Open Shnatsel opened 2 years ago
It's weird that owo-colors
has unsafe given this line from the readme:
No allocations, unsafe, or dependencies required because embedded systems deserve to be pretty too uwu.
The only place I've found unsafe in there is used to convert &[u8]
to &str
in a const
. Given that std::str::from_utf8
is const unstable I don't think that there is a simple way to remove this unsafe.
FWIW, it could use str::from_utf8_unchecked
, which would already be a bit less unsafe
than a transmute
(one oughtn not to transmute repr(Rust)
entities, even just the wide-pointer ones).
Also, there could be a smaller const_concat!
-like dependency in charge of doing the unsafe
to perform the concatenation.
AsciiU8
const-constructible type, and a [AsciiU8] -> str
unsafe
-using conversion which would be trivial to review as sound 🤔 I haven't looked at the details yet, but the
object
andgimli
crates might be possible to switch tobytemuck
instead of custom code, andowo-colors
should not need any unsafe at all.
This would have to be done in backtrace
itself, not as part of color-eyre
, also, std::backtrace::Backtrace
itself also depends on backtrace-rs^1 and I believe enables gimli as well^3 so I'd recommend treating that as it's own independent effort rather than as part of a review of color-eyre.
Eyre has a known issue^4 and needs a fix and I've had a couple people say they're willing to do the fix but so far that hasn't materialized, so that would be the best starting point imo, and I imagine the lions share of further improvements that could be made would also need to happen in eyre itself rather than any of the other deps. I'm happy to help explain any of the unsafe that is currently present. I imagine the biggest simplification would be to rework the special downcasting support^5 we inherited from anyhow
. It may also be possible to rip out the custom thin pointer logic we have and replace it with https://doc.rust-lang.org/nightly/std/boxed/struct.ThinBox.html.
color-eyre
is a popular crate for error handling, with over 1 million downloads, and theeyre
itself has over 3 million downloads.It relies on a surprising amount of unsafe code, even with
default-features = false
:A number of dependencies look like they shouldn't need custom unsafe code - such as
owo-colors
,object
,gimli
, as well aseyre
itself.It would be nice to remove unsafe code where reasonable.
I haven't looked at the details yet, but the
object
andgimli
crates might be possible to switch tobytemuck
instead of custom code, andowo-colors
should not need any unsafe at all.