continuwuation/continuwuity
continuwuation/continuwuity
13
35
Fork 34
Code Issues 103 Pull requests 19 Releases 20 Packages 3 Activity Actions

chore: replace serde-yml with serde-saphyr #1151

Merged
Jade merged 1 commit from Aviac/continuwuity:replace-serde-yml into main 2025-11-09 10:56:34 +00:00
Conversation 2 Commits 1 Files changed 8 +96 -51
Aviac commented 2025-11-09 10:30:52 +00:00
Member
Copy link

Fixes #231, I guess (?)

  • serde-yml has an un-addressed security issue
  • saphyr is a pretty recent and active crate that deals with YAML parsing
  • based on that, someone recently created serde-saphyr

The change was pretty straightforward and mostly "just a search and replace". The new crate has it's Error type split
into serialization and derserialization errors. Hence I created one Continuwuity-Error variant for each instead of just
having a single Yaml variant. This was already done previously with the Toml errors so I thought this would be
rather acceptable.

Fixes #231, I guess (?) --- - serde-yml has an un-addressed [security issue][sec-issue] - [saphyr][saphyr] is a pretty recent and active crate that deals with YAML parsing - based on that, someone recently created [serde-saphyr][serde-saphyr] --- The change was pretty straightforward and mostly "just a search and replace". The new crate has it's `Error` type split into serialization and derserialization errors. Hence I created one Continuwuity-Error variant for each instead of just having a single `Yaml` variant. This was already done previously with the `Toml` errors so I thought this would be rather acceptable. [sec-issue]: https://github.com/advisories/GHSA-gfxp-f68g-8x78 [saphyr]: https://github.com/saphyr-rs/saphyr [serde-saphyr]: https://github.com/saphyr-rs/saphyr/issues/66#issuecomment-3353212289
chore: replace serde-yml with serde-saphyr
All checks were successful
Documentation / Build and Deploy Documentation (pull_request) Has been skipped
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m41s
Details
Release Docker Image / Build linux-arm64 (release) (pull_request) Successful in 2m30s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 11s
Details
Release Docker Image / Build linux-amd64 (release) (pull_request) Successful in 6m31s
Details
Release Docker Image / Create Multi-arch Release Manifest (pull_request) Successful in 5s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 15m54s
Details
Release Docker Image / Build linux-amd64 (max-perf) (pull_request) Successful in 13m58s
Details
Release Docker Image / Build linux-arm64 (max-perf) (pull_request) Successful in 13m58s
Details
Release Docker Image / Create Max-Perf Manifest (pull_request) Successful in 4s
Details
Documentation / Build and Deploy Documentation (push) Successful in 43s
Details
Checks / Prek / Pre-commit & Formatting (push) Successful in 2m15s
Details
Release Docker Image / Build linux-amd64 (release) (push) Successful in 4m38s
Details
Release Docker Image / Build linux-arm64 (release) (push) Successful in 5m58s
Details
Release Docker Image / Create Multi-arch Release Manifest (push) Successful in 16s
Details
Checks / Prek / Clippy and Cargo Tests (push) Successful in 16m4s
Details
Release Docker Image / Build linux-amd64 (max-perf) (push) Successful in 12m42s
Details
Release Docker Image / Build linux-arm64 (max-perf) (push) Successful in 12m49s
Details
Release Docker Image / Create Max-Perf Manifest (push) Successful in 13s
Details
866769c054
 
- serde-yml has an un-addressed [security issue][sec-issue]
- [saphyr][saphyr] is a pretty recent and active crate that deals with YAML parsing
- based on that, someone recently created [serde-saphyr][serde-saphyr]

---

The change was pretty straightforward and mostly "just a search and replace". The new crate has it's `Error` type split
into serialization and derserialization errors. Hence I created one Continuwuity-Error variant for each instead of just
having a single `Yaml` variant. This was already done previously with the `Toml` errors so I thought this would be
rather acceptable.

[sec-issue]: https://github.com/advisories/GHSA-gfxp-f68g-8x78
[saphyr]: https://github.com/saphyr-rs/saphyr
[serde-saphyr]: https://github.com/saphyr-rs/saphyr/issues/66#issuecomment-3353212289
Jade approved these changes 2025-11-09 10:56:06 +00:00
Jade commented 2025-11-09 10:56:27 +00:00
Owner
Copy link

Thank you!

Thank you!
❤️ 1
Jade merged commit 866769c054 into main 2025-11-09 10:56:34 +00:00
nex added this to the 0.5.0 milestone 2025-11-09 19:33:30 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Jade
Labels
Clear labels   
Bug

Something isn't working as intended

  
Cherry-picking

Commits picked from other conduit projects

  
Database

This requires or includes changes to the database

  
Dependencies

Something dependency related

  
Dependencies/Renovate

Automatic dependency upgrades by Renovate

  
Difficulty
Easy
Low difficulty to implement - touches few parts of the codebase, low complexity

  
Difficulty
Hard
High difficulty to implement - touches many parts of the codebase, high complexity

  
Difficulty
Medium
Medium difficulty to implement - touches more parts of the codebase, higher complexity

  
Documentation

Improvements or additions to documentation

  
Enhancement

New feature or request

  
Good first issue

Good for newcomers

  
Help wanted

Additional eyes and keyboards are required for this one

  
Inherited

Issues that have been inhereted from the project pre-fork

  
Matrix/Administration

Features pertaining to homeserver administration

  
Matrix/Appservices

Features pertaining to the appservice API

  
Matrix/Auth

Features pertaining to authentication

  
Matrix/Client

Features pertaining to client-to-server interactions

  
Matrix/Core

Issues relating to core matrix functionality, such as state resolution and PDU formats

  
Matrix/Federation

Features pertaining to server-to-server interactions

  
Matrix/Hydra

Issues related to room version 12 and related changes (temporary label)

  
Matrix/MSC

Features pertaining to unstable matrix features

  
Matrix/Media

Features pertaining to media interactions

  
Meta

Related to housekeeping, maintenance, or other repo-meta.

  
Meta/CI

Issues related to CI changes

  
Meta/Packaging

Packaging

  
Priority
Blocking
This issue is blocking the next release

  
Priority
High
This issue is very important

  
Priority
Low
This issue is of a rather low priority

  
Security

This item is related to general security

  
Status/Blocked

This pull request or issue is currently blocked from being merged/closed

  
Status
Confirmed
This issue has enough information and is confirmed

  
Status
Duplicate
This issue or pull request already exists

  
Status
Invalid
This issue doesn't seem right

  
Status
Needs Investigation
This issue needs further investigation

  
Support

Questions or support requests

  
To-Merge

   
Wont fix

This will not be worked on

  
old/ci/cd

Ci/CD

Archived

  
old/rust

Pull requests that update Rust code

Archived

No labels
Bug
Cherry-picking
Database
Dependencies
Dependencies/Renovate
Difficulty
Easy
Difficulty
Hard
Difficulty
Medium
Documentation
Enhancement
Good first issue
Help wanted
Inherited
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Core
Matrix/Federation
Matrix/Hydra
Matrix/MSC
Matrix/Media
Meta
Meta/CI
Meta/Packaging
Priority
Blocking
Priority
High
Priority
Low
Security
Status/Blocked
Status
Confirmed
Status
Duplicate
Status
Invalid
Status
Needs Investigation
Support
To-Merge
Wont fix
old/ci/cd
old/rust
Milestone
Clear milestone
No items
No milestone
0.5.0
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
2 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
continuwuation/continuwuity!1151
No description provided.