Validate paths in disallowed_* configurations
#14397
Conversation
|
r? @Manishearth rustbot has assigned @Manishearth. Use |
|
r? clippy rather busy today, may not get to this soon |
cdca98d to
a7edf7d
Compare
|
Rebased and updated the description now that #14376 has been merged. |
There was a problem hiding this comment.
This was very interesting to review. I have a few remarks and nits.
Also, could you remove the + use<'_, REPLACEMENT_ALLOWED> in types.rs:77 while you're editing the file? It should not be needed at all with Rust 2024 RPIT capture rules, both self's lifetime and REPLACEMENT_ALLOWED should be captured by default.
clippy_config/src/types.rs
Outdated
| .dcx() | ||
| .span_warn(span, format!("primitive types are not allowed: {path}")); | ||
| } else if !disallowed_path.allow_invalid { | ||
| tcx.sess.dcx().span_warn(span, format!("`{path}` is invalid")); |
There was a problem hiding this comment.
"is invalid" seems vague. Should it be something along the line of "does not designate an existing item"?
There was a problem hiding this comment.
I changed "is invalid" to "may not refer to an existing definition" everywhere.
I went with "may not" instead of "does not" because the existence depends on the compiler used. For example, the rustc_private paths in Clippy's clippy.toml will exist only if a nightly compiler is used.
I went with "definitions" instead of "items" mainly because it sounds more natural to me. But also this list from the Rust Reference suggests "definitions" is more specific than "items", and I think it applies to all of our cases.
I'm not wed to either and I'll change them if you feel strongly.
There was a problem hiding this comment.
I like the change in the message shown to the user. However, in the configuration file, I find it quite lengthy. Maybe there allow-invalid would be fine, as long as the config option doc explains what it does. WDYT?
clippy_config/src/types.rs
Outdated
| FxHashMap::default(); | ||
| for disallowed_path in disallowed_paths { | ||
| let path = disallowed_path.path(); | ||
| let mut reses = clippy_utils::def_path_res(tcx, &path.split("::").collect::<Vec<_>>()); |
There was a problem hiding this comment.
resolutions might be an easier name to read and understand.
| { | ||
| (id, expr.span) | ||
| }, | ||
| // Previous versions of this lint checked the `DefKind` in the next arm. However, that is no longer |
There was a problem hiding this comment.
Nit: I don't think it is appropriate to talk about "previous versions" in comments. Explanations of change should be in the commit message, while explanation about the current code (if needed) should be in comments.
clippy_config/src/types.rs
Outdated
| if found_def_id { | ||
| tcx.sess | ||
| .dcx() | ||
| .span_warn(span, format!("`{path}` is not of an appropriate kind")); |
There was a problem hiding this comment.
You can give a better message by, for example:
- giving this function an extra
&strparameterpredicate_description(here: "a type") - storing an
Option<DefId>infound_def_idinstead of abool - using
tcx.def_descr_article()andtcx.def_descr()
to generate a warning message such as:
warning: `std::result::Result::Err`: expected a type, found a tuple variant
--> /home/sam/Dev/rust-clippy/tests/ui-toml/toml_invalid_path/clippy.toml:1:1
|
LL | / [[disallowed-types]]
LL | | path = "std::result::Result::Err"
| |_________________________________^
clippy_config/src/conf.rs
Outdated
| @@ -517,9 +572,11 @@ define_Conf! { | |||
| #[conf_deprecated("Please use `cognitive-complexity-threshold` instead", cognitive_complexity_threshold)] | |||
| cyclomatic_complexity_threshold: u64 = 25, | |||
| /// The list of disallowed macros, written as fully qualified paths. | |||
| #[disallowed_path_replacements_allowed = true] | |||
There was a problem hiding this comment.
This is really hard to parse. I had to think twice to distinguish between disallowed(path_replacements_allowed) and disallowed_path_replacements: allowed.
What about something like allow_path_replacements_suggestions?
There was a problem hiding this comment.
Your point is very well taken. But, for context, disallowed_path_replacements_allowed is the concatenation of DisallowedPath and the REPLACEMENTS_ALLOWED const parameter, made lower-snake-case.
That attribute is meant to serve as both a declaration (i.e., "disallowed paths are used in this configuration") and the setting of the REPLACEMENTS_ALLOWED parameter.
I'm struggling with allow_path_replacements_suggestions because, to me, it does not sound like a declaration.
I changed all of the attributes to disallowed_path_allow_replacements. Is that better?
| (value, value_span) | ||
| }}; | ||
|
|
||
| ($map:expr, $ty:ty, $errors:expr, $file:expr, $replacements_allowed:expr) => {{ |
There was a problem hiding this comment.
I would have found it clearer if you add started the pattern with something like (disallowed_paths => …), to clearly show that this is something used by this lint family, instead of relying on matching the extra argument.
There was a problem hiding this comment.
I'm trying to apply a "trick" that I learned from the default_text macro defined in the same file.
Specifically, on this line, the replacements_allowed argument is included only if the disallowed_path_replacements_allowed attribute was used:
deserialize!(map, $ty, errors, self.0 $(, $replacements_allowed)?);In this way, the presence/absence of that argument selects between the two arms in the deserialize! macro.
Your suggestion is to use a keyword to choose between the two arms, correct?
I take your point that the present code is subtle and non-obvious. But, to be honest, I cannot immediately see how to make the keyword approach work. Could you offer me some more guidance? Or is there a way to make the present code more clear?
(Sorry if the "trick" explanation was unnecessary.)
There was a problem hiding this comment.
Yes, I've noticed that (that was my "instead of relying on matching the extra argument" point). The idea with the keyword would be to make it clearer that this specific branch will be used by the disallowed_* lints.
But since you get the replacements_allowed from the defineConf macro, it is right that it would be more complicated to use such a keyword. You can forget about the suggestion.
|
@rustbot author |
This comment has been minimized.
This comment has been minimized.
|
Just a nitpick: it looks like you kept "Addressed review comments", as well as the parameter change in the commit message when squashing. Can you just edit it to its purpose, i.e. "Validate path in …"? |
|
Thanks! |
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Signed-off-by: Miguel Ojeda <[email protected]>
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Signed-off-by: Miguel Ojeda <[email protected]>
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Signed-off-by: Miguel Ojeda <[email protected]>
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Signed-off-by: Miguel Ojeda <[email protected]>
This seems to have false-positives if I'm using the lint correctly, I'm on |
|
@RGBCube Can you share the code used to produce that screenshot? |
It's at https://github.com/cull-os/carcass/blob/d3db2eb953acbbce7fb1420c92f2103be5a7d7ff/cab/cab-format/src/width.rs#L39, trying to get a MRE right now. |
|
Found the problem, it checks against crate dependencies, instead of scanning the workspace lock. This happens when you:
You of course get the error when you run clippy normally without I think checking the top-level Cargo.lock would fix this. Though I am not sure how you would handle aliases properly (like if Or maybe aggregate the dependencies when checking multiple packages at once, to check against? |
|
@RGBCube Thanks for the detailed analysis, which made the issue very easy to reproduce. 🙏 |
Fixes #14397 (comment) r? @samueltardieu changelog: Don't warn about clippy.toml disallowed paths for crates that were not loaded
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Reviewed-by: Alice Ryhl <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Miguel Ojeda <[email protected]>
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Reviewed-by: Alice Ryhl <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Miguel Ojeda <[email protected]>
…onfiguration
Starting with Rust 1.88.0 (expected 2025-06-26) [1], Clippy may start
warning about paths that do not resolve in the `disallowed_macros`
configuration:
warning: `kernel::dbg` does not refer to an existing macro
--> .clippy.toml:10:5
|
10 | { path = "kernel::dbg", reason = "the `dbg!` macro is intended as a debugging tool" },
| ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is a lint we requested at [2], due to the trouble debugging
the lint due to false negatives (e.g. [3]), which we use to emulate
`clippy::dbg_macro` [4]. See commit 8577c9d ("rust: replace
`clippy::dbg_macro` with `disallowed_macros`") for more details.
Given the false negatives are not resolved yet, it is expected that
Clippy complains about not finding this macro.
Thus, until the false negatives are fixed (and, even then, probably we
will need to wait for the MSRV to raise enough), use the escape hatch
to allow an invalid path.
Cc: [email protected] # Needed in 6.12.y and later (Rust is pinned in older LTSs).
Link: rust-lang/rust-clippy#14397 [1]
Link: rust-lang/rust-clippy#11432 [2]
Link: rust-lang/rust-clippy#11431 [3]
Link: rust-lang/rust-clippy#11303 [4]
Reviewed-by: Alice Ryhl <[email protected]>
Link: https://lore.kernel.org/r/[email protected]
Signed-off-by: Miguel Ojeda <[email protected]>
This PR resolves #11432 by checking that paths resolve in
disallowed_*configurations.It also does some lightweight validation of definition kinds. For example, only paths that resolve to
DefKind::Macrodefinitions are allowed indisallowed_macroconfigurations.The PR is currently two commits. The first is #14376 (cc: @Jarcho), which I submitted just a few days ago. The second commit is everything else.Side note: For me, the most difficult part of this PR was getting the spans of the individual
DisallowedPathconfigurations. There is some discussion at toml-rs/toml#840, if interested.changelog: validate paths in
disallowed_*configurations