Expose jsonwebtoken crypto backend as a feature#108
Merged
slinkydeveloper merged 4 commits intoApr 28, 2026
Merged
Conversation
restate-sdk-shared-core's request_identity feature previously baked in
jsonwebtoken's rust_crypto backend. If a consuming workspace also has
jsonwebtoken with aws_lc_rs enabled elsewhere in its graph, Cargo
feature unification turns both on and jsonwebtoken's provider
auto-detection panics at first use. default-features = false on
restate-sdk did not help because request_identity is in the
unconditional feature list on the shared-core dependency.
This adds rust_crypto and aws_lc_rs pass-through features (mirroring
the rustls / tokio-rustls pattern) and puts rust_crypto in the default
set so the out-of-the-box behaviour is unchanged. Consumers that need
aws_lc_rs can now do:
restate-sdk = { default-features = false, features = ["http_server", "aws_lc_rs"] }
Depends on the corresponding shared-core change; the [patch.crates-io]
entry is temporary and must be replaced with a version bump before
merge.
slinkydeveloper
approved these changes
Apr 27, 2026
slinkydeveloper
left a comment
Contributor
There was a problem hiding this comment.
lgtm, will merge later after releasing the shared core. as usual, gh outages are timely
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
restate-sdk-shared-core'srequest_identityfeature currently bakes in jsonwebtoken'srust_cryptobackend. If a consuming workspace has jsonwebtoken withaws_lc_rsenabled elsewhere in its graph, Cargo feature unification turns both on and jsonwebtoken's provider auto-detection panics at first use. Settingdefault-features = falseonrestate-sdkdoesn't help today becauserequest_identityis in the unconditional feature list on the shared-core dependency.This adds
rust_cryptoandaws_lc_rspass-through features (the same patternrustls/tokio-rustlsuse) and putsrust_cryptoin thedefaultset so out-of-the-box behaviour is unchanged. Consumers that needaws_lc_rscan now do:or enable neither and call
jsonwebtoken::crypto::CryptoProvider::install_default()themselves.Depends on restatedev/sdk-shared-core#76. The
[patch.crates-io]entry pointing at that branch is temporary so CI can build — it must be replaced with a version bump on therestate-sdk-shared-coredependency before this merges.