Skip to content

chore: defensive checks added to keep v0.2 stable #49

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
bordumb merged 1 commit into from
Mar 23, 2026
Merged

chore: defensive checks added to keep v0.2 stable #49

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions CONTRIBUTING.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -156,6 +156,7 @@ TRYBUILD=overwrite cargo test -p capsec --test compile_tests
- **Include tests.** New authority patterns need integration tests. New type-system features need compile-fail tests.
- **Run `cargo capsec audit`** against the repo itself before submitting — capsec dogfoods its own tool.
- **Keep the security model intact.** `Cap<P>` must remain unforgeable and `!Send`. `Permission` must remain sealed. `Cap::new()` must remain `pub(crate)`. Any change that weakens these guarantees needs discussion in an issue first.
- **`#[must_use]` convention.** Any new function or method returning `Result<T, CapSecError>`, `Cap<P>`, `SendCap<P>`, or `CapRoot` must have `#[must_use]`. Exception: if the return type itself already carries `#[must_use]` (e.g., `Cap<P>` does), a bare `#[must_use]` on the function is redundant and clippy will flag it — skip it in that case. The goal: discarding a capability check or proof token should always produce a compiler warning.
- **Update docs** if you change public API. The facade crate's `lib.rs` doc comments and crate READMEs should stay current.

## Context pattern and macros
Expand Down
3 changes: 3 additions & 0 deletions crates/capsec-core/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
#![deny(missing_docs)]
#![deny(rustdoc::broken_intra_doc_links)]

//! # capsec-core
//!
//! Zero-cost capability tokens and permission traits for compile-time
Expand Down
3 changes: 3 additions & 0 deletions crates/capsec-std/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
#![deny(missing_docs)]
#![deny(rustdoc::broken_intra_doc_links)]

//! # capsec-std
//!
//! Capability-gated wrappers around the Rust standard library.
Expand Down
3 changes: 3 additions & 0 deletions crates/capsec-tokio/src/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
#![deny(missing_docs)]
#![deny(rustdoc::broken_intra_doc_links)]

//! # capsec-tokio
//!
//! Async capability-gated wrappers for [tokio](https://tokio.rs/) — the async
Expand Down
6 changes: 6 additions & 0 deletions crates/capsec/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,3 +22,9 @@ trybuild.workspace = true
capsec-core.workspace = true
capsec-tokio = { workspace = true, features = ["full"] }
tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "net", "process", "io-util"] }

[lints.rust]
missing_docs = "deny"

[lints.rustdoc]
broken_intra_doc_links = "deny"
Loading