-
Notifications
You must be signed in to change notification settings - Fork 185
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add getrandom::value
function based on zerocopy::FromBytes
#381
Conversation
I really like this. It seems low-cost, and I think we could add it in a non-breaking release of |
Sounds cool! Out of curiosity, do you have preferences on how to handle different versions of zerocopy? Ie, if/when we release a 0.8, will you wait for a breaking version of |
No, I did not plan to. Updating to a breaking release of If you think that |
We have short-term plans to release two breaking changes (0.8 and 0.9), but then things should be stable for the foreseeable future after that. Maybe it'd make sense to just wait for 0.9 and then land this? Both should be released on the order of a few weeks to a few months. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Personally, I do not think it is worth adding the dependency. First, the vast majority of uses should be in seeding a userspace PRNG, where I believe the current APIs are good enough, even without this or even #293, because doing "construct an all-zeros array and then overwrite it" has more than good enough performance characteristics for that. And, in general, "construct an all-zeros array and then overwrite it" is almost always going to be good enough because the syscall overhead is going to dwarf the zeroing, and in the extremely rare cases where that isn't true, we have the _uninit
version now.
You can see that between the time you submitted this PR and now, everything that depended on zerocopy
had to deal with google/zerocopy#716 due to their security monitoring (dependeabot, etc.) going off, and because it was yanked. I think that's likely to happen again. It would be very frustrating to me to be affected by it.
If the user wants to use zerocopy
then it is easy for them to do so, since zerocopy does (or should) make it easy.
The goal is to eliminate the need for users to use Your concerns about As I mentioned earlier, a potential alternative to this PR would be to add this functionality to the |
As a user, I would prefer the "small dance" over adding a dependency to the dependency tree. I still think that PR #293 had the best compromise to get to a "no In contrast, I feel like the usability improvement between this PR and PR #293 is very small which makes taking on a dependency not worthwhile. |
I am going to close this PR in favor of the |
This PR is an alternative to #293 and closes #281.
It introduces function with the folllowing signature:
It allows to generate a random value of any type which implements the
FromBytes
trait, including nested arrays.The main disadvantage is an additional dependency, but since it's optional and
rand
started to unconditionally pullzerocopy
starting from therand_core
level, I think it's a reasonable cost. Enabling thezerocopy
feature bumps MSRV to 1.60. Notably,zerocopy
has a conservative MSRV policy, so it shouldn't cause any MSRV breakage in future.cc @briansmith @joshlf