studio/proxy
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
41cf6ccc497888c956781a60ee86a5a9d4d2fe8b
proxy/Cargo.toml
Sienna Meridian Satterwhite 41cf6ccc49 fix(deps): upgrade pingora 0.7→0.8 and aws-lc-sys to patch CVEs 
- pingora* 0.7.0 → 0.8.0: fixes CVE-2026-2833 (HTTP request smuggling
  via premature connection closure, CRITICAL)
- aws-lc-sys 0.37.1 → 0.38.0: fixes GHSA-65p9-r9h6-22vj (timing
  side-channel in AES-CCM tag verification, HIGH)

Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
2026-03-10 23:38:19 +00:00

52 lines
1.4 KiB
TOML
Raw Blame History

[package]
name = "sunbeam-proxy"
version = "0.1.0"
edition = "2021"
[lib]
name = "sunbeam_proxy"
path = "src/lib.rs"
[dependencies]
# Pingora with rustls backend (pure Rust TLS, no BoringSSL C build)
pingora = { version = "0.8", features = ["rustls"] }
pingora-proxy = { version = "0.8", features = ["rustls"] }
pingora-core = { version = "0.8", features = ["rustls"] }
pingora-http = "0.8"
# HTTP header constants
http = "1"
# Config
serde = { version = "1", features = ["derive"] }
toml = "0.8"
# Async
tokio = { version = "1", features = ["full"] }
futures = "0.3"
async-trait = "0.1"
# Structured logging + OTEL
tracing = "0.1"
tracing-subscriber = { version = "0.3", features = ["json", "env-filter"] }
tracing-opentelemetry = "0.28"
opentelemetry = { version = "0.27", features = ["trace"] }
opentelemetry_sdk = { version = "0.27", features = ["rt-tokio"] }
opentelemetry-otlp = { version = "0.27", features = ["http-proto", "reqwest-client"] }
serde_json = "1"
anyhow = "1"
# Rustls crypto provider — must be installed before any TLS init
rustls = { version = "0.23", features = ["aws-lc-rs"] }
# K8s watcher for cert/config hot-reload
kube = { version = "3", features = ["runtime", "client"] }
k8s-openapi = { version = "0.27", features = ["v1_35"] }
libc = "0.2"
[profile.release]
opt-level = 3
lto = true
codegen-units = 1
strip = true
Reference in New Issue View Git Blame Copy Permalink