Conversation
This commit must be followed by an update of preloaded and bootstrap modules before any `-unsafe` directives are added to OTP.
|
Is the -unsafe attribute only meant to be used by Erlang/OTP, or is it meant to be available to everyone? Should the functions that are unsafe have metadata in the doc chunk so that ExDoc can render it? |
The idea is to make it available to everyone, the only privilege is that there will be compiler warnings for calls to unsafe functions within Erlang/OTP (everyone else will have to leave that to |
%% Finds all cross-application calls to explicitly hidden %% functions xref:q(XR, "((Fun) strict AE) || DC_2", []).
jhogberg
force-pushed
the
john/tools/xref-undocumented
branch
from
5ef6b33 to
7789ff1
Compare
| crypto:private_decrypt/4 unsafe=29 | ||
| crypto:private_encrypt/4 unsafe=29 | ||
| crypto:public_decrypt/4 unsafe=29 | ||
| crypto:public_encrypt/4 unsafe=29 | ||
| erlang:binary_to_atom/_ unsafe=29 | ||
| erlang:binary_to_term/_ unsafe=29 | ||
| erlang:list_to_atom/1 unsafe=29 | ||
| file:consult/_ unsafe=29 | ||
| file:path_consult/_ unsafe=29 | ||
| http_uri:_/_ unsafe=29 | ||
| os:cmd/_ unsafe=29 | ||
| public_key:decrypt_private/2 unsafe=29 | ||
| public_key:decrypt_public/2 unsafe=29 | ||
| public_key:encrypt_private/2 unsafe=29 | ||
| public_key:encrypt_public/2 unsafe=29 | ||
|
|
||
| ## Possibly unsafe | ||
| public_key:decrypt_private/3 unsafe=29 | ||
| public_key:decrypt_public/3 unsafe=29 | ||
| public_key:encrypt_private/3 unsafe=29 | ||
| public_key:encrypt_public/3 unsafe=29 |
There was a problem hiding this comment.
As an aside, I'm still on the fence whether to put this in 28 (maint) or 29 (master), so the version's off for the time being.
bjorng
left a comment
bjorng
left a comment
There was a problem hiding this comment.
Overall looks good to me. I only found a few things.
| -compile(nowarn_deprecated_catch). | ||
| -compile([{nowarn_unsafe_function, {erlang, list_to_atom, 1}}, | ||
| {nowarn_unsafe_function, {erlang, binary_to_atom, 2}}, | ||
| nowarn_deprecated_catch]). |
There was a problem hiding this comment.
nowarn_deprecated_catch is not needed if you merge this PR to master; the old-style catch has been eliminated.
3 participants
This PR is required to make #10431 happen. It's up for review but will not be merged as-is, as bootstrap etc must be wrangled separately before merging.