fix: Move off atty to resolve soundness issue#11420
Merged
bors merged 1 commit intorust-lang:masterfrom Nov 25, 2022
Merged
Conversation
Collaborator
|
r? @ehuss (rustbot has picked a reviewer for you, use r? to override) |
weihanglo
approved these changes
Nov 25, 2022
Member
weihanglo
left a comment
There was a problem hiding this comment.
Thanks for the quick patch!
Cargo.toml
Outdated
|
|
||
| [dependencies] | ||
| atty = "0.2" | ||
| is-terminal = "0.4.0" |
Member
Contributor
There was a problem hiding this comment.
I'm a little concerned about switching to rustix, and I echo the concerns at #10309 (comment). Do we know how well this will handle the myriad of platforms cargo is used on? I suppose one option is to push it out and see if anyone complains, but I think we should be prepared to revert this if needed.
Member
There was a problem hiding this comment.
Alternatively, we can continue using atty for Unix. Only on Windows do we use rustix, which effectively uses libc. Does this sound reasonable?
Contributor
There was a problem hiding this comment.
I don't have a particular opinion about what to use. Just pointing out to beware of the risks of this change. Maybe @joshtriplett may have some thoughts, or maybe a better sense of when IsTerminal could be stabilized, in which case we could just wait or switch to that soon.
There is a soundness issue with atty when building on Windows with a custom allocator. This PR switches direct dependencies on atty to is-terminal. New semver compatible versions of clap and snapbox remove atty. rust-lang#11417 upgrades env_logger to remove it from there. Fixes rust-lang#11415
Member
|
@bors r+ |
Contributor
Contributor
Contributor
|
☀️ Test successful - checks-actions |
weihanglo
added a commit
to weihanglo/rust
that referenced
this pull request
Nov 25, 2022
5 commits in ba607b23db8398723d659249d9abf5536bc322e5..e027c4b5d25af2119b1956fac42863b9b3242744 2022-11-22 20:52:39 +0000 to 2022-11-25 19:44:46 +0000 - fix: Move off atty to resolve soundness issue (rust-lang/cargo#11420) - add newline char to `cargo install .` error message for easier reading. (rust-lang/cargo#11401) - chore: Upgrade to env_logger (rust-lang/cargo#11417) - Change rustdoc-scrape-examples to be a target-level configuration (rust-lang/cargo#10343) - temporarily disable test `lto::test_profile` (rust-lang/cargo#11419)
matthiaskrgr
added a commit
to matthiaskrgr/rust
that referenced
this pull request
Nov 26, 2022
Update cargo 5 commits in ba607b23db8398723d659249d9abf5536bc322e5..e027c4b5d25af2119b1956fac42863b9b3242744 2022-11-22 20:52:39 +0000 to 2022-11-25 19:44:46 +0000 - fix: Move off atty to resolve soundness issue (rust-lang/cargo#11420) - add newline char to `cargo install .` error message for easier reading. (rust-lang/cargo#11401) - chore: Upgrade to env_logger (rust-lang/cargo#11417) - Change rustdoc-scrape-examples to be a target-level configuration (rust-lang/cargo#10343) - temporarily disable test `lto::test_profile` (rust-lang/cargo#11419) r+ `@ghost`
weihanglo
added a commit
to weihanglo/rust
that referenced
this pull request
Nov 27, 2022
5 commits in ba607b23db8398723d659249d9abf5536bc322e5..e027c4b5d25af2119b1956fac42863b9b3242744 2022-11-22 20:52:39 +0000 to 2022-11-25 19:44:46 +0000 - fix: Move off atty to resolve soundness issue (rust-lang/cargo#11420) - add newline char to `cargo install .` error message for easier reading. (rust-lang/cargo#11401) - chore: Upgrade to env_logger (rust-lang/cargo#11417) - Change rustdoc-scrape-examples to be a target-level configuration (rust-lang/cargo#10343) - temporarily disable test `lto::test_profile` (rust-lang/cargo#11419)
bors
added a commit
to rust-lang-ci/rust
that referenced
this pull request
Nov 28, 2022
Update cargo 5 commits in ba607b23db8398723d659249d9abf5536bc322e5..e027c4b5d25af2119b1956fac42863b9b3242744 2022-11-22 20:52:39 +0000 to 2022-11-25 19:44:46 +0000 - fix: Move off atty to resolve soundness issue (rust-lang/cargo#11420) - add newline char to `cargo install .` error message for easier reading. (rust-lang/cargo#11401) - chore: Upgrade to env_logger (rust-lang/cargo#11417) - Change rustdoc-scrape-examples to be a target-level configuration (rust-lang/cargo#10343) - temporarily disable test `lto::test_profile` (rust-lang/cargo#11419) r+ `@ghost`
RalfJung
pushed a commit
to RalfJung/miri
that referenced
this pull request
Dec 3, 2022
Update cargo 5 commits in ba607b23db8398723d659249d9abf5536bc322e5..e027c4b5d25af2119b1956fac42863b9b3242744 2022-11-22 20:52:39 +0000 to 2022-11-25 19:44:46 +0000 - fix: Move off atty to resolve soundness issue (rust-lang/cargo#11420) - add newline char to `cargo install .` error message for easier reading. (rust-lang/cargo#11401) - chore: Upgrade to env_logger (rust-lang/cargo#11417) - Change rustdoc-scrape-examples to be a target-level configuration (rust-lang/cargo#10343) - temporarily disable test `lto::test_profile` (rust-lang/cargo#11419) r+ `@ghost`
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
There is a soundness issue with atty when building on Windows with a custom allocator.
This PR switches direct dependencies on atty to is-terminal. New semver compatible versions of clap and snapbox remove atty. #11417 upgrades env_logger to remove it from there.
Fixes #11416