uv/crates/uv-shell at 12764df8b22947f8cacdc6da41c47a10e2ecf418 - mirrors/uv

mirrors/uv

mirror of https://github.com/astral-sh/uv.git synced 2025-10-26 09:58:19 +00:00

History

Zanie Blue 7ac957af8f Lock the credentials store when reading or writing (#15610 ) Adds locking of the credentials store for concurrency safety. It's important to hold the lock from read -> write so credentials are not dropped during concurrent writes. I opted not to attach the lock to the store itself. Instead, I return the lock on read and require it on write to encourage safe use. Maybe attaching the source path to the store struct and adding a `lock(&self)` method would make sense? but then you can forget to take the lock at the right time. The main problem with the interface here is to write a _new_ store you have to take the lock yourself, and you could make a mistake by taking a lock for the wrong path or something. The fix for that would be to introduce a new `CredentialStoreHandle` type or something, but that seems overzealous rn. We also don't eagerly drop the lock on token read, although we could.	2025-09-02 13:16:52 -05:00
..
src	Lock the credentials store when reading or writing (#15610 )	2025-09-02 13:16:52 -05:00
Cargo.toml	Add fallback parent process detection to `uv tool update-shell` (#15356 )	2025-08-18 13:48:34 -05:00

Zanie Blue 7ac957af8f Lock the credentials store when reading or writing (#15610 )

Adds locking of the credentials store for concurrency safety. It's
important to hold the lock from read -> write so credentials are not
dropped during concurrent writes.

I opted not to attach the lock to the store itself. Instead, I return
the lock on read and require it on write to encourage safe use. Maybe
attaching the source path to the store struct and adding a `lock(&self)`
method would make sense? but then you can forget to take the lock at the
right time. The main problem with the interface here is to write a _new_
store you have to take the lock yourself, and you could make a mistake
by taking a lock for the wrong path or something. The fix for that would
be to introduce a new `CredentialStoreHandle` type or something, but
that seems overzealous rn. We also don't eagerly drop the lock on token
read, although we could.

2025-09-02 13:16:52 -05:00

src Lock the credentials store when reading or writing (#15610 ) 2025-09-02 13:16:52 -05:00

Cargo.toml Add fallback parent process detection to uv tool update-shell (#15356 ) 2025-08-18 13:48:34 -05:00