Skip to main content

anvil_ssh/
lib.rs

1// SPDX-License-Identifier: GPL-3.0-or-later
2// Rust guideline compliant 2026-04-05
3// S3: enforce zero unsafe in all project-owned code at compile time.
4#![forbid(unsafe_code)]
5//! # anvil-ssh
6//!
7//! Pure-Rust SSH library for Git: transport, keys, signing, agent.
8//!
9//! Built on [`russh`](https://docs.rs/russh) v0.59, it replaces the
10//! general-purpose `ssh` binary in the Git transport pipeline, plus the
11//! subset of `ssh-keygen`, `ssh-add`, and `ssh-agent` that day-to-day Git
12//! workflows need.  Works against GitHub, GitLab, Codeberg, AUR, sourcehut,
13//! and self-hosted Git instances.
14//!
15//! ## Quick start
16//!
17//! ```no_run
18//! use anvil_ssh::{AnvilConfig, AnvilSession};
19//!
20//! # async fn doc() -> Result<(), anvil_ssh::AnvilError> {
21//! // GitHub
22//! let config = AnvilConfig::github();
23//! // GitLab
24//! let config = AnvilConfig::gitlab();
25//! // Codeberg
26//! let config = AnvilConfig::codeberg();
27//!
28//! let mut session = AnvilSession::connect(&config).await?;
29//! session.authenticate_best(&config).await?;
30//!
31//! let exit_code = session.exec("git-upload-pack 'user/repo.git'").await?;
32//! session.close().await?;
33//! # Ok(())
34//! # }
35//! ```
36//!
37//! ## Design principles
38//!
39//! - **Pinned host keys** — SHA-256 fingerprints for GitHub, GitLab, and
40//!   Codeberg are embedded; no TOFU (Trust On First Use) for known hosts.
41//! - **Narrow scope** — only exec channels; no PTY, SFTP, or port forwarding.
42//! - **Post-quantum ready** — uses `aws-lc-rs` for cryptography.
43//! - **Metric / SI / ISO 8601** throughout all timestamps and measurements.
44
45pub mod agent;
46pub mod algorithms;
47pub mod allowed_signers;
48pub mod auth;
49pub mod cert_authority;
50pub mod config;
51pub mod diagnostic;
52pub mod error;
53pub mod hostkey;
54pub mod keygen;
55pub mod log;
56pub mod proxy;
57pub mod relay;
58pub mod session;
59pub mod sshsig;
60pub mod time;
61
62// `ssh_config(5)` parser and resolver.  Public API is re-exported below;
63// the sub-modules (lexer, parser, include, matcher, resolver) themselves
64// are crate-private.
65pub mod ssh_config;
66
67// ── Flat re-exports (FR-23) ───────────────────────────────────────────────────
68
69pub use config::AnvilConfig;
70pub use error::AnvilError;
71pub use session::AnvilSession;
72pub use ssh_config::{
73    AlgList, DirectiveSource, ResolvedSshConfig, SshConfigPaths, StrictHostKeyChecking,
74};
75
76// ── Deprecated 0.1.x compatibility aliases ────────────────────────────────────
77//
78// Re-export the renamed types under their legacy `Gitway*` names so that
79// crates which depended on `anvil-ssh = "0.1"` (or the `gitway-lib` shim
80// that re-exports `anvil_ssh::*`) continue to compile after the 0.2.0
81// rename.  These aliases emit a `#[deprecated]` warning on use; remove
82// them in 1.0 per Gitway PRD §7.4.
83
84#[deprecated(since = "0.2.0", note = "renamed to `AnvilSession`")]
85pub use AnvilSession as GitwaySession;
86
87#[deprecated(since = "0.2.0", note = "renamed to `AnvilConfig`")]
88pub use AnvilConfig as GitwayConfig;
89
90#[deprecated(since = "0.2.0", note = "renamed to `AnvilError`")]
91pub use AnvilError as GitwayError;