From 5e46d911d9001b808ba9002db386a47412937a41 Mon Sep 17 00:00:00 2001 From: Piotr Sikora Date: Mon, 28 Oct 2024 14:26:45 -0400 Subject: [PATCH 1/2] Document the trust model and panics in the codebase. Signed-off-by: Piotr Sikora --- DEVELOPMENT.md | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index 46b44669..602bbdb9 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -1,5 +1,14 @@ # Development +## Proxy-Wasm ABI compliance & trust model + +It is expected that the host environment is completely trusted and compliant +with the [Proxy-Wasm ABI specification] (currently v0.2.1). + +This means that receiving unexpected callback, status, lifecycle flow and/or +incorrectly serialized parameters is considered a permanent failure and will +result in a `panic`. + ## Testing GitHub Actions can be executed locally using the [`act`] tool. @@ -28,5 +37,6 @@ bazelisk run //bazel/cargo:crates_vendor -- --repin all ``` +[Proxy-Wasm ABI specification]: https://github.com/proxy-wasm/spec [`act`]: https://github.com/nektos/act [`bazelisk`]: https://github.com/bazelbuild/bazelisk From 72cc3e43981c7858ab8886fcc46bcba050b110ed Mon Sep 17 00:00:00 2001 From: Piotr Sikora Date: Mon, 2 Dec 2024 00:21:35 -0500 Subject: [PATCH 2/2] review: clarify direction. Signed-off-by: Piotr Sikora --- DEVELOPMENT.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md index 602bbdb9..38476400 100644 --- a/DEVELOPMENT.md +++ b/DEVELOPMENT.md @@ -6,8 +6,8 @@ It is expected that the host environment is completely trusted and compliant with the [Proxy-Wasm ABI specification] (currently v0.2.1). This means that receiving unexpected callback, status, lifecycle flow and/or -incorrectly serialized parameters is considered a permanent failure and will -result in a `panic`. +incorrectly serialized parameters from the host environment is considered +a permanent failure and will result in `panic`. ## Testing