GNU bug report logs - #66279
Unexporting <user-account>

Previous Next

Full log

View this message in rfc822 format

From: help-debbugs <at> gnu.org (GNU bug Tracking System)
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: tracker <at> debbugs.gnu.org
Subject: bug#66279: closed (Unexporting <user-account>)
Date: Thu, 05 Oct 2023 21:30:02 +0000

[Message part 1 (text/plain, inline)]

Your message dated Thu, 05 Oct 2023 23:28:49 +0200
with message-id <87h6n421ym.fsf <at> gnu.org>
and subject line Re: bug#66279: Unexporting <user-account>
has caused the debbugs.gnu.org bug report #66279,
regarding Unexporting <user-account>
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs <at> gnu.org.)


-- 
66279: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66279
GNU Bug Tracking System
Contact help-debbugs <at> gnu.org with problems

[Message part 2 (message/rfc822, inline)]

From: Ludovic Courtès <ludo <at> gnu.org>
To: bug-guix <at> gnu.org
Subject: Unexporting <user-account>
Date: Sat, 30 Sep 2023 12:10:51 +0200

Hi Maxim,

Commit 03795e2ba27424fc98957da00f6c71325e7ae425 exports the
<user-account> record type descriptor (RTD).

Common practice is to keep RTDs private because by publishing them, we
make it harder to change the ABI (because users might be matching fields
positionally) and we make it trivial for users to forge records of that
type, bypassing any checks we may have in the official constructor (such
as “sanitizers”).

What do you think of reverting this commit?  I don’t see references to
<user-account> outside of its module.

(I’m aware there are a few other places where RTDs are exported; I think
we should eventually fix them as well.)

Ludo’.

[Message part 3 (message/rfc822, inline)]

From: Ludovic Courtès <ludo <at> gnu.org>
To: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
Cc: 66279-done <at> debbugs.gnu.org
Subject: Re: bug#66279: Unexporting <user-account>
Date: Thu, 05 Oct 2023 23:28:49 +0200

Hi,

Maxim Cournoyer <maxim.cournoyer <at> gmail.com> skribis:

> Ludovic Courtès <ludo <at> gnu.org> writes:
>
>> Hi Maxim,
>>
>> Commit 03795e2ba27424fc98957da00f6c71325e7ae425 exports the
>> <user-account> record type descriptor (RTD).
>>
>> Common practice is to keep RTDs private because by publishing them, we
>> make it harder to change the ABI (because users might be matching fields
>> positionally) and we make it trivial for users to forge records of that
>> type, bypassing any checks we may have in the official constructor (such
>> as “sanitizers”).
>
> Perhaps we should document this?  More power to the users!

Done in commit 7b710836a1c7cb921f54ead64f465bcc5333d076, based on what I
wrote above.

>> What do you think of reverting this commit?  I don’t see references to
>> <user-account> outside of its module.
>
> I'd like to note there are also valid usages requiring a record type,
> such as 'match-record' from (guix records).  Otherwise, I don't feel
> strongly about it, but if if's done I think the rationale you gave above
> should be documented in our contributing guidelines.

Alright, done as well in commit
97927608cb4f9c5d721115f1cb638de17ac38e62.

Thanks,
Ludo’.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.