-
-
Notifications
You must be signed in to change notification settings - Fork 424
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
remove Debug from SessionRecord #472
Conversation
- that allows clients of this library to avoid having to reimplement Debug for the complex in-memory stores if they produce their own wrappers around those stores and want to Debug those
085ca01
to
a42ad56
Compare
- that allows clients of this library to avoid having to reimplement Debug for the complex in-memory stores if they produce their own wrappers around those stores and want to Debug those
- that allows clients of this library to avoid having to reimplement Debug for the complex in-memory stores if they produce their own wrappers around those stores and want to Debug those
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hm. I feel weird about making these Debug because I feel like logging them can leak more information than you might intend. But I guess if that were really true then SessionRecord shouldn't be Debug in the first place, and it is, so okay.
- that allows clients of this library to avoid having to reimplement Debug for the complex in-memory stores if they produce their own wrappers around those stores and want to Debug those
a42ad56
to
5084dd5
Compare
- that allows clients of this library to avoid having to reimplement Debug for the complex in-memory stores if they produce their own wrappers around those stores and want to Debug those
5084dd5
to
4c0ae29
Compare
- also add a cheap Debug impl for PrivateKey which leaks no info
4c0ae29
to
5bd9a14
Compare
- also add a cheap Debug impl for PrivateKey which leaks no info
5bd9a14
to
f3f76e5
Compare
I think this is a very reasonable concern. The best argument in favor I can think of is that if we define a canonical But to take a step back, this change in particular was motivated by me wanting to be able to more easily debug tests for my own code, a CLI tool which depends on
It actually looks like removing |
Hm, if we're trending that way then I'd say PrivateKey doesn't need it either, since you can always ask for the |
- also add a cheap Debug impl for PrivateKey which leaks no info
f3f76e5
to
1fe7705
Compare
This is a very useful framing to evaluate these docs changes in, and I agree that it would be more confusing than helpful. I have removed the |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Handling the cherry-pick now, but note that it's showing up as "unverified" in GitHub because I can't re-sign the commit with your key. I could remove you as a commit author, or you could turn off "vigilant mode", or we could leave it "unverified".
Hm, that's a strange little quirk. I have turned off "vigilant mode" now, as it is rarely needed. Please let me know if that lets you cherry-pick it without any smudges. |
Ping! I think this should be good to merge? Please feel free to edit the commit (including removing my authorship) if that is needed to safely merge. |
Sorry, it's in the private branch and will be in the next release! But we haven't had anything to drive a release just yet. I'll close this when the release happens and I can put the cherry-picked commit hash here. |
Great, thanks! |
- also add a cheap Debug impl for PrivateKey which leaks no info
Released in v0.22.0! |
SessionRecord
implsDebug
, but it's not used anywhere. This removes that.PrivateKey
is given aDebug
impl which avoids leaking any useful data or making elliptic curve computations.