fix(errors): Restore support for SES 0.18.3 and prior #2093
Conversation
kriskowal
force-pushed
the
kriskowal-fix-errors-bare-backward-compatibility
branch
3 times, most recently
from
a7b4e0d to
74fb32e
Compare
kriskowal
force-pushed
the
kriskowal-fix-errors-bare-backward-compatibility
branch
from
74fb32e to
976286c
Compare
There was a problem hiding this comment.
If this were a long lived anomaly, I might desire a more accurate bare emulation. By I don't buy the "in perpetuity". We cannot ever get stuck needing to support an infinite number of prior versions, because some of those will have fatal problems.
So this PR LGTM, thanks!
packages/errors/index.js
Outdated
| // The Agoric chain's bootstrap vat runs with a version of SES that predates | ||
| // the addition of the 'bare' method, so we must fall back to quote behavior | ||
| // for that environment. (2024) |
There was a problem hiding this comment.
Is this 2024 a year reference?
There was a problem hiding this comment.
Yes, to indicate when we thought this because, as @erights points out, it cannot be permanent. But, as @michaelfig indicated, it’s true for the lifetime of Agoric’s current chain. My understanding is that we can only upgrade the chain bootstrap vat at genesis.
There was a problem hiding this comment.
To clarify, we are planning on replacing the environment in which core evals run, and retire the bootstrap vat, at which point old agoric chains will be able to evaluate core evals without the need for this backwards compatibility. Technically replacement is not an upgrade (something something ship of Theseus)
| bareOrQuote as bare, | ||
| makeError, | ||
| note, | ||
| quote, | ||
| redacted, | ||
| throwRedacted, |
There was a problem hiding this comment.
Alternative possibility:
| bareOrQuote as bare, | |
| makeError, | |
| note, | |
| quote, | |
| redacted, | |
| throwRedacted, | |
| makeError, | |
| note, | |
| quote, | |
| bare = quote, | |
| redacted, | |
| throwRedacted, |
There was a problem hiding this comment.
As noted with the failing test, our module transform does not support this pattern. Per the convergence of great minds, this was the shape of my first attempt!
kriskowal
force-pushed
the
kriskowal-fix-errors-bare-backward-compatibility
branch
from
c596adf to
c86880f
Compare
For sure. Hopefully, the unstoppable force can move the immovable object. I suspect the only way out of this situation is for the chain bootstrap vat to eval a final contract that bequeaths its authority to a replacement chain bootstrap vat. We would presumably prevent any further core evals to execute in the original chain bootstrap vat via governance. |
kriskowal
deleted the
kriskowal-fix-errors-bare-backward-compatibility
branch
Description
Agoric’s chain bootstrap vat runs with a version of SES that predates the
barefunction. Consequently, any library including@endo/errorsrunning in a contract bundle in that vat must be prepared to shim any features absent on the globalassert.Security Considerations
I do not believe this comes with direct security implications, but the situation emphasizes the need for extra scrutiny for programs admitted thru governance to run in the Agoric bootstrap vat given that it runs on a fixed version of SES.
Scaling Considerations
None.
Documentation Considerations
None.
Testing Considerations
This includes a test that fails before the fix and passes after the fix. To review this PR, rebase incrementally and run tests before and after the fix.
Compatibility Considerations
The
baremethod falls through to the behavior ofquote. This is consistent with the behavior of programs were written before the addition ofbare, so I expect them to converge if that is indeed important.Upgrade Considerations
[ ] Includes*BREAKING*:in the commit message with migration instructions for any breaking change.[ ] UpdatesNEWS.mdfor user-facing changes.