Remove atty and tracing-tree, update hermit-abi #2581
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is in response to a security advisory stating that atty is unmaintained and recommending to use std::io::IsTerminal. https://rustsec.org/advisories/RUSTSEC-2021-0145 This fixes model-checking#2580.
This is because tracing-tree relies on atty, a package with an outstanding security vulnerability.
This is because 0.3.1 is yanked.
celinval
approved these changes
Jul 4, 2023
4 tasks
celinval
added a commit
to celinval/kani-dev
that referenced
this pull request
Aug 17, 2024
We reverted the hierarchical logs a while ago (model-checking#2581) due to an outdated depedency that has since been fixed. I think this makes the logs much more readable, by identing the logs given the scope. More than one scope makes the lines way too long, which I think it's harder to read. This is how the logs look without this change: ``` 2024-08-17T02:42:21.874979Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: handling kani::assert 2024-08-17T02:42:21.875008Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: variables: 2024-08-17T02:42:21.875026Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: let _0: Ty { id: 4, kind: RigidTy(Tuple([])) } ``` This is how it looks after this change: ``` ┐kani_compiler::codegen_cprover_gotoc::codegen::function::CodegenFunction name="kani::assert" ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug handling kani::assert ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug variables: ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug let _0: Ty { id: 4, kind: RigidTy(Tuple([])) } ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug let _1: Ty { id: 6, kind: RigidTy(Bool) } ```
github-merge-queue bot
pushed a commit
that referenced
this pull request
Aug 22, 2024
We reverted the hierarchical logs a while ago (#2581) due to an outdated dependency that has since been fixed. I think this makes the logs much more readable, by indenting the logs given the scope. More than one scope makes the lines way too long, which I think it's harder to read. This is how the logs look without this change: ``` 2024-08-17T02:42:21.874979Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: handling kani::assert 2024-08-17T02:42:21.875008Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: variables: 2024-08-17T02:42:21.875026Z DEBUG CodegenFunction{name="kani::assert"}: kani_compiler::codegen_cprover_gotoc::utils::debug: let _0: Ty { id: 4, kind: RigidTy(Tuple([])) } ``` This is how it looks after this change: ``` ┐kani_compiler::codegen_cprover_gotoc::codegen::function::CodegenFunction name="kani::assert" ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug handling kani::assert ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug variables: ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug let _0: Ty { id: 4, kind: RigidTy(Tuple([])) } ├─── DEBUG kani_compiler::codegen_cprover_gotoc::utils::debug let _1: Ty { id: 6, kind: RigidTy(Bool) } ``` By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description of changes:
This removes dependency on
atty, andtracing-tree(which depends onatty). This is in response to this security advisory:https://rustsec.org/advisories/RUSTSEC-2021-0145
attyis removed by switching tostd::io::IsTerminal.tracing-treeis removed by replacingHierarchicalLayerwith a regulartracing_subscriber::fmt::layerthat directs to stderr.The PR also updates hermit-abi to 0.3.2 from 0.3.1, in response to 0.3.1 being yanked.
Resolved issues:
Resolves #2580
Related RFC:
Optional #ISSUE-NUMBER.
Call-outs:
The removal of
tracing-treeis intended to be temporary, until they remove their dependency onatty.Testing:
I built it...
No
Checklist
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 and MIT licenses.