apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-12 19:55:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

fix: clippy and thirdparty licenses update

Browse source
This commit is contained in:
elipeter 2026-06-10 13:26:57 -05:00
parent 3cc5eef877
commit 92755eceb0
4 changed files with 32 additions and 30 deletions
Download patch file Download diff file Expand all files Collapse all files

49
THIRDPARTY-LICENSES.html
View file

@ -44,7 +44,7 @@
<h2>Overview of licenses:</h2>
<ul class="licenses-overview">
<li><a href="#Apache-2.0">Apache License 2.0</a> (160)</li>
<li><a href="#Apache-2.0">Apache License 2.0</a> (161)</li>
<li><a href="#MIT">MIT License</a> (71)</li>
<li><a href="#Zlib">zlib License</a> (2)</li>
<li><a href="#BSD-2-Clause">BSD 2-Clause &quot;Simplified&quot; License</a> (1)</li>
@ -905,8 +905,8 @@
<h3 id="Apache-2.0">Apache License 2.0</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/google/zerocopy ">zerocopy-derive 0.8.48</a></li>
<li><a href=" https://github.com/google/zerocopy ">zerocopy 0.8.48</a></li>
<li><a href=" https://github.com/google/zerocopy ">zerocopy-derive 0.8.50</a></li>
<li><a href=" https://github.com/google/zerocopy ">zerocopy 0.8.50</a></li>
</ul>
<pre class="license-text"> Apache License
Version 2.0, January 2004
@ -1988,7 +1988,7 @@ limitations under the License.
<h3 id="Apache-2.0">Apache License 2.0</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/hyperium/http ">http 1.4.0</a></li>
<li><a href=" https://github.com/hyperium/http ">http 1.4.1</a></li>
</ul>
<pre class="license-text"> Apache License
Version 2.0, January 2004
@ -2617,11 +2617,11 @@ limitations under the License.</pre>
<li><a href=" https://github.com/bluss/arrayvec ">arrayvec 0.7.6</a></li>
<li><a href=" https://github.com/Nullus157/async-compression ">async-compression 0.4.42</a></li>
<li><a href=" https://github.com/smol-rs/atomic-waker ">atomic-waker 1.1.2</a></li>
<li><a href=" https://github.com/cuviper/autocfg ">autocfg 1.5.0</a></li>
<li><a href=" https://github.com/bitflags/bitflags ">bitflags 2.11.1</a></li>
<li><a href=" https://github.com/cuviper/autocfg ">autocfg 1.5.1</a></li>
<li><a href=" https://github.com/bitflags/bitflags ">bitflags 2.12.1</a></li>
<li><a href=" https://github.com/BurntSushi/bstr ">bstr 1.12.1</a></li>
<li><a href=" https://github.com/japaric/cast.rs ">cast 0.3.0</a></li>
<li><a href=" https://github.com/rust-lang/cc-rs ">cc 1.2.62</a></li>
<li><a href=" https://github.com/rust-lang/cc-rs ">cc 1.2.63</a></li>
<li><a href=" https://github.com/rust-lang/cfg-if ">cfg-if 1.0.4</a></li>
<li><a href=" https://github.com/Nullus157/async-compression ">compression-codecs 0.4.38</a></li>
<li><a href=" https://github.com/Nullus157/async-compression ">compression-core 0.4.32</a></li>
@ -2632,7 +2632,7 @@ limitations under the License.</pre>
<li><a href=" https://github.com/crossbeam-rs/crossbeam ">crossbeam-deque 0.8.6</a></li>
<li><a href=" https://github.com/crossbeam-rs/crossbeam ">crossbeam-epoch 0.9.18</a></li>
<li><a href=" https://github.com/crossbeam-rs/crossbeam ">crossbeam-utils 0.8.21</a></li>
<li><a href=" https://github.com/rayon-rs/either ">either 1.15.0</a></li>
<li><a href=" https://github.com/rayon-rs/either ">either 1.16.0</a></li>
<li><a href=" https://github.com/indexmap-rs/equivalent ">equivalent 1.0.2</a></li>
<li><a href=" https://github.com/lambda-fairy/rust-errno ">errno 0.3.14</a></li>
<li><a href=" https://github.com/smol-rs/fastrand ">fastrand 2.4.1</a></li>
@ -2649,10 +2649,11 @@ limitations under the License.</pre>
<li><a href=" https://github.com/seanmonstar/httparse ">httparse 1.10.1</a></li>
<li><a href=" https://github.com/indexmap-rs/indexmap ">indexmap 2.14.0</a></li>
<li><a href=" https://github.com/rust-itertools/itertools ">itertools 0.13.0</a></li>
<li><a href=" https://github.com/rust-itertools/itertools ">itertools 0.14.0</a></li>
<li><a href=" https://github.com/rust-lang-nursery/lazy-static.rs ">lazy_static 1.5.0</a></li>
<li><a href=" https://github.com/sunfishcode/linux-raw-sys ">linux-raw-sys 0.12.1</a></li>
<li><a href=" https://github.com/Amanieu/parking_lot ">lock_api 0.4.14</a></li>
<li><a href=" https://github.com/rust-lang/log ">log 0.4.29</a></li>
<li><a href=" https://github.com/rust-lang/log ">log 0.4.32</a></li>
<li><a href=" https://github.com/hyperium/mime ">mime 0.3.17</a></li>
<li><a href=" https://github.com/rust-num/num-traits ">num-traits 0.2.19</a></li>
<li><a href=" https://github.com/seanmonstar/num_cpus ">num_cpus 1.17.0</a></li>
@ -2673,12 +2674,12 @@ limitations under the License.</pre>
<li><a href=" https://github.com/bluss/scopeguard ">scopeguard 1.2.0</a></li>
<li><a href=" https://github.com/vorner/signal-hook ">signal-hook-registry 1.4.8</a></li>
<li><a href=" https://github.com/servo/rust-smallvec ">smallvec 1.15.1</a></li>
<li><a href=" https://github.com/rust-lang/socket2 ">socket2 0.6.3</a></li>
<li><a href=" https://github.com/rust-lang/socket2 ">socket2 0.6.4</a></li>
<li><a href=" https://github.com/Stebalien/tempfile ">tempfile 3.27.0</a></li>
<li><a href=" https://github.com/Amanieu/thread_local-rs ">thread_local 1.1.9</a></li>
<li><a href=" https://github.com/bheisler/TinyTemplate ">tinytemplate 1.2.1</a></li>
<li><a href=" https://github.com/unicode-rs/unicode-width ">unicode-width 0.2.2</a></li>
<li><a href=" https://github.com/uuid-rs/uuid ">uuid 1.23.1</a></li>
<li><a href=" https://github.com/uuid-rs/uuid ">uuid 1.23.2</a></li>
<li><a href=" https://github.com/alexcrichton/wait-timeout ">wait-timeout 0.2.1</a></li>
</ul>
<pre class="license-text"> Apache License
@ -2888,7 +2889,7 @@ limitations under the License.
<h3 id="Apache-2.0">Apache License 2.0</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/kyren/hashlink ">hashlink 0.11.0</a></li>
<li><a href=" https://github.com/djc/hashlink ">hashlink 0.11.1</a></li>
</ul>
<pre class="license-text"> Apache License
Version 2.0, January 2004
@ -4138,7 +4139,7 @@ limitations under the License.
<li><a href=" https://github.com/VoidStarKat/half-rs ">half 2.7.1</a></li>
<li><a href=" https://github.com/dtolnay/itoa ">itoa 1.0.18</a></li>
<li><a href=" https://github.com/rust-lang/libc ">libc 0.2.186</a></li>
<li><a href=" https://github.com/jhpratt/num-conv ">num-conv 0.2.1</a></li>
<li><a href=" https://github.com/jhpratt/num-conv ">num-conv 0.2.2</a></li>
<li><a href=" https://github.com/taiki-e/pin-project-lite ">pin-project-lite 0.2.17</a></li>
<li><a href=" https://github.com/taiki-e/portable-atomic ">portable-atomic 1.13.1</a></li>
<li><a href=" https://github.com/dtolnay/proc-macro2 ">proc-macro2 1.0.106</a></li>
@ -4149,10 +4150,10 @@ limitations under the License.
<li><a href=" https://github.com/serde-rs/serde ">serde 1.0.228</a></li>
<li><a href=" https://github.com/serde-rs/serde ">serde_core 1.0.228</a></li>
<li><a href=" https://github.com/serde-rs/serde ">serde_derive 1.0.228</a></li>
<li><a href=" https://github.com/serde-rs/json ">serde_json 1.0.149</a></li>
<li><a href=" https://github.com/serde-rs/json ">serde_json 1.0.150</a></li>
<li><a href=" https://github.com/dtolnay/path-to-error ">serde_path_to_error 0.1.20</a></li>
<li><a href=" https://github.com/nox/serde_urlencoded ">serde_urlencoded 0.7.1</a></li>
<li><a href=" https://github.com/comex/rust-shlex ">shlex 1.3.0</a></li>
<li><a href=" https://github.com/comex/rust-shlex ">shlex 2.0.1</a></li>
<li><a href=" https://github.com/jedisct1/rust-siphash ">siphasher 1.0.3</a></li>
<li><a href=" https://github.com/dtolnay/syn ">syn 2.0.117</a></li>
<li><a href=" https://github.com/Actyx/sync_wrapper ">sync_wrapper 1.0.2</a></li>
@ -4242,7 +4243,7 @@ limitations under the License.
<h3 id="Apache-2.0">Apache License 2.0</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/chronotope/chrono ">chrono 0.4.44</a></li>
<li><a href=" https://github.com/chronotope/chrono ">chrono 0.4.45</a></li>
</ul>
<pre class="license-text">Rust-chrono is dual-licensed under The MIT License [1] and
Apache 2.0 License [2]. Copyright (c) 2014--2026, Kang Seonghoon and
@ -4795,7 +4796,7 @@ The GNU General Public License does not permit incorporating your program into p
<h3 id="MIT">MIT License</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/tokio-rs/mio ">mio 1.2.0</a></li>
<li><a href=" https://github.com/tokio-rs/mio ">mio 1.2.1</a></li>
</ul>
<pre class="license-text">Copyright (c) 2014 Carl Lerche and other MIO contributors
@ -4877,7 +4878,7 @@ IN THE SOFTWARE.
<h3 id="MIT">MIT License</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/hyperium/hyper ">hyper 1.9.0</a></li>
<li><a href=" https://github.com/hyperium/hyper ">hyper 1.10.1</a></li>
</ul>
<pre class="license-text">Copyright (c) 2014-2026 Sean McArthur
@ -5163,7 +5164,7 @@ DEALINGS IN THE SOFTWARE.
<h3 id="MIT">MIT License</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/tower-rs/tower-http ">tower-http 0.6.10</a></li>
<li><a href=" https://github.com/tower-rs/tower-http ">tower-http 0.6.11</a></li>
</ul>
<pre class="license-text">Copyright (c) 2019-2021 Tower Contributors
@ -5346,7 +5347,7 @@ SOFTWARE.
<h3 id="MIT">MIT License</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/xacrimon/dashmap ">dashmap 6.1.0</a></li>
<li><a href=" https://github.com/xacrimon/dashmap ">dashmap 6.2.1</a></li>
</ul>
<pre class="license-text">MIT License
@ -5621,7 +5622,7 @@ DEALINGS IN THE SOFTWARE.
<h3 id="MIT">MIT License</h3>
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/winnow-rs/winnow ">winnow 1.0.2</a></li>
<li><a href=" https://github.com/winnow-rs/winnow ">winnow 1.0.3</a></li>
</ul>
<pre class="license-text">Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
@ -5711,8 +5712,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
<ul class="license-used-by">
<li><a href=" https://github.com/BurntSushi/aho-corasick ">aho-corasick 1.1.4</a></li>
<li><a href=" https://github.com/BurntSushi/ripgrep/tree/master/crates/globset ">globset 0.4.18</a></li>
<li><a href=" https://github.com/BurntSushi/ripgrep/tree/master/crates/ignore ">ignore 0.4.25</a></li>
<li><a href=" https://github.com/BurntSushi/memchr ">memchr 2.8.0</a></li>
<li><a href=" https://github.com/BurntSushi/ripgrep/tree/master/crates/ignore ">ignore 0.4.26</a></li>
<li><a href=" https://github.com/BurntSushi/memchr ">memchr 2.8.1</a></li>
<li><a href=" https://github.com/BurntSushi/walkdir ">walkdir 2.5.0</a></li>
</ul>
<pre class="license-text">The MIT License (MIT)
@ -5923,7 +5924,7 @@ SOFTWARE.
<h4>Used by:</h4>
<ul class="license-used-by">
<li><a href=" https://github.com/tree-sitter/tree-sitter ">tree-sitter-language 0.1.7</a></li>
<li><a href=" https://github.com/tree-sitter/tree-sitter ">tree-sitter 0.26.8</a></li>
<li><a href=" https://github.com/tree-sitter/tree-sitter ">tree-sitter 0.26.9</a></li>
</ul>
<pre class="license-text">The MIT License (MIT)

1
src/commands/scan.rs
View file

@ -355,6 +355,7 @@ pub fn format_dynamic_verification_summary(summary: &DynamicVerificationSummary)
/// composite-chain re-verification can reuse preloaded summaries and callgraph
/// context.
#[cfg(feature = "dynamic")]
#[allow(clippy::too_many_arguments)]
pub(crate) fn verify_findings_for_scan(
diags: &mut [Diag],
project_name: &str,

8
src/surface/build.rs
View file

@ -3,15 +3,15 @@
//! Phase 22 dispatch:
//!
//! 1. Per-file framework probes (one parser per language) emit
//! [`SurfaceNode::EntryPoint`](crate::surface::SurfaceNode::EntryPoint) nodes for every recognised route /
//! [`SurfaceNode::EntryPoint`] nodes for every recognised route /
//! handler.
//! 2. [`super::datastore::detect_data_stores`] walks
//! [`GlobalSummaries`] and emits [`SurfaceNode::DataStore`](crate::surface::SurfaceNode::DataStore) nodes
//! [`GlobalSummaries`] and emits [`SurfaceNode::DataStore`] nodes
//! for every recognised driver call.
//! 3. [`super::external::detect_external_services`] walks summaries +
//! SSRF caps and emits [`SurfaceNode::ExternalService`](crate::surface::SurfaceNode::ExternalService) nodes.
//! SSRF caps and emits [`SurfaceNode::ExternalService`] nodes.
//! 4. [`super::dangerous::detect_dangerous_locals`] walks summaries
//! and emits [`SurfaceNode::DangerousLocal`](crate::surface::SurfaceNode::DangerousLocal) nodes for every
//! and emits [`SurfaceNode::DangerousLocal`] nodes for every
//! function whose `sink_caps` include a local-sink class (code-exec,
//! deserialize, SSTI, format-string, LDAP / XPath / header /
//! open-redirect injection, XXE, prototype pollution), located at the

4
src/surface/exposure.rs
View file

@ -3,7 +3,7 @@
//!
//! This is the bridge that makes the attack surface participate in the
//! core finding pipeline instead of living off to the side in `nyx
//! surface`: every [`Diag`](crate::commands::scan::Diag) gets an
//! surface`: every [`Diag`] gets an
//! optional [`Exposure`] annotation describing the *worst-case* route
//! that reaches it (unauthenticated preferred over auth-gated, direct
//! file match preferred over transitive call-graph reach), and the
@ -11,7 +11,7 @@
//! reachable findings sort above internal ones.
//!
//! Matching granularity is file-level, same as the chain composer's
//! [`Reach`](crate::chain::Reach): a finding in `views.py` is exposed
//! [`Reach`](crate::chain::edges::Reach): a finding in `views.py` is exposed
//! when an entry-point's handler lives in `views.py`, or — when a
//! [`FileReachMap`] is supplied — when some handler's file transitively
//! reaches `views.py` through the call graph.