naugtur
commented
10 months ago It’s not clear to me at a glance how the change effects the fix described but we can talk that thru at next sync.
The fix for attenuators is to allow importing all into the attenuators compartment instead of trying to resolve a specifier into a policy resource identifier, which is a lot of work and implemented far away :)
The fix in archive is pretty much independent, but the switch to packages: 'any' in attenuators compartment policy caused a pre-existing bug to surface.
The line I removed and replaced with a comment in archive.js was never reached in testing. Otherwise it would fail, because soon after the compartment map translation is performed, validation rejects a compartment map which has an undefined compartment for a module.
My fixtures for policy testing happen to trigger that error now, while previously the list of modules for the attenuators compartment was trimmed by the policy to not include the one that doesn't get retained in an archive.
I'm looking forward to discussing my assumptions and decisions. Don't mind keeping this open till Wed, but I'm not sure if I'm gonna be able to attend while at NodeConfEU. We'll see.
kriskowal
Update:
The problem identified when fixing attenuators policy turns out to not exist when we allow skipping setting empty values for policy resources for packages we want to endow no powers to.
I decided to solve that right away.
The current state of the PR is a work in progress, but it's only missing some test coverage for error hints and some hint improvements.
The issue is a mismatch between a specifier and a resource id AKA cannonical name in: https://github.com/endojs/endo/blob/master/packages/compartment-mapper/src/policy.js#L158 the right policy value for
@a/b/custom-exportis@a/band I need to add a proper conversion there.