grenade/cull-gmail
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: upgrade google-gmail1 to v7 to resolve security advisory

Browse Source 
Upgrade google-gmail1 from 6.0.0 to 7.0.0 which uses yup-oauth2 v12
that no longer depends on the unmaintained rustls-pemfile crate.

This resolves RUSTSEC-2025-0134 (rustls-pemfile unmaintained).

Breaking changes addressed:
- Updated InstalledFlowAuthenticator to use CustomHyperClientBuilder
- Added hyper-rustls with http1 feature for OAuth redirect flow

Signed-off-by: Jeremiah Russell <jerry@jrussell.ie>
This commit is contained in:
Jeremiah Russell
2026-01-12 11:42:13 +00:00
committed by Jeremiah Russell
parent efeb118dcd
commit e3555275fb
3 changed files with 340 additions and 416 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/gmail_client.rs
View File

@@ -105,7 +105,7 @@ use google_gmail1::{
client::legacy::{Client, connect::HttpConnector},
rt::TokioExecutor,
},
yup_oauth2::{InstalledFlowAuthenticator, InstalledFlowReturnMethod},
yup_oauth2::{CustomHyperClientBuilder, InstalledFlowAuthenticator, InstalledFlowReturnMethod},
};
mod message_summary;
@@ -259,10 +259,11 @@ impl GmailClient {
let client = Client::builder(executor.clone()).build(connector.clone());
log::trace!("file to persist tokens to `{}`", config.persist_path());
let auth_client = Client::builder(executor).build(connector);
let auth = InstalledFlowAuthenticator::with_client(
config.secret().clone(),
InstalledFlowReturnMethod::HTTPRedirect,
Client::builder(executor).build(connector),
CustomHyperClientBuilder::from(auth_client),
)
.persist_tokens_to_disk(config.persist_path())
.build()