devtools/net: add a verifier for scriptable changes. Use it to make CNode::id private. #10189
Conversation
|
This is a great idea I plan to heavily use. |
|
@jtimon You're right to doubt the script, it's quite kludgy. it works by rewinding to the previous commit, running the supplied transform script, and comparing the result to the actual commit. Because the script needs to work on real files, I'm not sure how to avoid working on the current repo, other than maybe setting up a dummy index/workdir. |
|
ACK 6ca7f42 conditional to 74214a2 failing on travis but the whole PR squashed as a single commit passing. See #10193 |
|
ACK 6ca7f42 Travis fails if not all the changes performed by the script are included in the commit as expected https://travis-ci.org/bitcoin/bitcoin/jobs/221211199 I will now squash #10193 so that it passes. |
|
As discussed on IRC, making the script require some prefix in the commit title (ie first line) would help make sure people see it. |
|
Added enforcement of the prefix: "scripted-diff:" in the first line. |
|
Relying on Travis to do review is a bad thing, and as-implemented, it's not very safe for reviewers to run manually. But more annoyingly, can the prefix be on a not-first-line where it pollutes the commit summary? :/ |
|
@luke-jr it's enforced in the subject line so that reviewers can't miss it. That was the resounding request during the meeting. It can be fixed up to (optionally) require approval before running. Would that make you comfortable enough to run it locally? |
|
rebased at @jtimon's request |
|
I wouldn't be comfortable with anything less than reading the script and manually running it explicitly... |
|
@luke-jr You're free to c/p the script and run it, then. I understand your hesitance, but this doesn't take away anything, only adds a check which can be ignored. |
|
It takes away from readability of single-line summaries. And gives people a false sense of security if Travis is trusted. |
There was a problem hiding this comment.
Maybe wait for user input prior to eval to give the user time to actually read the script and exit on doubt. (travis can use --force-eval)
see discussion in #10193 (comment)
|
Concept ACK
I agree. We already use Travis for many checks, adding one more isn't problematic. It should not take away from people manually reviewing or running tests locally. |
|
Needs rebase, re-utACK except for the script itself, which I don't fully understand but I have tested using travis.
No, the single line summary can still be very clear, and the script in the detailed message just says the same thing in a more formal way.
It doesn't give me any false sense of security and from what you say it doesn't give it to you either. If we're going to keep discussing it, maybe the PR should be separated in the script itself and the changes to net_processing, since the scripted-diff commits can be merged before the script itself is merged anyway (and the script itself will much more unlikely require rebase). |
|
Rebased. If this ends up needing another rebase later due to another net change, I'll split it up. I'd rather hold off on making the interactive change until this gets a little real-world testing. I'm sure some other things worth addressing will crop up. |
|
utACK 644cb250e708b5724a0879f26449baa5544d35cf (needs squash, of course) |
-BEGIN VERIFY SCRIPT- sed -i "s/\(node\|to\|from\)->id/\1->GetId()/" src/net.cpp src/net_processing.cpp -END VERIFY SCRIPT-
|
As mentioned on IRC, I drafted some documentation for this, not sure where to put it, maybe contributing.md : https://0bin.net/paste/mTtIoaSoedZ3al-y#dWgD7aBKElhKofVS5nHJBvuvlDLRFmgRy8a03KroOFM |
|
utACK e50c33e |
…e it to make CNode::id private. 0f3471f net: make CNode's id private (Cory Fields) 9ff0a51 scripted-diff: net: Use accessor rather than node's id directly (Cory Fields) e50c33e devtools: add script to verify scriptable changes (Cory Fields) Tree-SHA512: a0ff50f4e1d38a2b63109b4996546c91b3e02e00d92c0bf04f48792948f78b1f6d9227a15d25c823fd4723a0277fc6a32c2c1287c7abbb7e50fd82ffb0f8d994
…ges. Use it to make CNode::id private. 0f3471f net: make CNode's id private (Cory Fields) 9ff0a51 scripted-diff: net: Use accessor rather than node's id directly (Cory Fields) e50c33e devtools: add script to verify scriptable changes (Cory Fields) skipped travis changes Tree-SHA512: a0ff50f4e1d38a2b63109b4996546c91b3e02e00d92c0bf04f48792948f78b1f6d9227a15d25c823fd4723a0277fc6a32c2c1287c7abbb7e50fd82ffb0f8d994 pnode->id to pnode->GetId() Signed-off-by: Pasta <[email protected]>
Verifier for scriptable changes Includes changes from the following upstream PRs: - bitcoin/bitcoin#10189 - Excluding the `CNode` scripted changes. - bitcoin/bitcoin#10480 - bitcoin/bitcoin#11390 - bitcoin/bitcoin#13281 - Only the lint scripts we already have. - bitcoin/bitcoin#13454 - Only changes to scripts we already have. - bitcoin/bitcoin#14864 - bitcoin/bitcoin#16327 - Includes some portability fixes to other shell scripts. - bitcoin/bitcoin#20069
7 participants
This should really be 2 PRs, but the CNode change is helpful to show the script's usefulness.
Scriptable changes verifier
We often make simple changes that produce large diffs, but are easily scriptable. A large search+replace like #9902 is the most obvious example.
It's useful both for reviewers, and for posterity, to include these transforming scripts in the commit message. And once there, we can use c-i to verify the scripted changes before merging.
A simple script checks for commits containing the line:
-BEGIN VERIFY SCRIPT-, and reads until it the line:-END VERIFY SCRIPT-, or the end of the commit message.The resulting script should exactly transform the previous commit into the current one. Any remaining diff signals an error.
Travis will check each commit for these scripts, and fail if any script fails.
Make CNode's id field private
This was useful to check the safety of #10176 (making it easier to see where the node's id is used), and is a general encapsulation improvement.