Problem during the setup procedure of Keysas.

[DDPN19]

Hello,

I am reaching out to you regarding an issue encountered during the installation procedure of Keysas.

Firstly, according to the documentation, the "sig" file is missing, but we were able to proceed without it.

Next, during the installation, an error occurred with an entry named: "tarpaulin_include."

Here is a part of the code:

) warning: unexpected cfg condition name: tarpaulin_include --> keysas-core/src/keysas-transit/sandbox/mod.rs:22:11	22	#[cfg(not(tarpaulin_include))]	^^^^^^^^^^^^^^^^^

= help: expected names are: clippy, debug_assertions, doc, docsrs, doctest, feature, miri, overflow_checks, panic, proc_macro, relocation_model, rustfmt, sanitize, sanitizer_cfi_generalize_pointers, sanitizer_cfi_normalize_integers, target_abi, target_arch, target_endian, target_env, target_family, target_feature, target_has_atomic, target_has_atomic_equal_alignment, target_has_atomic_load_store, target_os, target_pointer_width, target_thread_local, target_vendor, test, ub_checks, unix, and windows = help: consider using a Cargo feature instead = help: or consider adding in Cargo.toml the check-cfg lint config for the lint: [lints.rust] unexpected_cfgs = { level = "warn", check-cfg = ['cfg(tarpaulin_include)'] } = help: or consider adding println!("cargo::rustc-check-cfg=cfg(tarpaulin_include)"); to the top of the build.rs = note: see https://doc.rust-lang.org/nightly/rustc/check-cfg/cargo-specifics.html for more information about checking conditional configuration = note: #[warn(unexpected_cfgs)] on by default

warning: keysas-core (bin "keysas-transit") generated 1 warning warning: unexpected cfg condition name: tarpaulin_include --> keysas-core/src/keysas-out/sandbox/mod.rs:21:11	21	#[cfg(not(tarpaulin_include))]	^^^^^^^^^^^^^^^^^

= help: expected names are: clippy, debug_assertions, doc, docsrs, doctest, feature, miri, overflow_checks, panic, proc_macro, relocation_model, rustfmt, sanitize, sanitizer_cfi_generalize_pointers, sanitizer_cfi_normalize_integers, target_abi, target_arch, target_endian, target_env, target_family, target_feature, target_has_atomic, target_has_atomic_equal_alignment, target_has_atomic_load_store, target_os, target_pointer_width, target_thread_local, target_vendor, test, ub_checks, unix, and windows = help: consider using a Cargo feature instead = help: or consider adding in Cargo.toml the check-cfg lint config for the lint: [lints.rust] unexpected_cfgs = { level = "warn", check-cfg = ['cfg(tarpaulin_include)'] } = help: or consider adding println!("cargo::rustc-check-cfg=cfg(tarpaulin_include)"); to the top of the build.rs = note: see https://doc.rust-lang.org/nightly/rustc/check-cfg/cargo-specifics.html for more information about checking conditional configuration = note: #[warn(unexpected_cfgs)] on by default

warning: keysas-core (bin "keysas-out") generated 1 warning warning: unexpected cfg condition name: tarpaulin_include --> keysas-core/src/keysas-in/sandbox/mod.rs:21:11	21	#[cfg(not(tarpaulin_include))]	^^^^^^^^^^^^^^^^^

= help: expected names are: clippy, debug_assertions, doc, docsrs, doctest, feature, miri, overflow_checks, panic, proc_macro, relocation_model, rustfmt, sanitize, sanitizer_cfi_generalize_pointers, sanitizer_cfi_normalize_integers, target_abi, target_arch, target_endian, target_env, target_family, target_feature, target_has_atomic, target_has_atomic_equal_alignment, target_has_atomic_load_store, target_os, target_pointer_width, target_thread_local, target_vendor, test, ub_checks, unix, and windows = help: consider using a Cargo feature instead = help: or consider adding in Cargo.toml the check-cfg lint config for the lint: [lints.rust] unexpected_cfgs = { level = "warn", check-cfg = ['cfg(tarpaulin_include)'] } = help: or consider adding println!("cargo::rustc-check-cfg=cfg(tarpaulin_include)"); to the top of the build.rs = note: see https://doc.rust-lang.org/nightly/rustc/check-cfg/cargo-specifics.html for more information about checking conditional configuration = note: #[warn(unexpected_cfgs)] on by default

warning: keysas-core (bin "keysas-in") generated 1 warning Compiling keysas-sign v2.3.0 (/home/sationbbrive19/keysas/keysas-sign) Finished release profile [optimized] target(s) in 10m 35s

Can you shed some light on this for us?

Thank you for the time you will devote to our issue.

Cordialement,

DDPN19

Brive-la-Gaillarde.

[r3dlight]

Hi,

Thanks for reporting, yes the .sig file is missing, I'll fix it asap ! Regarding the warnings, no worry, this is just about cargo-tarpaulin (for code coverage), the syntax may have changed but this have no impact on the resulting binary once compiled. Nevertheless, I'll fix it too.

Cordialement !

[DDPN19]

Thanks for your fast feedback,

We had another issue with the Keysas admin installation.

Here's a part of the code, where we saw a "high severity vulnerability" :

root@XXX-XXX/sbin/keysas/keysas-admin# npm i vite@latest npm warn ERESOLVE overriding peer dependency npm warn While resolving: keysas-admin@2.3.0 npm warn Found: vite@4.5.3 npm warn node_modules/vite npm warn peer vite@"^4.0.0" from @vitejs/plugin-vue@4.3.4 npm warn node_modules/@vitejs/plugin-vue npm warn dev @vitejs/plugin-vue@"^4.0.0" from the root project npm warn 1 more (the root project) npm warn npm warn Could not resolve dependency: npm warn peer vite@"^4.0.0" from @vitejs/plugin-vue@4.3.4 npm warn node_modules/@vitejs/plugin-vue npm warn dev @vitejs/plugin-vue@"^4.0.0" from the root project

added 172 packages, and audited 173 packages in 57s

38 packages are looking for funding run npm fund for details

1 high severity vulnerability

To address all issues, run: npm audit fix

Run npm audit for details.

Do you have any idea about what's causing it and how to fix it?

Thanks in advance.

Cordialement,

[DDPN19]

Je reviens vers vous suite à nos échanges.

Nous sommes en train d'installer la solution Keysas sur nos ordinateurs, mais nos compétences techniques ne nous permettent pas de continuer plus loin. Pouvez-vous nous fournir une assistance technique ?

Si oui, quand êtes-vous disponible ?

Cordialement,

---

I am following up on our previous messages.

We are currently in the process of installing the Keysas solution on our computers, but our technical skills do not allow us to proceed further. Could you provide us with technical assistance?

If so, when would you be available?

Best regards,

[r3dlight]

For Keysas-admin, try to run : npm audit fix This should fix the vuln if a patch is available. To get some specific support, you should make an official request: https://cyber.gouv.fr/actualites/agir-au-coeur-des-territoires-pour-la-securite-numerique

Cheers

[r3dlight]

Hi, Pre-release v2.4 is available here: https://github.com/r3dlight/keysas/releases This should fix what you've reported ! Keep me in touch, Cheers.

[r3dlight]

Closing: no feedback.