Thanks for raising these points. On Tue, Jun 26, 2018 at 10:02 PM, Adam Gashlin <agash...@mozilla.com> wrote: > * Already vendored crates > Can I assume any crates we have already in mozilla-central are ok to use? > Last year there was a thread that mentioned making a list of "sanctioned" > crates, did that ever come about?
I don't recall the discussion on sanctioned crates, do you have a pointer to that thread? Regardless, anything that's already vendored should be OK. > * Updates > I need winapi 0.3.5 for BITS support, currently third_party/rust/winapi is > 0.3.4. There should be no problem updating it, but should I have this > reviewed by the folks who originally vendored it into mozilla-central? While we can accommodate multiple versions of crates in-tree, we would prefer that only one version of a given crate is vendored into the tree at any one time, but sometimes this is an impractical goal to achieve. So if upgrading whatever uses winapi 0.3.4 to use 0.3.5 instead is reasonable, please do that first. If it turns out to be impractical, go ahead and vendor the duplicate crate. For review concerns, see below. > * New crates > I'd like to use the windows-service crate, which seems well written and has > few dependencies, but the first 0.1.0 release was just a few weeks ago. I'd > like to have that reviewed at least as carefully as my own code, > particularly given how much unsafety there is, but where do I draw the > line? For instance, it depends on "widestring", which is small and has been > around for a while but isn't widely used, should I have that reviewed > internally as well? Is popularity a reasonable measure? Our normal review process is all that we have used so far; I think thus far we have assumed that Rust's safety guarantees enable us to forego a more stringent review process that has sometimes been used for (some) C/C++ code. (e.g. I think modules/brotli underwent some amount of scrutiny, whereas mfbt/double-conversion was a more rubber-stamp sort of import.) This is probably not a tenable long-term position, especially given how easy it is to pull in Rust code vs. a C/C++ library. We have generally trusted people to use good judgement in what they use and how much review is required. Accordingly, I think you should request review from the people who would normally review your code, and if you have concerns about specific crates that are being vendored, you should call those crates out as needing especial review. If you or your reviewers think such reviews fall outside of your comfort zone/area of expertise/Rust capabilities, please flag myself or Ehsan, and we will work on finding people to help. Thanks, -Nathan _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
