Conversation
Removes unsafe rust usages from windmill and forbids it in cargo config. Unsafe static accesses are replaced with std::RwLock as those were global settings written only once or a few times, but read often.
|
Thank you for your contribution! Before we can merge this PR, we need you to sign our Contributor License Agreement (CLA). You can retrigger this bot by commenting recheck in this Pull Request. Posted by the CLA Assistant Lite bot. |
There was a problem hiding this comment.
Pull request overview
This PR replaces static mut globals in the Windmill Celery service with lock-based shared state and adds a crate-level lint to forbid unsafe Rust, aligning with the goal of removing unsafe code from this binary.
Changes:
- Reworked global Celery settings/state in
celery_app.rsto useLazyLock+RwLockinstead ofstatic mut. - Updated
main.rsto use the new configuration API (set_config, scoped imports, error propagation from semaphore init). - Added
unsafe_code = "forbid"inCargo.tomland applied formatting cleanups.
Reviewed changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
packages/windmill/src/services/celery_app.rs |
Replaces unsafe global mutable state with lock-protected config/state and adjusts Celery app initialization. |
packages/windmill/src/bin/main.rs |
Migrates startup/config wiring to the new Celery configuration API. |
packages/windmill/Cargo.toml |
Adds crate-level unsafe-code lint and formatting-only dependency edits. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| let CeleryConfig { | ||
| prefetch_count, | ||
| acks_late, | ||
| task_max_retries, | ||
| broker_connection_max_retries, | ||
| heartbeat_secs, | ||
| .. | ||
| } = *CELERY_CONFIG | ||
| .read() | ||
| .map_err(|_| anyhow!("failed to read-lock CeleryConfig"))?; |
|
I have read the CLA Document and I hereby sign the CLA |
Parent issue: https://github.com/sequentech/meta/issues/7111