This repository has been archived by the owner on May 4, 2024. It is now read-only.
RUSTSEC in dependencies in branch main #5
Labels
Comments
jiangying000
pushed a commit
to jiangying000/move
that referenced
this issue
Sep 20, 2022
wrwg
added a commit
that referenced
this issue
May 1, 2024
* [compiler v2] Resource access control (read-write sets)
This is an e2e implementation of resource access control for Move, with most parts in place:
- Replaces the acquires syntax in a downwards-compatible way
- The extended syntax is only available in compiler v2
- One can now specify `acquires`, `reads`, and `writes`
- One can specify the address of a resource in dependency of parameters
- Multiple levels of wildcards are allowed, e.g. `acquires *(object::address_of(param))` specifies that all resources at the given address are read or written.
- Implements parsing->expansion->move model->file format generator
- Extends `file_format::FunctionHandle` to carry the new information, introducing bytecode version v7. v7 became the new experimental version only available in test code for now.
- TODO: dynamic runtime checking of resource access. Static analysis is also on the horizon, but not needed for an MVP of this feature.
- TODO: bytecode verification of access specifiers
An AIP for this new feature will be filed soon.
As an example, here is some extract from the tests:
```move
module 0x42::m {
struct S has store {}
struct R has store {}
struct T has store {}
struct G<T> has store {}
fun f1() acquires S {
}
fun f2() reads S {
}
fun f3() writes S {
}
fun f4() acquires S(*) {
}
fun f_multiple() acquires R reads R writes T, S reads G<u64> {
}
fun f5() acquires 0x42::*::* {
}
fun f6() acquires 0x42::m::R {
}
fun f7() acquires *(*) {
}
fun f8() acquires *(0x42) {
}
fun f9(a: address) acquires *(a) {
}
fun f10(x: u64) acquires *(make_up_address(x)) {
}
fun make_up_address(x: u64): address {
@0x42
}
}
```
* Addressing reviewer comments
* Addressing reviewer comments #2
* Addressing reviewer comments #3
* Addressing reviewer comments #4
* Reviewer comments #5
GitOrigin-RevId: 58271fd3a4dd3279c4112ba2fff79e28b46149c0
wrwg
added a commit
that referenced
this issue
May 1, 2024
* [compiler v2] Resource access control (read-write sets)
This is an e2e implementation of resource access control for Move, with most parts in place:
- Replaces the acquires syntax in a downwards-compatible way
- The extended syntax is only available in compiler v2
- One can now specify `acquires`, `reads`, and `writes`
- One can specify the address of a resource in dependency of parameters
- Multiple levels of wildcards are allowed, e.g. `acquires *(object::address_of(param))` specifies that all resources at the given address are read or written.
- Implements parsing->expansion->move model->file format generator
- Extends `file_format::FunctionHandle` to carry the new information, introducing bytecode version v7. v7 became the new experimental version only available in test code for now.
- TODO: dynamic runtime checking of resource access. Static analysis is also on the horizon, but not needed for an MVP of this feature.
- TODO: bytecode verification of access specifiers
An AIP for this new feature will be filed soon.
As an example, here is some extract from the tests:
```move
module 0x42::m {
struct S has store {}
struct R has store {}
struct T has store {}
struct G<T> has store {}
fun f1() acquires S {
}
fun f2() reads S {
}
fun f3() writes S {
}
fun f4() acquires S(*) {
}
fun f_multiple() acquires R reads R writes T, S reads G<u64> {
}
fun f5() acquires 0x42::*::* {
}
fun f6() acquires 0x42::m::R {
}
fun f7() acquires *(*) {
}
fun f8() acquires *(0x42) {
}
fun f9(a: address) acquires *(a) {
}
fun f10(x: u64) acquires *(make_up_address(x)) {
}
fun make_up_address(x: u64): address {
@0x42
}
}
```
* Addressing reviewer comments
* Addressing reviewer comments #2
* Addressing reviewer comments #3
* Addressing reviewer comments #4
* Reviewer comments #5
GitOrigin-RevId: 58271fd3a4dd3279c4112ba2fff79e28b46149c0
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Found RUSTSEC in dependencies in job https://github.com/move-language/move/actions/runs/2155593820
The text was updated successfully, but these errors were encountered: