Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove dependency on openmls test-utils #1218

Merged
merged 2 commits into from
Nov 7, 2024
Merged

Remove dependency on openmls test-utils #1218

merged 2 commits into from
Nov 7, 2024

Conversation

insipx
Copy link
Contributor

@insipx insipx commented Nov 4, 2024
edited
Loading

@neekolas or @richardhuaaa would appreciate your review on this one if possible. This touches some sensitive code around our installation keys. We were using ed25519_dalek::SigningKey in a sortof roundabout way, so I formalized into xmtp_cryptography::basic_credential. Then removed some clones to remove a dependency on test-utils

wrote some tests to triple-check basic_credential is OK, but think this should simplify & centralize installation key operations a bit

This allows us to pass all RUSTSEC advisories. Removing test utils feature also removes a bunch of unused crates in the crate graph for the production binary/ WASM

Part of #1192

@insipx insipx requested a review from a team as a code owner November 4, 2024 20:15
@insipx insipx changed the title Remov dependency on openmls test-utils Remove dependency on openmls test-utils Nov 4, 2024
@insipx insipx mentioned this pull request Nov 4, 2024
Merged
@insipx insipx force-pushed the insipx/cargo-audit branch 2 times, most recently from c6e75c9 to e4aec8e Compare November 4, 2024 23:34
neekolas
neekolas approved these changes Nov 5, 2024
View reviewed changes
Copy link
Contributor

@neekolas neekolas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is great work. The test coverage that is there gives me good confidence this isn't going to break something.

If we want to be really sure, an easy smoke test would be to create a new identity using the CLI on main and upgrading to this version (since we use store the installation keys in the DB). Then we can send a message to another CLI client that is back on main.

@insipx insipx force-pushed the insipx/cargo-audit branch from 4fdb508 to 685c983 Compare November 6, 2024 22:22
@insipx insipx force-pushed the insipx/cargo-audit branch from 685c983 to 88ea048 Compare November 6, 2024 22:26
@insipx insipx merged commit 424319a into main Nov 7, 2024
16 checks passed
@insipx insipx deleted the insipx/cargo-audit branch November 7, 2024 01:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@neekolas neekolas neekolas approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@insipx @neekolas