Remove unmaintained rustls-pemfile dependency #243
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Migrate from rustls-pemfile to rustls-pki-types for PEM parsing. The rustls-pemfile crate is unmaintained (RUSTSEC-2025-0134) and its functionality has been incorporated into rustls-pki-types since v1.9.0. Changes: - Use PemObject trait from rustls-pki-types for certificate/key loading - Remove rustls-pemfile from workspace and tsp_sdk dependencies - Add TLSCertificate error variant for certificate parsing errors Signed-off-by: Wenjing Chu <[email protected]> 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
rustls-pemfiletorustls-pki-typesfor PEM parsingrustls-pemfilefrom workspace and tsp_sdk dependenciesTLSCertificateerror variant for certificate parsing errorsProblem
The
rustls-pemfilecrate is unmaintained (RUSTSEC-2025-0134), causing cargo-deny CI failures.Solution
The functionality has been incorporated into
rustls-pki-typessince v1.9.0 via thePemObjecttrait. This PR migrates to use that API directly.The project already depends on
rustls-pki-types = "1.12", so this is a straightforward migration with no new dependencies.Impact
load_certificate()function used for TLS server setupcreate_tls_config()Test plan
cargo build -p tsp_sdksucceedscargo test -p tsp_sdk- all 55 tests pass includingtest_tls_transport🤖 Generated with Claude Code