Update and release yubico_ng

* Upgrade to `tokio` 1.44, `rand` 0.9
* Renamed to yubico_ng and published crate
* Made edition 2024 compatible
* Added several clippy/rust lints and fixed those
* Fixed a panic if the `YK_API_HOST` was invalid
* Use only the main api server, the others are deprecated
* Run cargo fmt
* Updated GHA to use hashes and run/fix zizmor

Signed-off-by: BlackDex <[email protected]>

Author: BlackDex

.github/FUNDING.yml

@@ -0,0 +1,3 @@
+github: BlackDex
+liberapay: BlackDex
+custom: ["https://paypal.me/MathijsvVeluw"]

.github/workflows/build.yml

@@ -1,4 +1,5 @@
 name: Build
+permissions: {}
 
 on:
   push:
@@ -9,17 +10,20 @@ on:
       - "Cargo.toml"
   pull_request:
     paths:
-        - ".github/workflows/build.yml"
-        - "examples/**"
-        - "src/**"
-        - "Cargo.toml"
+      - ".github/workflows/build.yml"
+      - "examples/**"
+      - "src/**"
+      - "Cargo.toml"
 
 ## To trigger this workflow using `act` (https://github.com/nektos/act) you can do the following.
 #    act push -j build
 
 jobs:
   build:
-    runs-on: ubuntu-22.04
+    name: Build and Test
+    permissions:
+      contents: read
+    runs-on: ubuntu-24.04
     timeout-minutes: 30
     # Make warnings errors, this is to prevent warnings slipping through.
     # This is done globally to prevent rebuilds when the RUSTFLAGS env variable changes.
@@ -28,15 +32,7 @@ jobs:
     strategy:
       fail-fast: false
 
-    name: Build and Test
-
     steps:
-      # Checkout the repo
-      - name: "Checkout"
-        uses: actions/checkout@v4
-      # End Checkout the repo
-
-
       # Install dependencies
       - name: "Install dependencies Ubuntu"
         run: sudo apt-get update && sudo apt-get install -y --no-install-recommends build-essential pkg-config openssl libssl-dev
@@ -45,22 +41,27 @@ jobs:
 
       # Install Rust with clippy
       - name: "Install rust-toolchain version"
-        uses: dtolnay/rust-toolchain@stable
+        uses: dtolnay/rust-toolchain@fcf085fcb4b4b8f63f96906cd713eb52181b5ea4 # stable at Mar 18, 2025, 8:14 PM GMT+1
         with:
           components: clippy
       # End Install Rust with clippy
 
-
       # Show environment
       - name: "Show environment"
         run: |
           rustc -vV
           cargo -vV
       # End Show environment
 
+      # Checkout the repo
+      - name: "Checkout"
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        with:
+          persist-credentials: false
+      # End Checkout the repo
 
       # Enable Rust Caching
-      - uses: Swatinem/rust-cache@v2
+      - uses: Swatinem/rust-cache@9d47c6ad4b02e050fd481d890b2ea34778fd09d6 # v2.7.8
       # End Enable Rust Caching
 
       # Run cargo commands
@@ -127,29 +128,39 @@ jobs:
       # This is useful so all test/clippy/fmt actions are done, and they can all be addressed
       - name: "Some checks failed"
         if: ${{ failure() }}
+        env:
+          RUN_CARGO_UPDATE: ${{ steps.run_cargo_update.outcome }}
+          RUN_CARGO_TEST: ${{ steps.run_cargo_test.outcome }}
+          BUILD_ALL: ${{ steps.build_all_features.outcome }}
+          EXAMPLE_OTP: ${{ steps.build_example_otp.outcome }}
+          EXAMPLE_OTP_ASYNC: ${{ steps.build_example_otp_async.outcome }}
+          EXAMPLE_OTP_CUSTOM: ${{ steps.build_example_otp_custom.outcome }}
+          EXAMPLE_OTP_WITH_PROXY: ${{ steps.build_example_otp_with_proxy.outcome }}
+          RUN_CARGO_CLIPPY: ${{ steps.run_cargo_clippy.outcome }}
+          RUN_CARGO_CLIPPY_EXAMPLES: ${{ steps.run_cargo_clippy_examples.outcome }}
         run: |
-          echo "### :x: Checks Failed!" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "|Job|Status|" >> $GITHUB_STEP_SUMMARY
-          echo "|---|------|" >> $GITHUB_STEP_SUMMARY
-          echo "|cargo update|${{ steps.run_cargo_update.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|cargo test|${{ steps.run_cargo_test.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|build all features|${{ steps.build_all_features.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|build example otp|${{ steps.build_example_otp.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|build example otp_async|${{ steps.build_example_otp_async.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|build example otp_custom|${{ steps.build_example_otp_custom.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|build example otp_with_proxy|${{ steps.build_example_otp_with_proxy.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|clippy all features|${{ steps.run_cargo_clippy.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "|clippy examples|${{ steps.run_cargo_clippy_examples.outcome }}|" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
-          echo "Please check the failed jobs and fix where needed." >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### :x: Checks Failed!" >> ${GITHUB_STEP_SUMMARY}
+          echo "" >> ${GITHUB_STEP_SUMMARY}
+          echo "|Job|Status|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|---|------|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|cargo update|${RUN_CARGO_UPDATE}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|cargo test|${RUN_CARGO_TEST}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|build all features|${BUILD_ALL}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|build example otp|${EXAMPLE_OTP}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|build example otp_async|${EXAMPLE_OTP_ASYNC}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|build example otp_custom|${EXAMPLE_OTP_CUSTOM}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|build example otp_with_proxy|${EXAMPLE_OTP_WITH_PROXY}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|clippy all features|${RUN_CARGO_CLIPPY}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "|clippy examples|${RUN_CARGO_CLIPPY_EXAMPLES}|" >> ${GITHUB_STEP_SUMMARY}
+          echo "" >> ${GITHUB_STEP_SUMMARY}
+          echo "Please check the failed jobs and fix where needed." >> ${GITHUB_STEP_SUMMARY}
+          echo "" >> ${GITHUB_STEP_SUMMARY}
           exit 1
 
 
       # If all was ok, then we show this
       - name: "All checks passed"
         if: ${{ success() }}
         run: |
-          echo "### :tada: Checks Passed!" >> $GITHUB_STEP_SUMMARY
-          echo "" >> $GITHUB_STEP_SUMMARY
+          echo "### :tada: Checks Passed!" >> ${GITHUB_STEP_SUMMARY}
+          echo "" >> ${GITHUB_STEP_SUMMARY}

Cargo.toml

@@ -1,39 +1,102 @@
 [package]
-name = "yubico"
-version = "0.12.0"
-authors = ["Flavio Oliveira <[email protected]>", "Pierre Larger <pierre.larger@gmail.com>"]
+name = "yubico_ng"
+version = "0.13.0"
+authors = ["Mathijs van Veluw <black.dex@gmail.com>"]
 edition = "2021"
 
 description = "Yubikey client API library"
 license = "MIT OR Apache-2.0"
 keywords = ["yubikey", "authentication", "encryption", "OTP", "Challenge-Response"]
 categories = ["authentication"]
-repository = "https://github.com/wisespace-io/yubico-rs"
+repository = "https://github.com/BlackDex/yubico-rs"
 readme = "README.md"
 
-[badges]
-travis-ci = { repository = "wisespace-io/yubico-rs" }
-
 [lib]
-name = "yubico"
+name = "yubico_ng"
 path = "src/lib.rs"
 
 [dependencies]
 base64 = "0.22"
 futures = { version = "0.3", optional = true }
 hmac = "0.12"
-rand = "0.8"
+rand = "0.9"
 reqwest = { version = "0.12", features = ["blocking"], default-features = false }
 sha1 = "0.10"
 threadpool = "1.8"
 form_urlencoded = "1"
 
 [dev-dependencies]
-tokio = { version = "1.37", features = ["macros"] }
+tokio = { version = "1.44", features = ["macros", "rt-multi-thread"] }
 futures = "0.3"
 
 [features]
 default = ["online-tokio", "native-tls"]
 online-tokio = ["futures"]
-rustls-tls = ["reqwest/rustls-tls"]
 native-tls = ["reqwest/native-tls"]
+rustls-tls = ["reqwest/rustls-tls"]
+
+# Linting config
+# https://doc.rust-lang.org/rustc/lints/groups.html
+[workspace.lints.rust]
+# Forbid
+unsafe_code = "forbid"
+non_ascii_idents = "forbid"
+
+# Deny
+deprecated_in_future = "deny"
+future_incompatible = { level = "deny", priority = -1 }
+keyword_idents = { level = "deny", priority = -1 }
+let_underscore = { level = "deny", priority = -1 }
+noop_method_call = "deny"
+refining_impl_trait = { level = "deny", priority = -1 }
+rust_2018_idioms = { level = "deny", priority = -1 }
+rust_2021_compatibility = { level = "deny", priority = -1 }
+rust_2024_compatibility = { level = "deny", priority = -1 }
+single_use_lifetimes = "deny"
+trivial_casts = "deny"
+trivial_numeric_casts = "deny"
+unused = { level = "deny", priority = -1 }
+unused_import_braces = "deny"
+unused_lifetimes = "deny"
+unused_qualifications = "deny"
+variant_size_differences = "deny"
+
+# https://rust-lang.github.io/rust-clippy/stable/index.html
+[workspace.lints.clippy]
+# Warn
+dbg_macro = "warn"
+todo = "warn"
+
+# Deny
+case_sensitive_file_extension_comparisons = "deny"
+cast_lossless = "deny"
+clone_on_ref_ptr = "deny"
+equatable_if_let = "deny"
+filter_map_next = "deny"
+float_cmp_const = "deny"
+inefficient_to_string = "deny"
+iter_on_empty_collections = "deny"
+iter_on_single_items = "deny"
+linkedlist = "deny"
+macro_use_imports = "deny"
+manual_assert = "deny"
+manual_instant_elapsed = "deny"
+manual_string_new = "deny"
+match_on_vec_items = "deny"
+match_wildcard_for_single_variants = "deny"
+mem_forget = "deny"
+needless_continue = "deny"
+needless_lifetimes = "deny"
+option_option = "deny"
+string_add_assign = "deny"
+string_to_string = "deny"
+unnecessary_join = "deny"
+unnecessary_self_imports = "deny"
+unnested_or_patterns = "deny"
+unused_async = "deny"
+unused_self = "deny"
+verbose_file_reads = "deny"
+zero_sized_map_values = "deny"
+
+[lints]
+workspace = true

README.md

@@ -1,9 +1,8 @@
-# Yubico   [![Build Status]][travis] [![Latest Version]][crates.io] [![MIT licensed]][MIT] [![Apache-2.0 licensed]][APACHE]
+# Yubico NG   [![Latest Version]][crates.io] [![deps.rs]][deps.rs] [![MIT licensed]][MIT] [![Apache-2.0 licensed]][APACHE]
 
-[Build Status]: https://travis-ci.org/wisespace-io/yubico-rs.png?branch=master
-[travis]: https://travis-ci.org/wisespace-io/yubico-rs
-[Latest Version]: https://img.shields.io/crates/v/yubico.svg
-[crates.io]: https://crates.io/crates/yubico
+[Latest Version]: https://img.shields.io/crates/v/yubico_ng.svg
+[crates.io]: https://crates.io/crates/yubico_ng
+[deps.rs]: https://deps.rs/repo/github/BlackDex/yubico-rs/status.svg
 [MIT licensed]: https://img.shields.io/badge/License-MIT-blue.svg
 [MIT]: ./LICENSE-MIT
 [Apache-2.0 licensed]: https://img.shields.io/badge/License-Apache%202.0-blue.svg
@@ -15,7 +14,7 @@
 
 ## Current features
 
-- [X] Synchronous Yubikey client API library, [validation protocol version 2.0](https://developers.yubico.com/yubikey-val/Validation_Protocol_V2.0.html).
+- [X] Synchronous Yubikey client API library, [validation protocol version 2.0](https://developers.yubico.com/OTP/Specifications/OTP_validation_protocol.html).
 - [X] Asynchronous Yubikey client API library relying on [Tokio](https://github.com/tokio-rs/tokio)
 
 **Note:** The USB-related features have been moved to a sepatated repository, [yubico-manager](https://github.com/wisespace-io/yubico-manager)
@@ -26,19 +25,27 @@ Add this to your Cargo.toml
 
 ```toml
 [dependencies]
-yubico = "0.12"
+yubico_ng = "0.13"
+```
+
+Or, since this crate is still backwards compatible with the yubico crate.
+```toml
+[dependencies]
+yubico = { version = "0.13", package = "yubico_ng" }
 ```
 
 The following are a list of Cargo features that can be enabled or disabled:
 
 - online-tokio (enabled by default): Provides integration to Tokio using futures.
+- native-tls (enabled by default): Use native-tls provided by the OS.
+- rustls-tls: Use rustls instead of native-tls.
 
 You can enable or disable them using the example below:
 
   ```toml
-  [dependencies.yubico]
-  version = "0.12"
-  # don't include the default features (online-tokio)
+  [dependencies.yubico_ng]
+  version = "0.13"
+  # don't include the default features (online-tokio, native-tls)
   default-features = false
   # cherry-pick individual features
   features = []
@@ -49,10 +56,10 @@ You can enable or disable them using the example below:
 ### OTP with Default Servers
 
 ```rust
-extern crate yubico;
+extern crate yubico_ng;
 
-use yubico::config::*;
-use yubico::verify;
+use yubico_ng::config::*;
+use yubico_ng::verify;
 
 fn main() {
    let config = Config::default()
@@ -69,8 +76,8 @@ fn main() {
 ## OTP with custom API servers
 
 ```rust
-use yubico::verify;
-use yubico::config::Config;
+use yubico_ng::verify;
+use yubico_ng::config::Config;
 
 fn main() {
    let config = Config::default()
@@ -92,8 +99,8 @@ fn main() {
 use futures::TryFutureExt;
 
 use std::io::stdin;
-use yubico::config::Config;
-use yubico::verify_async;
+use yubico_ng::config::Config;
+use yubico_ng::verify_async;
 
 #[tokio::main]
 async fn main() -> Result<(), ()> {
@@ -172,6 +179,16 @@ The OTP is valid.
 
 ## Changelog
 
+    - 0.13.0 (2025-04-23):
+      * Upgrade to `tokio` 1.44, `rand` 0.9
+      * Renamed to yubico_ng and published crate
+      * Made edition 2024 compatible
+      * Added several clippy/rust lints and fixed those
+      * Fixed a panic if the `YK_API_HOST` was invalid
+      * Use only the main api server, the others are deprecated
+      * Run cargo fmt
+      * Updated GHA to use hashes and run/fix zizmor
+
     - 0.12.0: Upgrade to `tokio` 1.37, `reqwest` 0.12, `base64` 0.22, clippy fixes.
     - 0.10.0: Upgrade to `tokio` 1.1 and `reqwest` 0.11
     - 0.9.2: (Yanked) Dependencies update

examples/README.md

@@ -20,4 +20,4 @@ cargo run --release --example "otp_custom"
 
 ## Asynchronous OTP check
 
-cargo run --release --example "otp_async"
+cargo run --release --example "otp_async"

examples/otp.rs

@@ -1,6 +1,6 @@
 use std::io::stdin;
-use yubico::config::Config;
-use yubico::verify;
+use yubico_ng::config::Config;
+use yubico_ng::verify;
 
 fn main() {
     println!("Please plug in a yubikey and enter an OTP");

examples/otp_async.rs

@@ -1,8 +1,8 @@
 use futures::TryFutureExt;
 
 use std::io::stdin;
-use yubico::config::Config;
-use yubico::verify_async;
+use yubico_ng::config::Config;
+use yubico_ng::verify_async;
 
 #[tokio::main]
 async fn main() -> Result<(), ()> {

examples/otp_custom.rs

@@ -1,6 +1,6 @@
 use std::io::stdin;
-use yubico::config::Config;
-use yubico::verify;
+use yubico_ng::config::Config;
+use yubico_ng::verify;
 
 fn main() {
     println!("Please plug in a yubikey and enter an OTP");