Enable more lints

Author: djc

Cargo.toml

@@ -79,7 +79,22 @@ allowed_external_types = [
     "rustls_pki_types::*",
     "serde_core::*",
     "serde_json::*",
+    "time::*",
 ]
 
 [lints.rust]
+elided_lifetimes_in_paths = "warn"
+trivial_numeric_casts = "warn"
 unexpected_cfgs = { level = "warn", check-cfg = ["cfg(instant_acme_docsrs)"] }
+unnameable_types = "warn"
+unreachable_pub = "warn"
+unused_extern_crates = "warn"
+unused_import_braces = "warn"
+unused_qualifications = "warn"
+
+[lints.clippy]
+cloned_instead_of_copied = "warn"
+manual_let_else = "warn"
+or_fun_call = "warn"
+upper_case_acronyms = "warn"
+use_self = "warn"

src/account.rs

@@ -153,13 +153,12 @@ impl Account {
 
     /// Revokes a previously issued certificate
     pub async fn revoke<'a>(&'a self, payload: &RevocationRequest<'a>) -> Result<(), Error> {
-        let revoke_url = match self.inner.client.directory.revoke_cert.as_deref() {
-            Some(url) => url,
+        let Some(revoke_url) = self.inner.client.directory.revoke_cert.as_deref() else {
             // This happens because the current account credentials were deserialized from an
             // older version which only serialized a subset of the directory URLs. You should
             // make sure the account credentials include a `directory` field containing a
             // string with the server's directory URL.
-            None => return Err("no revokeCert URL found".into()),
+            return Err("no revokeCert URL found".into());
         };
 
         let rsp = self.inner.post(Some(payload), None, revoke_url).await?;
@@ -221,9 +220,8 @@ impl Account {
     ///
     /// See <https://datatracker.ietf.org/doc/html/rfc8555#section-7.3.5> for more information.
     pub async fn update_key(&mut self) -> Result<AccountCredentials, Error> {
-        let new_key_url = match self.inner.client.directory.key_change.as_deref() {
-            Some(url) => url,
-            None => return Err("Account key rollover not supported by ACME CA".into()),
+        let Some(new_key_url) = self.inner.client.directory.key_change.as_deref() else {
+            return Err("Account key rollover not supported by ACME CA".into());
         };
 
         #[derive(Debug, Serialize)]

src/lib.rs

@@ -1,6 +1,5 @@
 //! Async pure-Rust ACME (RFC 8555) client.
 
-#![warn(unreachable_pub)]
 #![warn(missing_docs)]
 #![cfg_attr(instant_acme_docsrs, feature(doc_cfg))]
 
@@ -43,15 +42,15 @@ pub use order::{
     RetryPolicy,
 };
 mod types;
-#[cfg(feature = "time")]
-pub use types::RenewalInfo;
 pub use types::{
     AccountCredentials, Authorization, AuthorizationState, AuthorizationStatus,
-    AuthorizedIdentifier, CertificateIdentifier, Challenge, ChallengeType, Error, Identifier,
-    LetsEncrypt, NewAccount, NewOrder, OrderState, OrderStatus, Problem, ProfileMeta,
-    RevocationReason, RevocationRequest, ZeroSsl,
+    AuthorizedIdentifier, CertificateIdentifier, Challenge, ChallengeStatus, ChallengeType,
+    DeviceAttestation, Error, Identifier, LetsEncrypt, NewAccount, NewOrder, OrderState,
+    OrderStatus, Problem, ProfileMeta, RevocationReason, RevocationRequest, Subproblem, ZeroSsl,
 };
 use types::{Directory, JoseJson, Signer};
+#[cfg(feature = "time")]
+pub use types::{RenewalInfo, SuggestedWindow};
 
 struct Client {
     http: Box<dyn HttpClient>,
@@ -68,7 +67,7 @@ impl Client {
             .expect("infallible error should not occur");
         let rsp = http.request(request).await?;
         let body = rsp.body().await.map_err(Error::Other)?;
-        Ok(Client {
+        Ok(Self {
             http,
             directory: serde_json::from_slice(&body)?,
             directory_url: Some(directory_url),
@@ -203,15 +202,15 @@ struct DefaultClient(HyperClient<hyper_rustls::HttpsConnector<HttpConnector>, Bo
 impl DefaultClient {
     fn try_new() -> Result<Self, Error> {
         Ok(Self::new(
-            hyper_rustls::HttpsConnectorBuilder::new()
+            HttpsConnectorBuilder::new()
                 .try_with_platform_verifier()
                 .map_err(|e| Error::Other(Box::new(e)))?,
         ))
     }
 
     fn with_roots(roots: rustls::RootCertStore) -> Result<Self, Error> {
         Ok(Self::new(
-            hyper_rustls::HttpsConnectorBuilder::new().with_tls_config(
+            HttpsConnectorBuilder::new().with_tls_config(
                 rustls::ClientConfig::builder()
                     .with_root_certificates(roots)
                     .with_no_client_auth(),
@@ -347,15 +346,15 @@ impl http_body::Body for BodyWrapper<Bytes> {
 
 impl From<Vec<u8>> for BodyWrapper<Bytes> {
     fn from(data: Vec<u8>) -> Self {
-        BodyWrapper {
+        Self {
             inner: Some(Bytes::from(data)),
         }
     }
 }
 
 #[async_trait]
 impl BytesBody for Bytes {
-    async fn into_bytes(&mut self) -> Result<Bytes, Box<dyn StdError + Send + Sync + 'static>> {
+    async fn into_bytes(&mut self) -> Result<Self, Box<dyn StdError + Send + Sync + 'static>> {
         Ok(self.to_owned())
     }
 }

src/order.rs

@@ -127,9 +127,8 @@ impl Order {
             return Err(Error::Str("invalid order state"));
         }
 
-        let cert_url = match &self.state.certificate {
-            Some(cert_url) => cert_url,
-            None => return Err(Error::Str("no certificate URL found")),
+        let Some(cert_url) = &self.state.certificate else {
+            return Err(Error::Str("no certificate URL found"));
         };
 
         let rsp = self

src/types.rs

@@ -74,7 +74,7 @@ impl Error {
 
 impl From<&'static str> for Error {
     fn from(s: &'static str) -> Self {
-        Error::Str(s)
+        Self::Str(s)
     }
 }
 
@@ -173,7 +173,7 @@ impl Problem {
         let body = rsp.body().await.map_err(Error::Other)?;
         match status.is_informational() || status.is_success() || status.is_redirection() {
             true => Ok(body),
-            false => Err(serde_json::from_slice::<Problem>(&body)?.into()),
+            false => Err(serde_json::from_slice::<Self>(&body)?.into()),
         }
     }
 }
@@ -730,6 +730,7 @@ pub enum ChallengeType {
     Unknown(String),
 }
 
+#[allow(missing_docs)]
 #[derive(Clone, Copy, Debug, Deserialize, Eq, PartialEq)]
 #[serde(rename_all = "camelCase")]
 pub enum ChallengeStatus {
@@ -869,7 +870,7 @@ impl Serialize for CertificateIdentifier<'_> {
 impl<'a> TryFrom<&'a CertificateDer<'_>> for CertificateIdentifier<'_> {
     type Error = String;
 
-    fn try_from(cert: &'a CertificateDer) -> Result<Self, Self::Error> {
+    fn try_from(cert: &'a CertificateDer<'_>) -> Result<Self, Self::Error> {
         let (_, parsed_cert) = parse_x509_certificate(cert.as_ref())
             .map_err(|e| format!("failed to parse certificate: {e}"))?;
 

tests/pebble.rs

@@ -362,7 +362,7 @@ async fn update_key() -> Result<(), Box<dyn StdError>> {
     );
 
     // Change the Pebble environment to use the new ACME account key.
-    env.account = instant_acme::Account::builder_with_http(Box::new(env.client.clone()))
+    env.account = Account::builder_with_http(Box::new(env.client.clone()))
         .from_credentials(new_credentials)
         .await?;
 
@@ -403,7 +403,7 @@ async fn account_from_key() -> Result<(), Box<dyn StdError>> {
     }
 
     let json1 = serde_json::to_string(&credentials)?;
-    let json_key = serde_json::from_str::<JsonKey>(&json1)?;
+    let json_key = serde_json::from_str::<JsonKey<'_>>(&json1)?;
     let key_der = BASE64_URL_SAFE_NO_PAD.decode(json_key.key_pkcs8)?;
     let key = Key::from_pkcs8_der(PrivatePkcs8KeyDer::from(key_der.clone()))?;
 
@@ -476,7 +476,7 @@ async fn account_create_from_key() -> Result<(), Box<dyn StdError>> {
     }
 
     let json1 = serde_json::to_string(&credentials1)?;
-    let json_key = serde_json::from_str::<JsonKey>(&json1)?;
+    let json_key = serde_json::from_str::<JsonKey<'_>>(&json1)?;
     let key_der = BASE64_URL_SAFE_NO_PAD.decode(json_key.key_pkcs8)?;
 
     // Verify the key matches