Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use swift-crypto #5852

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Conversation

kabiroberai
Copy link
Contributor

CryptoSwift is useful for the variety of primitives it offers, but for more limited use cases (such as SwiftLint's usage of SHA256) it's generally preferable to use swift-crypto, given that it's backed by the exceptionally well audited BoringSSL rather than rolling its own Swift primitives.

Discussed with @jpsim out of band.

@@ -10,6 +10,7 @@ bazel_dep(name = "bazel_skylib", version = "1.7.1")
bazel_dep(name = "platforms", version = "0.0.10")
bazel_dep(name = "rules_apple", version = "3.8.0", repo_name = "build_bazel_rules_apple")
bazel_dep(name = "rules_swift", version = "2.1.1", repo_name = "build_bazel_rules_swift")
bazel_dep(name = "rules_cc", version = "0.0.16", repo_name = "build_bazel_rules_cc")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure whether we need to do anything else to make sure downstream packages handle rules_cc correctly

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No should be fine. IIRC rules_cc was split out of Bazel’s core in 7.0.

@jpsim
Copy link
Collaborator

jpsim commented Nov 12, 2024

I’m a bit torn on this one. This is trading a fairly simple dependency for a considerably more complex one from a build system point of view.

If SwiftLint was using some of the more security-sensitive crypto APIs it would be one thing but for just using SHA256 and determining when file contents are likely to have changed, the risk tolerance is different there.

I’m inclined to stick with the status quo.

What do you think @SimplyDanny ?

@SwiftLintBot
Copy link

2 Warnings
⚠️ If this is a user-facing change, please include a CHANGELOG entry to credit yourself!
You can find it at CHANGELOG.md.
⚠️ This PR may need tests.
17 Messages
📖 Linting Aerial with this PR took 0.98s vs 0.93s on main (5% slower)
📖 Linting Alamofire with this PR took 1.26s vs 1.27s on main (0% faster)
📖 Linting Brave with this PR took 7.23s vs 7.25s on main (0% faster)
📖 Linting DuckDuckGo with this PR took 5.09s vs 5.13s on main (0% faster)
📖 Linting Firefox with this PR took 10.69s vs 10.7s on main (0% faster)
📖 Linting Kickstarter with this PR took 9.91s vs 9.93s on main (0% faster)
📖 Linting Moya with this PR took 0.54s vs 0.53s on main (1% slower)
📖 Linting NetNewsWire with this PR took 2.88s vs 2.9s on main (0% faster)
📖 Linting Nimble with this PR took 0.79s vs 0.78s on main (1% slower)
📖 Linting PocketCasts with this PR took 8.48s vs 8.65s on main (1% faster)
📖 Linting Quick with this PR took 0.44s vs 0.44s on main (0% slower)
📖 Linting Realm with this PR took 4.51s vs 4.54s on main (0% faster)
📖 Linting Sourcery with this PR took 2.31s vs 2.32s on main (0% faster)
📖 Linting Swift with this PR took 4.55s vs 4.58s on main (0% faster)
📖 Linting VLC with this PR took 1.25s vs 1.26s on main (0% faster)
📖 Linting Wire with this PR took 18.0s vs 18.11s on main (0% faster)
📖 Linting WordPress with this PR took 11.42s vs 11.57s on main (1% faster)

Here's an example of your CHANGELOG entry:

* Use swift-crypto.  
  [kabiroberai](https://github.com/kabiroberai)
  [#issue_number](https://github.com/realm/SwiftLint/issues/issue_number)

note: There are two invisible spaces after the entry's text.

Generated by 🚫 Danger

@SimplyDanny
Copy link
Collaborator

I’m a bit torn on this one. This is trading a fairly simple dependency for a considerably more complex one from a build system point of view.

If SwiftLint was using some of the more security-sensitive crypto APIs it would be one thing but for just using SHA256 and determining when file contents are likely to have changed, the risk tolerance is different there.

I’m inclined to stick with the status quo.

What do you think @SimplyDanny ?

I was experimenting with this library myself, because it works well with Swift's new cross-compilation capabilities. The library we currently use doesn't build with the Musl C library linked by the SDK and is thus causing compilation issues when building for another platform. But this could be fixed if cross-compilation becomes a thing for SwiftLint, I guess.

For now, I agree with @jpsim in that the maintenance effort isn't worth the benefits. Even the already used library provides so many features we don't use except for hashing.

Are there any benefits of using Swift Crypto instead that you have in mind, @kabiroberai, which we miss?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants