-
Notifications
You must be signed in to change notification settings - Fork 159
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support custom search directories #814
Conversation
Codecov Report
@@ Coverage Diff @@
## master #814 +/- ##
==========================================
+ Coverage 46.36% 47.08% +0.72%
==========================================
Files 146 146
Lines 59468 59488 +20
==========================================
+ Hits 27571 28009 +438
+ Misses 31897 31479 -418
Continue to review full report at Codecov.
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you, this is very nicely done! My only request (besides to stylistic comment I have below) is that you also update the book documentation, in docs/src/v2cli/compile.md
. A copy-paste of the help message is basically all that's needed.
Personally, I think that search-path
is a great name for this option.
Fixed those two things. There's a couple more things that might be worth fixing
|
846b1b0
to
40e51ce
Compare
40e51ce
to
6faaa53
Compare
Thank you! I've pushed a tiny tweak to keep the unstable options alphabetized in the docs, and will merge once CI passes (modulo the arxiv test expected failure). (Whenever I have a list of things in source that doesn't have any inherent ordering, I try to keep it alphabetized for tidiness.) edit: FWIW, my feeling is that adding search paths isn't necessarily something that should be blocked with untrusted inputs, but we can always change that later if needed. The person invoking the program is always going to be able to choose what gets input, they just may not have detailed knowledge of what engine functionality that input attempts to invoke. It would definitely have security implications if there was some kind of |
The use case for In that case, it's relatively easy to make it always allowed, without completely stripping out security support: diff --git a/crates/bridge_core/src/lib.rs b/crates/bridge_core/src/lib.rs
index 7aa496b0..1eaeacd1 100644
--- a/crates/bridge_core/src/lib.rs
+++ b/crates/bridge_core/src/lib.rs
@@ -767,7 +767,7 @@ impl SecuritySettings {
/// Query whether we're allowed to specify extra paths to read files from.
pub fn allow_extra_search_paths(&self) -> bool {
- !self.disable_insecures
+ true
}
} |
@ralismark That's right. There basically isn't any choice to trusting the user that's invoking the code, because they can alter the environment and set up The Windows vcpkg build has an error that I think must have been introduced with Rust 1.55, which was released today, since the build worked before. I'll merge this and iron that out in another PR. |
@pkgw just a note that what's in master doesn't have that above patch to allow extra search paths in |
@ralismark Right. Creating a nice opportunity for someone to get their feet wet with a small pull request :-) (Basically I didn't want to wait for CI to run again, which isn't a very good reason but we're being too careful, not too sloppy, so I don't feel too bad about leaving this loose end dangling.) |
Just some questions/observations, about this as well as untrusted now doing two things.
For now i'll just say if 2 becomes a thing the behavior of the There is a worry here that untrusted disables both shell-escape and search-paths, when one might want to disable one without the other. It is a bit concerning that Edit: Should probably say i'm interested in working on this if any of the above sounds okay to yourselves |
@ratmice Thanks for your comments! Here's a smattering of responses ...
So in terms of working on things:
Finally, I'll mention a related but distinct idea. I'd like to eventually add a |
This add the
-Z search-path
option, which make tectonic look in additional paths for files.Resolves #755.
I'm not that much of a fan of that option name (maybe something like
-Zinclude
is better?), so if you have any suggestions I'm happy to change this PR.Todo:
--hide
support