-
Notifications
You must be signed in to change notification settings - Fork 30
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding security-warnings to #[must_use] #90
Comments
I have gotten positive feedback on this and it will therefor be implemented. This is based on the same assumption as mentioned above: that users hopefully will be more cautious about ignoring such
|
@colelawrence expressed interest and is taking this on. |
Remove redundant must_use from internal fns
* Address #90: Add must_use message to pub Results Remove redundant must_use from internal fns * Fix formatting for build step * Remove must_use for Sha512::init * Remove must_use for struct Hmac * Remove must_use for Poly1305::init * Update must_use messages in chacha20.rs * run cargo fmt
Fixed in #95. |
Functions that return a
Result
generate a warning when these are not used:This is the standard warning for a
Result
, but adding an explicit security warning to these functions may help users understand the importance of not ignoring aResult
. Adding this would then produce two separate warnings by the compiler:#[must_use = "SECURITY WARNING: Ignoring a Result may have security-implications."]
The question is whether this approach is worthwhile.
Edit: If this is decided against, then we should remove the useless
#[must_use]
onResult
as mentioned in #89.The text was updated successfully, but these errors were encountered: