Update Rust crate lazy-regex to 3.4.2

moneymgr_backend/Cargo.lock

@@ -717,9 +717,9 @@ dependencies = [
 
 [[package]]
 name = "clap"
-version = "4.5.53"
+version = "4.5.51"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c9e340e012a1bf4935f5282ed1436d1489548e8f72308207ea5df0e23d2d03f8"
+checksum = "4c26d721170e0295f191a69bd9a1f93efcdb0aff38684b61ab5750468972e5f5"
 dependencies = [
  "clap_builder",
  "clap_derive",
@@ -727,9 +727,9 @@ dependencies = [
 
 [[package]]
 name = "clap_builder"
-version = "4.5.53"
+version = "4.5.51"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d76b5d13eaa18c901fd2f7fca939fefe3a0727a953561fefdf3b2922b8569d00"
+checksum = "75835f0c7bf681bfd05abe44e965760fea999a5286c6eb2d59883634fd02011a"
 dependencies = [
  "anstream",
  "anstyle",
@@ -941,9 +941,9 @@ dependencies = [
 
 [[package]]
 name = "crypto-common"
-version = "0.2.0-rc.5"
+version = "0.2.0-rc.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "919bd05924682a5480aec713596b9e2aabed3a0a6022fab6847f85a99e5f190a"
+checksum = "6a8235645834fbc6832939736ce2f2d08192652269e11010a6240f61b908a1c6"
 dependencies = [
  "hybrid-array",
 ]
@@ -1152,13 +1152,13 @@ dependencies = [
 
 [[package]]
 name = "digest"
-version = "0.11.0-rc.4"
+version = "0.11.0-rc.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ea390c940e465846d64775e55e3115d5dc934acb953de6f6e6360bc232fe2bf7"
+checksum = "dac89f8a64533a9b0eaa73a68e424db0fb1fd6271c74cc0125336a05f090568d"
 dependencies = [
  "block-buffer 0.11.0-rc.5",
  "const-oid 0.10.1",
- "crypto-common 0.2.0-rc.5",
+ "crypto-common 0.2.0-rc.4",
 ]
 
 [[package]]
@@ -2297,7 +2297,7 @@ dependencies = [
  "rust_xlsxwriter",
  "serde",
  "serde_json",
- "sha2 0.11.0-rc.3",
+ "sha2 0.11.0-rc.2",
  "tempfile",
  "thiserror 2.0.17",
  "tokio",
@@ -3300,13 +3300,13 @@ dependencies = [
 
 [[package]]
 name = "sha2"
-version = "0.11.0-rc.3"
+version = "0.11.0-rc.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "19d43dc0354d88b791216bb5c1bfbb60c0814460cc653ae0ebd71f286d0bd927"
+checksum = "d1e3878ab0f98e35b2df35fe53201d088299b41a6bb63e3e34dada2ac4abd924"
 dependencies = [
  "cfg-if",
  "cpufeatures",
- "digest 0.11.0-rc.4",
+ "digest 0.11.0-rc.3",
 ]
 
 [[package]]

moneymgr_backend/Cargo.toml

@@ -8,7 +8,7 @@ env_logger = "0.11.8"
 log = "0.4.28"
 diesel = { version = "2.2.12", features = ["postgres", "r2d2"] }
 diesel_migrations = "2.2.0"
-clap = { version = "4.5.53", features = ["env", "derive"] }
+clap = { version = "4.5.51", features = ["env", "derive"] }
 actix-web = "4.11.0"
 actix-cors = "0.7.1"
 actix-multipart = "0.7.2"
@@ -30,7 +30,7 @@ lazy-regex = "3.4.2"
 jwt-simple = { version = "0.12.13", default-features = false, features = ["pure-rust"] }
 mime_guess = "2.0.5"
 rust-embed = { version = "8.7.2" }
-sha2 = "0.11.0-rc.3"
+sha2 = "0.11.0-rc.2"
 base16ct = "0.2.0"
 httpdate = "1.0.3"
 chrono = "0.4.42"

moneymgr_backend/src/app_config.rs

@@ -22,6 +22,10 @@ pub struct AppConfig {
     #[clap(short = 'S', long, env, default_value = "")]
     secret: String,
 
+    /// Specify whether the cookie should be transmitted only over secure connections
+    #[clap(long, env)]
+    pub cookie_secure: bool,
+
     /// Unsecure : for development, bypass authentication, using the account with the given
     /// email address by default
     #[clap(long, env)]
@@ -157,6 +161,23 @@ impl AppConfig {
         self.unsecure_auto_login_email().is_some()
     }
 
+    /// Get auth cookie domain
+    pub fn cookie_domain(&self) -> Option<String> {
+        if cfg!(debug_assertions) {
+            let domain = self.website_origin.split_once("://")?.1;
+            Some(
+                domain
+                    .split_once(':')
+                    .map(|s| s.0)
+                    .unwrap_or(domain)
+                    .to_string(),
+            )
+        } else {
+            // In release mode, the web app is hosted on the same origin as the API
+            None
+        }
+    }
+
     /// Get app secret
     pub fn secret(&self) -> &str {
         let mut secret = self.secret.as_str();

moneymgr_backend/src/controllers/files_controller.rs

@@ -63,23 +63,24 @@ pub async fn download(
 pub async fn serve_file(req: HttpRequest, file: &File, download_file: bool) -> HttpResult {
     if !download_file {
         // Check if the browser already knows the etag
-        if let Some(c) = req.headers().get(header::IF_NONE_MATCH)
-            && c.to_str().unwrap_or("") == file.sha512.as_str()
-        {
+        if let Some(c) = req.headers().get(header::IF_NONE_MATCH) {
+            if c.to_str().unwrap_or("") == file.sha512.as_str() {
                 return Ok(HttpResponse::NotModified().finish());
             }
+        }
 
         // Check if the browser already knows the file by date
         if let Some(c) = req.headers().get(header::IF_MODIFIED_SINCE) {
             let date_str = c.to_str().unwrap_or("");
-            if let Ok(date) = httpdate::parse_http_date(date_str)
-                && date.add(Duration::from_secs(1))
+            if let Ok(date) = httpdate::parse_http_date(date_str) {
+                if date.add(Duration::from_secs(1))
                     >= time_utils::unix_to_system_time(file.time_create as u64)
                 {
                     return Ok(HttpResponse::NotModified().finish());
                 }
             }
         }
+    }
     let mut res = HttpResponse::Ok();
     res.content_type(file.mime_type.as_str())
         .insert_header(("etag", file.sha512.as_str()))

moneymgr_backend/src/controllers/movement_controller.rs

@@ -64,11 +64,11 @@ pub async fn get_list_of_account(
         });
     }
 
-    if let Some(limit) = query.limit
-        && list.len() > limit
-    {
+    if let Some(limit) = query.limit {
+        if list.len() > limit {
             list = list[..limit].to_vec();
         }
+    }
 
     Ok(HttpResponse::Ok().json(list))
 }

moneymgr_backend/src/extractors/auth_extractor.rs

@@ -120,9 +120,8 @@ impl FromRequest for AuthExtractor {
                 }
 
                 // Check IP restriction
-                if let Some(net) = token.ip_net()
-                    && !net.contains(&remote_ip.0)
-                {
+                if let Some(net) = token.ip_net() {
+                    if !net.contains(&remote_ip.0) {
                         log::error!(
                             "Trying to use token {:?} from unauthorized IP address: {remote_ip:?}",
                             token.id()
@@ -131,6 +130,7 @@ impl FromRequest for AuthExtractor {
                             "This token cannot be used from this IP address!",
                         ));
                     }
+                }
 
                 // Check for write access
                 if token.read_only && !req.method().is_safe() {
@@ -163,11 +163,11 @@ impl FromRequest for AuthExtractor {
                 };
 
                 // Update last use (if needed)
-                if token.shall_update_time_used()
-                    && let Err(e) = tokens_service::update_time_used(&token).await
-                {
+                if token.shall_update_time_used() {
+                    if let Err(e) = tokens_service::update_time_used(&token).await {
                         log::error!("Failed to refresh last usage of token! {e}");
                     }
+                }
 
                 // Handle tokens expiration
                 if token.is_expired() {

moneymgr_backend/src/services/inbox_service.rs

@@ -23,11 +23,11 @@ impl UpdateInboxEntryQuery {
         let constraints = ServerConstraints::default();
 
         // Check inbox entry label
-        if let Some(label) = &self.label
-            && !constraints.inbox_entry_label.check_str(label)
-        {
+        if let Some(label) = &self.label {
+            if !constraints.inbox_entry_label.check_str(label) {
                 return Ok(Some("Invalid inbox entry label length!"));
             }
+        }
 
         // Check the referenced movement
         if let Some(movement_id) = self.movement_id {

moneymgr_backend/src/services/movements_service.rs

@@ -55,12 +55,13 @@ impl UpdateMovementQuery {
         if let Ok(movement) =
             get_by_account_label_amount_time(self.account_id, &self.label, self.amount, self.time)
                 .await
-            && Some(movement.id()) != ref_movement
         {
+            if Some(movement.id()) != ref_movement {
                 return Ok(Some(
                     "A movement taken at the same time with the same label and the same amount already exists!",
                 ));
             }
+        }
 
         Ok(None)
     }

moneymgr_mobile/pubspec.yaml

@@ -111,7 +111,7 @@ dev_dependencies:
   flutter_launcher_icons: ^0.14.4
 
   # Generate source code
-  build_runner: 2.10.4
+  build_runner: 2.10.1
 
   # Riverpod code generation
   riverpod_generator: ^2.6.5

moneymgr_web/package.json

@@ -18,9 +18,9 @@
     "@mdi/react": "^1.6.1",
     "@mui/icons-material": "^7.1.2",
     "@mui/material": "^7.1.2",
-    "@mui/x-charts": "^8.18.0",
-    "@mui/x-data-grid": "^8.19.0",
-    "@mui/x-date-pickers": "^8.17.0",
+    "@mui/x-charts": "^8.16.0",
+    "@mui/x-data-grid": "^8.15.0",
+    "@mui/x-date-pickers": "^8.15.0",
     "date-and-time": "^3.6.0",
     "dayjs": "^1.11.19",
     "filesize": "^10.1.6",
@@ -32,15 +32,15 @@
     "ts-pattern": "^5.8.0"
   },
   "devDependencies": {
-    "@eslint/js": "^9.39.1",
-    "@types/react": "^19.2.6",
-    "@types/react-dom": "^19.2.3",
+    "@eslint/js": "^9.38.0",
+    "@types/react": "^19.2.2",
+    "@types/react-dom": "^19.2.2",
     "@vitejs/plugin-react": "^4.7.0",
-    "eslint": "^9.39.1",
+    "eslint": "^9.32.0",
     "eslint-plugin-react-dom": "^1.52.4",
     "eslint-plugin-react-hooks": "^5.2.0",
     "eslint-plugin-react-refresh": "^00.4.20",
-    "eslint-plugin-react-x": "^1.53.1",
+    "eslint-plugin-react-x": "^1.52.9",
     "globals": "^16.3.0",
     "typescript": "~5.8.3",
     "typescript-eslint": "^8.32.1",