New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
cargo-crev
review
#15
Comments
Thanks! I appreciate the feedback! I'll process it in a bit when I get some time. |
Hi @dpc, thanks again for the review! Some very good observations and feedback. I've commented on the review here: It resulted in a number of improvements. Thanks! There are some overall API decisions done early on in the project (avoiding There's an underlying issue around I can see a couple of solutions: Ask for changes upstream to provide I certainly don't trust myself to get raw pointers right, but I did spend some time fussing over it. Given the explanation as to why they are there, I would obviously appreciate any concrete thoughts on how I'm misusing them. Maybe this project in its current form can never reach the standard you're looking for to give it a neutral to positive review. However I'm keen to know what it would take. |
A follow up comment. It was quite some time since I wrote this, and I had to retrace the steps in my brain as to why I think my unsafe use might be ok.
So the struct, once created, will be forced by rust to stay on the current thread. Returning the pooled connection can happen in two ways – either by reaching end-of-stream or by drop trait. The guard that pool return happens only once is not thread safe, but the struct is locked to the thread already. The wrapped reader, which currently "owns" the stream we try to bring back, is first removed. Unless there's some funky stuff going on in places like ChunkedDecoder, this will deallocate both that decoder the So bringing the stream back should at this point be ok. Granted, I do not trust myself here. |
I am looking for a http request crate that would be tiny (LoC-wise), comparing to
reqwest
, with ability to disable anything other than the simplest plain http, suitable for security-concious environments (like querying BitcoinCore RPC port, etc.) . I was suggestedureq
, so I decided to review the source.Here's the result: dpc/crev-proofs@42a3b5c
Sorry for giving a negative review, but the point of reviewing is to judge and point out problems. I also reserve a right to be wrong about some parts. :)
I hope at least it will help you improve some stuff.
The text was updated successfully, but these errors were encountered: