[ruby-core:112097] [Ruby master Feature#19388] Deprecate SecurityError
Issue #19388 has been reported by jeremyevans0 (Jeremy Evans). ---------------------------------------- Feature #19388: Deprecate SecurityError https://bugs.ruby-lang.org/issues/19388 * Author: jeremyevans0 (Jeremy Evans) * Status: Open * Priority: Normal ---------------------------------------- I think we should deprecate `SecurityError` in Ruby 3.3 and remove it in Ruby 3.4. I think we probably should have deprecated `SecurityError` when `$SAFE` was deprecated, but better late than never. I've submitted a pull request to deprecate it: https://github.com/ruby/ruby/pull/7193 -- https://bugs.ruby-lang.org/
Issue #19388 has been updated by matz (Yukihiro Matsumoto). The original intention of `SecurityError` was the errors from taint checks. So most usages of it are misused (including core implementation). But at the same time, I don't want to punish existing code by removing it. So we keep it for the foreseeable future. Adding deprecation flag may not be needed. Matz. ---------------------------------------- Feature #19388: Deprecate SecurityError https://bugs.ruby-lang.org/issues/19388#change-101727 * Author: jeremyevans0 (Jeremy Evans) * Status: Open * Priority: Normal ---------------------------------------- I think we should deprecate `SecurityError` in Ruby 3.3 and remove it in Ruby 3.4. I think we probably should have deprecated `SecurityError` when `$SAFE` was deprecated, but better late than never. I've submitted a pull request to deprecate it: https://github.com/ruby/ruby/pull/7193 -- https://bugs.ruby-lang.org/
Issue #19388 has been updated by Eregon (Benoit Daloze). TruffleRuby still uses this exception class, notably when something is not allowed in "GraalVM Context permissions" such as "not allowed to create thread"/"not allowed to use native libraries"/"not allowed to use Java interop"/etc. (full list of such permissions at https://www.graalvm.org/sdk/javadoc/org/graalvm/polyglot/Context.Builder.htm...). It seems a natural fit for such permissions errors, so I think we should keep this class, non-deprecated. ---------------------------------------- Feature #19388: Deprecate SecurityError https://bugs.ruby-lang.org/issues/19388#change-101750 * Author: jeremyevans0 (Jeremy Evans) * Status: Open * Priority: Normal ---------------------------------------- I think we should deprecate `SecurityError` in Ruby 3.3 and remove it in Ruby 3.4. I think we probably should have deprecated `SecurityError` when `$SAFE` was deprecated, but better late than never. I've submitted a pull request to deprecate it: https://github.com/ruby/ruby/pull/7193 -- https://bugs.ruby-lang.org/
participants (3)
-
Eregon (Benoit Daloze) -
jeremyevans0 (Jeremy Evans)
-
matz (Yukihiro Matsumoto)