Skip to content

Reduce visibility of JsonReply::new#931

Merged
arminsabouri merged 1 commit intopayjoin:masterfrom
arminsabouri:pub-crate-jsonreply-new
Aug 6, 2025
Merged

Reduce visibility of JsonReply::new#931
arminsabouri merged 1 commit intopayjoin:masterfrom
arminsabouri:pub-crate-jsonreply-new

Conversation

@arminsabouri
Copy link
Collaborator

@arminsabouri arminsabouri commented Aug 6, 2025

Json replies are carefully crafted to ommit potentially sensative information. Application developers may accidentally stringify implementation errors instead of using the From ReplayableError impl if the ctor is pub.

@arminsabouri
Reduce visibility of JsonReply::new
335177e 
Json replies are carefully crafted to ommit potentially sensative
information. Application developers may accidentally stringify
implementation errors instead of using the From `ReplayableError` impl.
@arminsabouri arminsabouri mentioned this pull request Aug 6, 2025
Closed
@coveralls
Copy link
Collaborator

coveralls commented Aug 6, 2025

Pull Request Test Coverage Report for Build 16777514362

Details

  • 1 of 1 (100.0%) changed or added relevant line in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 85.853%
Totals Coverage Status
Change from base Build 16750868059: 0.0%
Covered Lines: 7446
Relevant Lines: 8673
💛 - Coveralls

@arminsabouri arminsabouri requested a review from DanGould August 6, 2025 13:04
@nothingmuch
Copy link
Collaborator

nothingmuch commented Aug 6, 2025

If you don't mind please also add a unit test for JsonReply::from<ReplyableError::Implementation> not leaking, i think it can be as simple as just ensuring that the message is just "Internal server error", or for bonus cookie points implementing an error whose Display and Debug impls panic, and ensuring that those aren't triggered by JsonReply conversion

@arminsabouri arminsabouri mentioned this pull request Aug 6, 2025
Closed
@arminsabouri arminsabouri merged commit 0aa1509 into payjoin:master Aug 6, 2025
10 checks passed
@arminsabouri arminsabouri deleted the pub-crate-jsonreply-new branch August 6, 2025 14:07
@arminsabouri
Copy link
Collaborator Author

arminsabouri commented Aug 6, 2025

If you don't mind please also add a unit test for JsonReply::from<ReplyableError::Implementation> not leaking, i think it can be as simple as just ensuring that the message is just "Internal server error", or for bonus cookie points implementing an error whose Display and Debug impls panic, and ensuring that those aren't triggered by JsonReply conversion

Issue created. Will tackle next

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@nothingmuch nothingmuch nothingmuch approved these changes

@DanGould DanGould Awaiting requested review from DanGould

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@arminsabouri @coveralls @nothingmuch