Use native error-wrapping instead of pkg/errors #4
Conversation
| @@ -28,23 +28,13 @@ var ErrSymlinkLoop = errors.Wrap(syscall.ELOOP, "secure join") | |||
| // accessed does not exist (or path components don't exist). This is | |||
| // effectively a more broad version of os.IsNotExist. | |||
| func IsNotExist(err error) bool { | |||
| // If it's a bone-fide ENOENT just bail. | |||
| if os.IsNotExist(errors.Cause(err)) { | |||
There was a problem hiding this comment.
I'm not sure what kind of errors are supposed to be supplied as an argument here, but in case the error was obtained using errors.Wrap() from pkg/errors version > 0.9.0, the new code won't work as the Unwrap method only appeared in pkg/errors 0.9.0.
So, this either needs to be documented. Alternatively, we can do a runtime check, something like "if this is an error which has Cause method, it should also have Unwrap method, otherwise paniс saying the caller is using old pkg/errors". Complicated...
There was a problem hiding this comment.
Ah, good one; I wanted to answer "but go mod enforces pkg/errors 0.9.1, but we remove that now of course 🤔
We can do a quick check which projects use this projects as a dependency (I think that list is limited, so we can at least make sure that they use a current pkg/errors)
There was a problem hiding this comment.
Doing a quick scan using https://grep.app/search?q=github.com/cyphar/filepath-securejoin
Consumers (using pkg/errors v0.9.1))
- https://github.com/bcicen/ctop
- https://github.com/cloudfoundry/cli
- https://github.com/containers/podman
- https://github.com/cri-o/cri-o
- https://github.com/genuinetools/img
- https://github.com/google/cadvisor
- https://github.com/hashicorp/nomad
- https://github.com/helm/helm
- https://github.com/kubernetes/autoscaler
- https://github.com/kubernetes/kubernetes
- https://github.com/kubesphere/kubesphere
- https://github.com/moby/moby
- https://github.com/opencontainers/runc
- https://github.com/opencontainers/umoci
- https://github.com/openshift/origin
- https://github.com/lunarway/release-manager
- https://github.com/goharbor/harbor
- https://github.com/rancher/k3s
- https://github.com/elastic/beats
- https://github.com/kubeedge/kubeedge
- https://github.com/istio/istio
- https://github.com/kubeapps/kubeapps
- https://github.com/hpcng/singularity
- https://github.com/kubernetes/minikube
- https://github.com/datawire/ambassador
- https://github.com/rancher/rancher
Indirect
- https://github.com/linkerd/linkerd2 (indirect)
- https://github.com/databus23/helm-diff (indirect)
- https://github.com/derailed/k9s (indirect)
- https://github.com/operator-framework/operator-sdk (indirect)
Indirect / potentially affected
- https://github.com/fluxcd/flux (old pkg/errors, but using go 1.15)
- https://github.com/flynn/flynn (old pkg/errors)
- https://github.com/bblfsh/bblfshd (indirect dependency, uses older pkg/errors)
- https://github.com/ContainerSolutions/helm-monitor (indirect dependency, uses older pkg/errors)
- https://github.com/deepmind/kapitan (indirect dependency, uses older pkg/errors)
- https://github.com/helm/monocular (indirect dependency, uses older pkg/errors)
There was a problem hiding this comment.
https://github.com/fluxcd/flux (old pkg/errors, but using go 1.15)
Updated to 0.9.1
https://github.com/flynn/flynn (old pkg/errors)
No longer maintained.
https://github.com/bblfsh/bblfshd (indirect dependency, uses older pkg/errors)
Appears to be no longer maintained (last commits are about removing maintainers)
https://github.com/ContainerSolutions/helm-monitor (indirect dependency, uses older pkg/errors)
Appears to be no longer maintained (last commit is from 2019)
https://github.com/deepmind/kapitan (indirect dependency, uses older pkg/errors)
https://github.com/helm/monocular (indirect dependency, uses older pkg/errors)
These to appear to be alive but uses older pkg/errors; can be updated though.
So I guess we can proceed with the change.
join.go
Outdated
| ) | ||
|
|
||
| // ErrSymlinkLoop is returned by SecureJoinVFS when too many symlinks have been | ||
| // evaluated in attempting to securely join the two given paths. | ||
| var ErrSymlinkLoop = errors.Wrap(syscall.ELOOP, "secure join") | ||
| var ErrSymlinkLoop = fmt.Errorf("secure join: %w", syscall.ELOOP) |
There was a problem hiding this comment.
I would do this instead:
// ErrSymlinkLoop is returned by SecureJoinVFS when too many symlinks have been
// evaluated in attempting to securely join the two given paths.
-var ErrSymlinkLoop = errors.Wrap(syscall.ELOOP, "secure join")
+//
+// Deprecated: use errors.Is(err, syscall.ELOOP) instead.
+var ErrSymlinkLoop = syscall.ELOOP
// IsNotExist tells you if err is an error that implies that either the path
// accessed does not exist (or path components don't exist). This is@@ -68,7 +59,7 @@ func SecureJoinVFS(root, unsafePath string, vfs VFS) (string, error) {
n := 0
for unsafePath != "" {
if n > 255 {
- return "", ErrSymlinkLoop
+ return "", &os.PathError{Op: "SecureJoin", Path: root + "/" + unsafePath, Err: syscall.ELOOP}
}
// Next path component, p.
|
Ah, I just did a similar patch and then found this one :) which also needs some updating. @thaJeztah do you think you can revive this? @cyphar do you think it can be merged? It should be good to ditch pkg/errors |
|
Yeah I'd be happy to take something like this now (the lack of backtraces is sad, but ultimately error messages are usually enough in practice). |
It was part of the proposal that ended up in adding Practically I saw a need for a backtrace once or twice, when the error itself is not good enough |
|
Seems like something that |
This patch replaces the vendor.conf with a go.mod, and re-vendors the pkg/errors files from upstream. This commit is mostly to preserve history of the local changes that were made to the pkg/errors package (which appear to have been made for debugging purposes). Setting the minimum go version in go.mod to v1.7 for this commit, which matches the lowest version that's testet against in CI. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
raising the minimum go version in go.mod 1.12, to fetch the dependency module. Updated travis to test against 1.12 (minimum version) and 1.15 (current stable). Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This requires Go 1.13 or up Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
thaJeztah
force-pushed
the
native_wrapping
branch
from
437a885
to
dbc5ba2
Compare
|
@kolyshkin rebased, and pushed a commit with your suggestion Let me know if you want to do #3 first / separately, and/or if you want some commits to be squashed. |
| // If it's a bone-fide ENOENT just bail, also check if it's not actually | ||
| // an ENOTDIR, which in some cases is a more convoluted case of ENOENT | ||
| // (usually involving weird paths). | ||
| if errors.Is(err, os.ErrNotExist) || errors.Is(err, syscall.ENOTDIR) || errors.Is(err, syscall.ENOENT) { |
There was a problem hiding this comment.
I would do
return os.IsNotExist(err) || errors.Is(err, syscall.ENOTDIR) || errors.Is(err, syscall.ENOENT)(mostly because os.IsNotExist could do more than errors.Is(err, os.ErrNotExist).
There was a problem hiding this comment.
I take it back; as @thaJeztah pointed out elsewhere, the official docs call for using errors.Is(err, os.ErrNotExist).
|
Closing in favour of #7. |
follow-up to #3, so opening as draft. Only the last two commits are new
This removes the dependency on pkg/errors, in favour of Go's native wrapping