mirrors/sprout
1
0
Fork 0
mirror of https://github.com/edera-dev/sprout.git synced 2026-02-04 17:00:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: mirrors:v0.0.27
Branches Tags
mirrors:main mirrors:chore/release-v0.0.28 mirrors:gh-pages
mirrors:v0.0.27 mirrors:v0.0.26 mirrors:v0.0.25 mirrors:v0.0.24 mirrors:v0.0.23 mirrors:v0.0.22 mirrors:v0.0.21 mirrors:v0.0.20 mirrors:v0.0.19 mirrors:v0.0.18 mirrors:v0.0.17 mirrors:v0.0.16 mirrors:v0.0.15 mirrors:v0.0.14 mirrors:v0.0.13 mirrors:v0.0.12 mirrors:v0.0.11 mirrors:v0.0.10 mirrors:v0.0.9 mirrors:v0.0.8 mirrors:v0.0.7 mirrors:v0.0.6 mirrors:v0.0.5 mirrors:v0.0.4 mirrors:v0.0.3 mirrors:v0.0.2
...
compare: mirrors:main
Branches Tags
mirrors:chore/release-v0.0.28 mirrors:main mirrors:gh-pages
mirrors:v0.0.27 mirrors:v0.0.26 mirrors:v0.0.25 mirrors:v0.0.24 mirrors:v0.0.23 mirrors:v0.0.22 mirrors:v0.0.21 mirrors:v0.0.20 mirrors:v0.0.19 mirrors:v0.0.18 mirrors:v0.0.17 mirrors:v0.0.16 mirrors:v0.0.15 mirrors:v0.0.14 mirrors:v0.0.13 mirrors:v0.0.12 mirrors:v0.0.11 mirrors:v0.0.10 mirrors:v0.0.9 mirrors:v0.0.8 mirrors:v0.0.7 mirrors:v0.0.6 mirrors:v0.0.5 mirrors:v0.0.4 mirrors:v0.0.3 mirrors:v0.0.2

5 Commits
v0.0.27 ... main

Author SHA1 Message Date
dependabot[bot]
656fde2044 chore(deps): bump step-security/harden-runner (#63) 
Bumps the actions-updates group with 1 update: [step-security/harden-runner](https://github.com/step-security/harden-runner).


Updates `step-security/harden-runner` from 2.14.0 to 2.14.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](20cf305ff2...e3f713f2d8)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-03 15:20:17 -05:00
Ariadne Conill
5740c14e31 Merge pull request #62 from edera-dev/chore/code-cleanup-stamp-iter 
chore(sprout): implement iterator stamping to cleanup code
 2026-02-02 19:12:14 +01:00
Alex Zenla
c295de4951 chore(sprout): implement iterator stamping to cleanup code 2026-01-26 20:13:52 -08:00
dependabot[bot]
95e0360721 chore(deps): bump toml in the cargo-updates group (#59) 
Bumps the cargo-updates group with 1 update: [toml](https://github.com/toml-rs/toml).


Updates `toml` from 0.9.10+spec-1.1.0 to 0.9.11+spec-1.1.0
- [Commits](https://github.com/toml-rs/toml/compare/toml-v0.9.10...toml-v0.9.11)

---
updated-dependencies:
- dependency-name: toml
  dependency-version: 0.9.11+spec-1.1.0
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: cargo-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-26 08:54:07 -08:00
dependabot[bot]
1370e1b39b chore(deps): bump the actions-updates group across 1 directory with 3 updates (#61) 
Bumps the actions-updates group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance).


Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e8c483db8...de0fac2e45)

Updates `astral-sh/setup-uv` from 7.1.6 to 7.2.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](681c641aba...61cb8a9741)

Updates `actions/attest-build-provenance` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](977bb373ed...00014ed6ed)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-26 08:53:40 -08:00
14 changed files with 50 additions and 47 deletions
Expand all files Collapse all files

6
.github/workflows/ci-actions.yml vendored
View File

@@ -25,17 +25,17 @@ jobs:
actions: read # Needed to analyze action metadata.
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
- name: setup uv
uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
- name: zizmor
run: uvx zizmor --pedantic --format sarif . > results.sarif

12
.github/workflows/ci-code.yml vendored
View File

@@ -21,12 +21,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -51,12 +51,12 @@ jobs:
name: 'build ${{ matrix.arch }}'
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -80,12 +80,12 @@ jobs:
name: 'clippy ${{ matrix.arch }}'
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

4
.github/workflows/codeql.yml vendored
View File

@@ -37,12 +37,12 @@ jobs:
build-mode: none
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false

6
.github/workflows/publish.yml vendored
View File

@@ -25,12 +25,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -49,7 +49,7 @@ jobs:
path: target/assemble/*
- name: 'attest artifacts'
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
with:
subject-name: artifacts.zip
subject-digest: "sha256:${{ steps.upload.outputs.artifact-digest }}"

6
.github/workflows/release.yml vendored
View File

@@ -25,12 +25,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: harden runner
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
with:
egress-policy: audit
- name: checkout
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
persist-credentials: false
@@ -42,7 +42,7 @@ jobs:
run: ./hack/assemble.sh
- name: 'attest release artifacts'
uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
with:
subject-path: target/assemble/*

4
Cargo.lock generated
View File

@@ -270,9 +270,9 @@ dependencies = [
[[package]]
name = "toml"
version = "0.9.10+spec-1.1.0"
version = "0.9.11+spec-1.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "0825052159284a1a8b4d6c0c86cbc801f2da5afd2b225fa548c72f2e74002f48"
checksum = "f3afc9a848309fe1aaffaed6e1546a7a14de1f935dc9d89d32afd9a44bab7c46"
dependencies = [
"serde_core",
"serde_spanned",

2
Cargo.toml
View File

@@ -48,7 +48,7 @@ version = "1.3.0"
default-features = false
[workspace.dependencies.toml]
version = "0.9.10"
version = "0.9.11"
default-features = false
features = ["serde", "parse"]

6
crates/boot/src/actions/chainload.rs
View File

@@ -21,7 +21,7 @@ pub fn chainload(context: Rc<SproutContext>, configuration: &ChainloadConfigurat
// Resolve the path to the image to chainload.
let resolved = eficore::path::resolve_path(
Some(context.root().loaded_image_path()?),
&context.stamp(&configuration.path),
context.stamp(&configuration.path),
)
.context("unable to resolve chainload path")?;
@@ -38,8 +38,7 @@ pub fn chainload(context: Rc<SproutContext>, configuration: &ChainloadConfigurat
.context("unable to open loaded image protocol")?;
// Stamp and combine the options to pass to the image.
let options =
utils::combine_options(configuration.options.iter().map(|item| context.stamp(item)));
let options = utils::combine_options(context.stamp_iter(configuration.options.iter()));
// Pass the load options to the image.
// If no options are provided, the resulting string will be empty.
@@ -50,6 +49,7 @@ pub fn chainload(context: Rc<SproutContext>, configuration: &ChainloadConfigurat
.context("unable to convert chainloader options to CString16")?,
);
// Ensure the chainloader options limit is not exceeded.
if options.num_bytes() > u32::MAX as usize {
bail!("chainloader options too large");
}

15
crates/boot/src/actions/edera.rs
View File

@@ -20,20 +20,11 @@ use uefi::Guid;
/// Builds a configuration string for the Xen EFI stub using the specified `configuration`.
fn build_xen_config(context: Rc<SproutContext>, configuration: &EderaConfiguration) -> String {
// Stamp xen options and combine them.
let xen_options = utils::combine_options(
configuration
.xen_options
.iter()
.map(|item| context.stamp(item)),
);
let xen_options = utils::combine_options(context.stamp_iter(configuration.xen_options.iter()));
// Stamp kernel options and combine them.
let kernel_options = utils::combine_options(
configuration
.kernel_options
.iter()
.map(|item| context.stamp(item)),
);
let kernel_options =
utils::combine_options(context.stamp_iter(configuration.kernel_options.iter()));
// xen config file format is ini-like
[

9
crates/boot/src/context.rs
View File

@@ -269,6 +269,15 @@ impl SproutContext {
Self::stamp_values(&self.all_values(), text.as_ref()).1
}
/// Stamps all the items from the iterator `input` with all the values in this [SproutContext]
/// and it's parents. This calls [self.stamp] on each item.
pub fn stamp_iter(
&self,
input: impl Iterator<Item = impl AsRef<str>>,
) -> impl Iterator<Item = String> {
input.map(|item| self.stamp(item))
}
/// Unloads a [SproutContext] back into an owned context. This
/// may not succeed if something else is holding onto the value.
pub fn unload(self: Rc<SproutContext>) -> Option<SproutContext> {

2
crates/boot/src/drivers.rs
View File

@@ -18,7 +18,7 @@ fn load_driver(context: Rc<SproutContext>, driver: &DriverDeclaration) -> Result
// Resolve the path to the driver image.
let resolved = eficore::path::resolve_path(
Some(context.root().loaded_image_path()?),
&context.stamp(&driver.path),
context.stamp(&driver.path),
)
.context("unable to resolve path to driver")?;

9
crates/boot/src/generators/list.rs
View File

@@ -22,11 +22,10 @@ pub fn generate(
// Stamp the entry title and actions from the template.
let mut entry = list.entry.clone();
entry.actions = entry
.actions
.into_iter()
.map(|action| context.stamp(action))
.collect();
// Stamp all the actions this entry references.
entry.actions = context.stamp_iter(entry.actions.into_iter()).collect();
// Push the entry into the list with the new context.
entries.push(BootableEntry::new(
index.to_string(),

14
crates/eficore/src/path.rs
View File

@@ -48,8 +48,8 @@ fn cstring16_contains_char(string: &CString16, c: char) -> bool {
/// Parses the input `path` as a [DevicePath].
/// Uses the [DevicePathFromText] protocol exclusively, and will fail if it cannot acquire the protocol.
pub fn text_to_device_path(path: &str) -> Result<PoolDevicePath> {
let path = CString16::try_from(path).context("unable to convert path to CString16")?;
pub fn text_to_device_path(path: impl AsRef<str>) -> Result<PoolDevicePath> {
let path = CString16::try_from(path.as_ref()).context("unable to convert path to CString16")?;
let device_path_from_text = uefi::boot::open_protocol_exclusive::<DevicePathFromText>(
uefi::boot::get_handle_for_protocol::<DevicePathFromText>()
.context("no device path from text protocol")?,
@@ -113,8 +113,13 @@ pub fn device_path_subpath(path: &DevicePath) -> Result<String> {
/// Resolve a path specified by `input` to its various components.
/// Uses `default_root_path` as the base root if one is not specified in the path.
/// Returns [ResolvedPath] which contains the resolved components.
pub fn resolve_path(default_root_path: Option<&DevicePath>, input: &str) -> Result<ResolvedPath> {
let mut path = text_to_device_path(input).context("unable to convert text to path")?;
pub fn resolve_path(
default_root_path: Option<&DevicePath>,
input: impl ToString,
) -> Result<ResolvedPath> {
let mut input = input.to_string();
let mut path = text_to_device_path(&input).context("unable to convert text to path")?;
let path_has_device = path
.node_iter()
.next()
@@ -125,7 +130,6 @@ pub fn resolve_path(default_root_path: Option<&DevicePath>, input: &str) -> Resu
.map(|it| it.to_string().contains('('))
.unwrap_or(false);
if !path_has_device {
let mut input = input.to_string();
if !input.starts_with('\\') {
input.insert(0, '\\');
}

2
crates/eficore/src/shim.rs
View File

@@ -84,7 +84,7 @@ impl<'a> ShimInput<'a> {
let path = path
.to_string(DisplayOnly(false), AllowShortcuts(false))
.context("unable to convert device path to string")?;
let path = crate::path::resolve_path(None, &path.to_string())
let path = crate::path::resolve_path(None, path.to_string())
.context("unable to resolve path")?;
// Read the file path.
let data = path.read_file()?;