Rodrigo Rodriguez (Pragmatismo)
c67aaa677a
SECURITY MODULES ADDED: - security/auth.rs: Full RBAC with roles (Anonymous, User, Moderator, Admin, SuperAdmin, Service, Bot, BotOwner, BotOperator, BotViewer) and permissions - security/cors.rs: Hardened CORS (no wildcard in production, env-based config) - security/panic_handler.rs: Panic catching middleware with safe 500 responses - security/path_guard.rs: Path traversal protection, null byte prevention - security/request_id.rs: UUID request tracking with correlation IDs - security/error_sanitizer.rs: Sensitive data redaction from responses - security/zitadel_auth.rs: Zitadel token introspection and role mapping - security/sql_guard.rs: SQL injection prevention with table whitelist - security/command_guard.rs: Command injection prevention - security/secrets.rs: Zeroizing secret management - security/validation.rs: Input validation utilities - security/rate_limiter.rs: Rate limiting with governor crate - security/headers.rs: Security headers (CSP, HSTS, X-Frame-Options) MAIN.RS UPDATES: - Replaced tower_http::cors::Any with hardened create_cors_layer() - Added panic handler middleware - Added request ID tracking middleware - Set global panic hook SECURITY STATUS: - 0 unwrap() in production code - 0 panic! in production code - 0 unsafe blocks - cargo audit: PASS (no vulnerabilities) - Estimated completion: ~98% Remaining: Wire auth middleware to handlers, audit logs for sensitive data
246 lines
7 KiB
TOML
246 lines
7 KiB
TOML
[package]
|
|
name = "botserver"
|
|
version = "6.1.0"
|
|
edition = "2021"
|
|
keywords = ["chatbot", "ai", "llm", "automation", "bot-framework"]
|
|
categories = ["web-programming", "api-bindings", "development-tools"]
|
|
authors = [
|
|
"Pragmatismo.com.br ",
|
|
"General Bots Community ",
|
|
"Alan Perdomo",
|
|
"Ana Paula Gil",
|
|
"Arenas.io",
|
|
"Atylla L",
|
|
"Christopher de Castilho",
|
|
"Dario Junior",
|
|
"David Lerner",
|
|
"Experimentation Garage",
|
|
"Flavio Andrade",
|
|
"Heraldo Almeida",
|
|
"Joao Parana",
|
|
"Jonathas C",
|
|
"J Ramos",
|
|
"Lucas Picanco",
|
|
"Marcos Velasco",
|
|
"Matheus 39x",
|
|
"Oerlabs Henrique",
|
|
"Othon Lima",
|
|
"PH Nascimento",
|
|
"Phpussente",
|
|
"Robson Dantas",
|
|
"Rodrigo Rodriguez ",
|
|
"Sarah Lourenco",
|
|
"Thi Patriota",
|
|
"Webgus",
|
|
"Zuilho Se",
|
|
]
|
|
description = "General Bots Server - Open-source bot platform by Pragmatismo.com.br"
|
|
license = "AGPL-3.0"
|
|
repository = "https://github.com/GeneralBots/BotServer"
|
|
|
|
[dependencies.botlib]
|
|
path = "../botlib"
|
|
features = ["database"]
|
|
|
|
[features]
|
|
# ===== DEFAULT FEATURE SET =====
|
|
default = ["console", "chat", "automation", "tasks", "drive", "llm", "cache", "progress-bars", "directory"]
|
|
|
|
# ===== UI FEATURES =====
|
|
console = ["dep:crossterm", "dep:ratatui", "monitoring"]
|
|
|
|
# ===== CORE INTEGRATIONS =====
|
|
vectordb = ["dep:qdrant-client"]
|
|
llm = []
|
|
nvidia = []
|
|
|
|
# ===== COMMUNICATION CHANNELS =====
|
|
email = ["dep:imap", "dep:lettre", "dep:mailparse", "dep:native-tls"]
|
|
whatsapp = []
|
|
instagram = []
|
|
msteams = []
|
|
|
|
# ===== PRODUCTIVITY FEATURES =====
|
|
chat = []
|
|
drive = ["dep:aws-config", "dep:aws-sdk-s3", "dep:pdf-extract", "dep:zip", "dep:downloader", "dep:mime_guess", "dep:flate2", "dep:tar"]
|
|
tasks = ["dep:cron"]
|
|
calendar = []
|
|
meet = ["dep:livekit"]
|
|
mail = ["email"]
|
|
|
|
# ===== ENTERPRISE FEATURES =====
|
|
compliance = ["dep:csv"]
|
|
attendance = ["drive"]
|
|
directory = []
|
|
weba = []
|
|
timeseries = []
|
|
|
|
# ===== OPTIONAL INFRASTRUCTURE =====
|
|
cache = ["dep:redis"]
|
|
monitoring = ["dep:sysinfo"]
|
|
automation = ["dep:rhai"]
|
|
grpc = ["dep:tonic"]
|
|
progress-bars = ["dep:indicatif"]
|
|
|
|
# ===== META FEATURES (BUNDLES) =====
|
|
full = [
|
|
"console",
|
|
"vectordb", "llm", "nvidia", "timeseries",
|
|
"email", "whatsapp", "instagram", "msteams",
|
|
"chat", "drive", "tasks", "calendar", "meet", "mail",
|
|
"compliance", "attendance", "directory", "weba",
|
|
"cache", "monitoring", "automation", "grpc", "progress-bars"
|
|
]
|
|
|
|
communications = ["email", "whatsapp", "instagram", "msteams", "chat", "cache"]
|
|
productivity = ["chat", "drive", "tasks", "calendar", "meet", "mail", "cache"]
|
|
enterprise = ["compliance", "attendance", "directory", "llm", "vectordb", "monitoring", "timeseries"]
|
|
minimal = ["chat"]
|
|
lightweight = ["chat", "drive", "tasks"]
|
|
|
|
[dependencies]
|
|
# === CORE RUNTIME (Always Required) ===
|
|
aes-gcm = "0.10"
|
|
anyhow = "1.0"
|
|
argon2 = "0.5"
|
|
async-lock = "2.8.0"
|
|
async-stream = "0.3"
|
|
async-trait = "0.1"
|
|
axum = { version = "0.7.5", features = ["ws", "multipart", "macros"] }
|
|
axum-server = { version = "0.7", features = ["tls-rustls"] }
|
|
base64 = "0.22"
|
|
bytes = "1.8"
|
|
chrono = { version = "0.4", features = ["serde"] }
|
|
color-eyre = "0.6.5"
|
|
diesel = { version = "2.1", features = ["postgres", "uuid", "chrono", "serde_json", "r2d2"] }
|
|
diesel_migrations = "2.1.0"
|
|
dirs = "5.0"
|
|
dotenvy = "0.15"
|
|
env_logger = "0.11"
|
|
futures = "0.3"
|
|
futures-util = "0.3"
|
|
hex = "0.4"
|
|
hmac = "0.12.1"
|
|
hyper = { version = "1.4", features = ["full"] }
|
|
hyper-rustls = { version = "0.27", features = ["http2"] }
|
|
log = "0.4"
|
|
num-format = "0.4"
|
|
once_cell = "1.18.0"
|
|
rand = "0.9.2"
|
|
regex = "1.11"
|
|
reqwest = { version = "0.12", features = ["json", "stream", "multipart", "rustls-tls", "rustls-tls-native-roots"] }
|
|
serde = { version = "1.0", features = ["derive"] }
|
|
serde_json = "1.0"
|
|
toml = "0.8"
|
|
sha2 = "0.10.9"
|
|
tokio = { version = "1.41", features = ["full"] }
|
|
tokio-stream = "0.1"
|
|
tower = "0.4"
|
|
tower-http = { version = "0.5", features = ["cors", "fs", "trace"] }
|
|
tracing = "0.1"
|
|
askama = "0.12"
|
|
askama_axum = "0.4"
|
|
tracing-subscriber = { version = "0.3", features = ["fmt"] }
|
|
urlencoding = "2.1"
|
|
uuid = { version = "1.11", features = ["serde", "v4", "v5"] }
|
|
|
|
# === TLS/SECURITY DEPENDENCIES ===
|
|
rustls = { version = "0.23", default-features = false, features = ["ring", "std", "tls12"] }
|
|
tokio-rustls = "0.26"
|
|
rcgen = { version = "0.14", features = ["pem"] }
|
|
x509-parser = "0.15"
|
|
rustls-native-certs = "0.8"
|
|
webpki-roots = "0.25"
|
|
ring = "0.17"
|
|
time = { version = "0.3", features = ["formatting", "parsing"] }
|
|
jsonwebtoken = "9.3"
|
|
tower-cookies = "0.10"
|
|
|
|
# === FEATURE-SPECIFIC DEPENDENCIES (Optional) ===
|
|
|
|
# Email Integration (email feature)
|
|
imap = { version = "3.0.0-alpha.15", optional = true }
|
|
lettre = { version = "0.11", features = ["smtp-transport", "builder", "tokio1", "tokio1-native-tls"], optional = true }
|
|
mailparse = { version = "0.15", optional = true }
|
|
native-tls = { version = "0.2", optional = true }
|
|
|
|
# Video Meetings (meet feature)
|
|
livekit = { version = "0.7", optional = true }
|
|
|
|
# Vector Database (vectordb feature)
|
|
qdrant-client = { version = "1.12", optional = true }
|
|
|
|
# File Storage & Drive (drive feature)
|
|
aws-config = { version = "1.8.8", features = ["behavior-version-latest"], optional = true }
|
|
aws-sdk-s3 = { version = "1.109.0", features = ["behavior-version-latest"], optional = true }
|
|
pdf-extract = { version = "0.10.0", optional = true }
|
|
zip = { version = "2.2", optional = true }
|
|
downloader = { version = "0.2", optional = true }
|
|
mime_guess = { version = "2.0", optional = true }
|
|
flate2 = { version = "1.0", optional = true }
|
|
tar = { version = "0.4", optional = true }
|
|
|
|
# Task Management (tasks feature)
|
|
cron = { version = "0.15.0", optional = true }
|
|
|
|
# Automation & Scripting (automation feature)
|
|
rhai = { git = "https://github.com/therealprof/rhai.git", branch = "features/use-web-time", features = ["sync"], optional = true }
|
|
|
|
# Compliance & Reporting (compliance feature)
|
|
csv = { version = "1.3", optional = true }
|
|
|
|
# Console/TUI (console feature)
|
|
crossterm = { version = "0.29.0", optional = true }
|
|
ratatui = { version = "0.29", optional = true }
|
|
|
|
# QR Code Generation (using png directly to avoid image's ravif/paste dependency)
|
|
png = "0.18"
|
|
qrcode = { version = "0.14", default-features = false }
|
|
|
|
# Excel/Spreadsheet Support
|
|
calamine = "0.26"
|
|
rust_xlsxwriter = "0.79"
|
|
|
|
# Error handling
|
|
thiserror = "2.0"
|
|
|
|
# Caching/Sessions (cache feature)
|
|
redis = { version = "0.27", features = ["tokio-comp"], optional = true }
|
|
|
|
# System Monitoring (monitoring feature)
|
|
sysinfo = { version = "0.37.2", optional = true }
|
|
|
|
# Networking/gRPC (grpc feature)
|
|
tonic = { version = "0.14.2", features = ["transport"], optional = true }
|
|
|
|
# UI Enhancement (progress-bars feature)
|
|
indicatif = { version = "0.18.0", optional = true }
|
|
smartstring = "1.0.1"
|
|
scopeguard = "1.2.0"
|
|
|
|
# Vault secrets management
|
|
vaultrs = "0.7"
|
|
|
|
# Calendar standards (RFC 5545)
|
|
icalendar = "0.17"
|
|
|
|
# Layered configuration
|
|
figment = { version = "0.10", features = ["toml", "env", "json"] }
|
|
|
|
# Rate limiting
|
|
governor = "0.10"
|
|
|
|
# RSS feed parsing
|
|
rss = "2.0"
|
|
|
|
# HTML parsing/web scraping
|
|
scraper = "0.25"
|
|
walkdir = "2.5.0"
|
|
|
|
[dev-dependencies]
|
|
mockito = "1.7.0"
|
|
tempfile = "3"
|
|
|
|
# === SECURITY AND CODE QUALITY CONFIGURATION ===
|
|
[lints]
|
|
workspace = true
|