Yield all the errors #128
Yield all the errors #128
Conversation
|
Yeah, I think a breaking release for this crate is relatively low impact. |
Fair enough. I think I was trying to avoid that, since some downstream users seemed to have broken applications and I think that warranted a semver-compatible change. I was also working on the assumption that if the "best effort" approach works for go's (larger) user base, it probably works for ours too. |
There was a problem hiding this comment.
I think this looks good in substance.
Do we want to include more context in the Error type to reflect what the error was in response to? For example, considering macos.rs, we could end up with two errors and some certificates. Is it useful to be able to record "this error came from asking about Domain::User, this error came from Domain::System"?
edit: er, disregard? it's not our error type. i guess we could wrap errors in strings explaining what was happening, but stringy errors are quite ick.
djc
force-pushed
the
all-errors
branch
2 times, most recently
from
1373f7a
to
046dc08
Compare
We can trivially add our own |
djc
force-pushed
the
all-errors
branch
2 times, most recently
from
ab9835e
to
5b9908e
Compare
djc
force-pushed
the
all-errors
branch
4 times, most recently
from
c449cec
to
f55df23
Compare
|
Added our own
That's true -- my impression is that there are relatively few downstream users who are broken in a bad way by the current state of the branch (especially now that 0.7.2 is released which clarifies the source of the problem).
Fair, though I think in a number of places Rust (and the ecosystem) aim higher, not least in terms of good error handling. |
Can we land on a compromise? Maybe merge #126, cut a 0.7.3 and then use this for a 0.8? That doesn't seem like much extra work and might make life easier for some users.
I agree and like the approach in this branch. Everyone swallowing these errors just perpetuates the misconfigurations, making it harder for the next project that wants to do the right thing :'( I don't think there's a good story for why you would intentionally install roots without broad permissions into a location for system-wide usage and I wager that a "can't read this cert file" error will be a lot easier to triage for the average non-TLS-savvy user than "why does this connection fail with an unknown issuer error when I've already installed the root". |
Sure, I agree that could make sense! (Seems less like a compromise and more like a "best of both worlds"...) |
|
Yes, sorry, I agree. Will make a minor follow-up comment on #126 ... |
djc
force-pushed
the
all-errors
branch
2 times, most recently
from
10b318a
to
8604955
Compare
|
@djc Would you mind drafting some release notes for 0.8 in the PR desc? |
|
Wrote something up. Maybe too long/detailed? Open to feedback. |
|
I think it might help to mention the change up front, and then dig a bit into the background. I think it might make sense to also suggest that the errors are a misconfiguration of the underlying system. WDYT about something like:
|
|
Addressed comments and rewrote the proposed release notes. |
|
Alternative to #126 that is a bit more principled maybe?
Release notes:
load_native_certs()now returns aCertificateResultvalue containing all the certificates that were successfully found as well as any errors encountered. Changes made in 0.7.1 in order to find certificates in more locations resulted in new errors in scenarios that previously worked for most users. This change allows callers to determine the error handling strategy most appropriate to their application.