream = { version = "0.1", features = ["sync"] }
25	tower = "0.5.3"
26	tower-http = { version = "0.6.8", features = ["trace", "fs", "limit", "request-id", "propagate-header", "set-header"] }
27	tracing = "0.1.44"
28	tracing-subscriber = { version = "0.3.22", features = ["env-filter", "json"] }
29
30	# Templates
31	askama = "0.13.1"
32
33	# Environment & Configuration
34	dotenvy = "0.15.7"
35
36	# Database
37	sqlx = { version = "0.8.6", features = ["runtime-tokio", "postgres", "uuid", "chrono", "migrate"] }
38	uuid = { version = "1.22.0", features = ["v4", "serde"] }
39	chrono = { version = "0.4.44", features = ["serde"] }
40
41	# Authentication
42	argon2 = "0.5.3"
43	tower-sessions = { version = "0.14.0", features = ["axum-core"] }
44	tower-sessions-sqlx-store = { version = "0.15.0", features = ["postgres"] }
45
46	# Concurrent hash map (session touch cache)
47	dashmap = "6"
48
49	# Rate Limiting
50	tower_governor = "0.6.0"
51	governor = "0.8.1"
52
53	# JWT (SyncKit)
54	jsonwebtoken = "9.3.1"
55
56	# TOTP / 2FA
57	totp-rs = { version = "5.7", features = ["qr"] }
58
59	# WebAuthn / Passkeys
60	webauthn-rs = { version = "0.5", features = ["danger-allow-state-serialisation", "conditional-ui"] }
61	webauthn-rs-proto = "0.5"
62
63	# OpenSSL (transitive dep from git2, webauthn-rs — vendored for cross-compilation)
64	openssl = { version = "0.10", features = ["vendored"] }
65
66	# Security
67	rand = "0.9"
68	hmac = "0.12.1"
69	sha1 = "0.10.6"
70	sha2 = "0.10.9"
71	subtle = "2.6"
72	hex = "0.4.3"
73	base64 = "0.22.1"
74
75	# Temp files (content export)
76	tempfile = "3"
77
78	# File scanning
79	infer = "0.19"
80	goblin = "0.10"
81	zip = "8.2"
82	# Single-stream decompressors for archive-bomb detection (already in the tree
83	# transitively via `zip`; pinned to the resolved versions so no new build).
84	flate2 = "1"
85	bzip2 = "0.4"
86	xz2 = "0.1"
87	zstd = "0.13"
88	yara-x = "1.16"
89	fs2 = "0.4"
90	memmap2 = "0.9"
91
92	# CSV parsing (import system)
93	csv = "1.3"
94
95	# CLI
96	clap = { version = "4", features = ["derive"] }
97
98	# Logging (used by sqlx slow query config)
99	log = "0.4"
100
101	# Error handling
102	thiserror = "2.0.18"
103	anyhow = "1.0.102"
104
105	# Email validation (used at notify-me signup and guest-checkout entry points)
106	email_address = "0.2"
107
108	# Metrics
109	metrics = "0.24"
110	metrics-exporter-prometheus = { version = "0.18.1", default-features = false }
111
112	# Markdown rendering + documentation engine
113	docengine = { path = "../shared/docengine", features = ["doc-loader", "directives", "frontmatter", "media-urls", "assumptions"] }
114
115	# Tag standard
116	tagtree = { path = "../shared/tagtree" }
117
118	# Git source browser
119	git2 = { version = "0.20", features = ["vendored-libgit2"] }
120	syntect = { version = "5", default-features = false, features = ["default-syntaxes", "default-themes", "html", "regex-fancy"] }
121	regex = "1"
122	semver = "1"
123
124	# S3 Storage
125	s3-storage = { path = "../shared/s3-storage" }
126
127	# Stripe Payments — async-stripe 1.0.0-rc.5 (split into sub-crates).
128	# The umbrella `async-stripe` provides the HTTP client; resource types live in
129	# per-domain sub-crates. The `deserialize` feature on each resource crate is
130	# required to derive `serde::Deserialize` on Subscription, Invoice, etc — we
131	# parse them from webhook payloads ourselves (no built-in webhook helper in
132	# rc.5; see `payments::webhooks::verify_signature` for our HMAC check).
133	async-stripe = { version = "1.0.0-rc.5", features = ["default-tls"] }
134	async-stripe-shared = { version = "1.0.0-rc.5", features = ["deserialize"] }
135	async-stripe-billing = { version = "1.0.0-rc.5", features = ["deserialize", "subscription", "billing_portal_session"] }
136	async-stripe-checkout = { version = "1.0.0-rc.5", features = ["deserialize", "checkout_session"] }
137	async-stripe-connect = { version = "1.0.0-rc.5", features = ["deserialize", "account", "account_link"] }
138	async-stripe-core = { version = "1.0.0-rc.5", features = ["deserialize", "balance", "refund", "customer"] }
139	async-stripe-payment = { version = "1.0.0-rc.5", features = ["deserialize"] }
140	async-stripe-product = { version = "1.0.0-rc.5", features = ["deserialize", "product", "price"] }
141	async-stripe-types = { version = "1.0.0-rc.5", features = ["deserialize"] }
142	reqwest = { version = "0.12", features = ["json", "cookies"] }
143	urlencoding = "2.1.3"
144
145	# URL parsing
146	url = "2.5.8"
147	apple-codesign = { version = "0.29.0", default-features = false }
148	authenticode = { version = "0.5.0", features = ["std", "object"] }
149	x509-cert = "0.2.5"
150	const-oid = { version = "0.9", features = ["db"] }
151	object = { version = "0.37", features = ["pe"] }
152
153	[[bin]]
154	name = "mnw-admin"
155	path = "src/bin/mnw-admin.rs"
156
157	[dev-dependencies]
158	tower = { version = "0.5.3", features = ["util"] }
159	http-body-util = "0.1"
160	webauthn-authenticator-rs = { version = "0.5", features = ["softpasskey"] }
161	tempfile = "3"
162	proptest = "1"
163	wiremock = "0.6"
164	pom-contract = { path = "../shared/pom-contract" }
165