This is the API deficiency in ed25519-dalek v1 that allows you to
mismatch public and private keys, leading to a (fatal)
double-signing attack. We have worked around this in our current
design, so it's appropriate to suppress this warning for now.
Currently, the `maint/coverage` script does not inform about the
dependencies required for generating the HTML output, those are, the
Python packages `bs4` and `lxml`.
This commit fixes that, by updating the help section accordingly.
This commit removes a list we provide for the supported grcov formats.
In my opinion, this is a practice of bad software engineering, as we would then
have to maintain this list by ourselves.
Therefore, this commit removes this list from the `maint/with_coverage` script
and replaces it with a references to the accompanying grcov command.
The build found a stale private doc comment as well as an exception
that needed to be made in check_doc_features.
The check_doc_features change solidifies a decision that things marked
with cfg(fuzzing) aren't part of the documented API.
Closes#945.
Based on @diziet's comment in #945, with a little extra safety and
paranoia. We use this for cases when there are trivial changes only
in one of our crates.
Narrows the previous check, allowing this particular LGPL
only for the hashx and equix crates.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
This replaces the 'TODO' marker from earlier commits, using tevador's
copyright and license (LGPL 3.0 only) for the hashx and equix crates.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
This is a new pure Rust implementation of the HashX algorithm
designed by tevador for Tor's onion service proof of work puzzle v1.
HashX is a lightweight family of randomly generated hash functions.
A seed, via blake2 and siphash, drives a program generation model
which randomly selects opcodes and registers while following some
constraints that avoid timing stalls or insufficient hash mixing.
The execution of these hash funcions can be done using a pure Rust
interpreter, or about 20x faster using a very simple just in time
compiler based on the dynasm assembler crate. This has been
implemented for x86_64 and aarch64.
Signed-off-by: Micah Elizabeth Scott <beth@torproject.org>
This is failing in CI. I have no idea what the rules are and AFAICT
no-one is alleging that there is an actual bug in the attributes.
Empirically this suppression causes the script to pass.
This is a perf issue, only. If tests are too slow, we will notice and
ca speed them up. We should optimise for clarity and convenience,
rather than speed.
Forbidding this can result in churn between vec![] and [] as tests are
updated and changed.
Rationale: no-one writes these by default without thinkinh. If they
are unnecessary, then either the string must have had " in it
before (in which case it might do again), or it is near other strings
which *do* need it.
And having it does no harm; indeed IMO it can increase clarity.
Alternative to !1388's
Fix new "needless_raw_string_hashes" lint from clippy +nightly
Now with cargo semver-checks >= 0.22.1, we no longer need to
jump through hoops in order to only look at the `full` features.
This, combined with our work on `fixup-features`, lets us be
confident that we're only looking at semver breakage in experimental
code.
These are available in our MSRV now, so we don't need to handle
specially. We can just add them to the standard lint block.
(Lint block in every crate will be updated automatically in the next
commit.)
The options are rather complicated; because we do not want to
subject our experimental features to semver, we need to run generate
JSON rustdoc on our own and then pass that JSON to
cargo-semver-checks. This in turn requires us to use the same
options that cargo-semver-checks uses, including "RUSTC_BOOTSTRAP".
I've left some TODOs here in places where we will likely want to
improve our code in the future.
See #711.
Previously we allowed this license unconditionally. But because of its
non-self-enacting nature, we need the actual notice from its "exhibit A"
to appear somewhere that says that it applies to all the relevant code.
Therefore, we shouldn't take new MPL-2.0 dependencies without
hand-checking them. (I am tentatively allowing option-ext, though,
since we already have an indirect dependency on that crate via
`directories`.)
For more info, see https://gitlab.torproject.org/tpo/core/arti/-/issues/845
When building our list of acknowledgments, previously we would only
include author and committer names.
Now we also include anybody listed in the "Reported-by",
"Co-authored-by", and "Thanks" trailers.
The generational-arena crate is distributed under MPL-2.0,
so we need to allow it.
I believe that this license is fine and does not interfere with
our code or our users; the reviewer should double-check.