Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(compartment-mapper): Tolerate presence of non-normative compartment-map.json fields #2410

Open
kriskowal opened this issue Aug 14, 2024 · 0 comments
Labels
enhancement New feature or request

Comments

@kriskowal
Copy link
Member

What is the Problem Being Solved?

Endo does not currently tolerate fields in compartment-map.json that it does not recognize. This rightly prevents us from adding fields to generated bundles that would cause a new importer to behave differently than an old importer. However, this wrongly prevents us from adding fields that are informative and do not impact execution, like a source hash for each module (we already capture the post-transform hash) #1882

Description of the Design

We will alter the compartment mapper to discard all fields that have an underscore (_) prefix, such that they are not seen by the schema validator and invisible to the runtime, so cannot affect execution behavior.

Security Considerations

New fields are invisible to runtime so any pair of import machinery will be assured to behave the same way. The new fields might be used as a SPAM vector, but not a very attractive one. We discarded the idea of allowing arbitrary metadata files in parallel to compartment-map.json since they would be a more attractive SPAM vector.

Scaling Considerations

May allow accumulation of cruft in bundles.

Test Plan

Will verify equivalence and acceptance of bundles with and without vestigial properties.

Compatibility Considerations

Old and new importers should accept old bundles. The creation of vestigial properties with bundle-source should be opt-in until all importer installations can recognize them. With a major version bump on bundle-source, some opt-ins can become opt-out or inexpressible.

Upgrade Considerations

Maybe.

@kriskowal kriskowal added the enhancement New feature or request label Aug 14, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
enhancement New feature or request
Projects
None yet
Development

No branches or pull requests

1 participant