tls: hard deprecate tls.createSecurePair#8783
Conversation
|
This should be semver-major right? |
|
It's bug fix, so semver-patch is proper :) |
There was a problem hiding this comment.
Very minor nit:
Looks like majority of existing deprecation warnings in core lib have period . after the last word instead
|
@nodejs/ctc What is the semver-ness of adding runtime (deprecation) warnings? I believe they can be handled/caught in-process now, but I wasn't sure if that changed policy or not? |
|
introducing new warnings has been treated as a semver major afaik /cc @jasnell The number of breakages that have happened due to changing output on stderr has been surprising to say the least. |
|
Hi I have one question @thealphanerd, introducing new warnings even though it has been marked as deprecated in API docs should be treated as a major? What I was thinking about is that this function should be with this warning once it's documented as deprecated API, but it doesn't, so this patch is fixing this bug in this way, and this pull-request is not going to deprecate anything else new. |
They can be handled using |
|
Doc-deprecation does not always mean runtime-deprecation. The current process for most API deprecations is to introduce a documentation-only deprecation (aka «soft-deprecate») in a major version, then to introduce a runtime-deprecation in code (aka «hard-deprecate») in some next major version, then remove the deprecated API in some next major version. It's not a mistake here that it was deprecated in the docs but not in the runtime — it's the usual process. And hard-deprecation is a semver-major, this is not a bug fix. Though it's most likely possible for 8.0, so let's keep this. |
|
Note: the deprecation process for |
|
I don't believe we have a policy yet on the semver-iness of adding a normal process warning. Adding warnings has broken things in practice, however. Adding a deprecation warning, however, is definitely a semver-major. This LGTM as a semver-major |
|
This would be able to land in master after at least two CTC members have signed off. Since the v7.x branch has already been cut, we would simply not pull it back to that branch. There's no reason to wait until after the v7.0.0 release goes out. |
|
Sorry, mis-clicked. Judging from a quick look at #6063, it seems to be advantageous to move towards removing |
|
I'd likely give it a couple of major versions before we considered removing it entirely. There's little harm in letting it sit for a while with the deprecation warning. |
|
@yorkie Sounds good! Would you mind adding something like |
aaedf57 to
7324067
Compare
|
Done @addaleax and sorry about missing for few days :( |
Yup, formally all requirements are fulfilled. This change would likely be released in v8.0.0 in April, so there’s no urge in landing this, but if you want to you can. |
|
Okay, let's land this in v8.0.0 :) |
|
This can land now, the v7.x branch has already been cut. I just won't pull this commit over. |
|
Actually, you know what... this could use a quick test... just something that verifies that the deprecation warning is emitted. |
|
@yorkie ... can you add a test per my request here: #8783 (comment) . After that we can look to get it landed. Thank you! |
|
@yorkie want to get a test together so we can land this? |
|
@thealphanerd, @yorkie, remindier: the commit message is wrong here. This in fact turns a soft (doc-only) deprecation into a hard (runtime) deprecation, but the commit message looks like it corrects an error in the previous deprecation step. |
7324067 to
ef12e41
Compare
|
@jasnell @MylesBorins Sorry for delay on testing this PR and added in the latest ef12e41. @ChALkeR Also updated the commit message :) |
ef12e41 to
36e3133
Compare
|
Fixed some runtime errors :) |
|
And starting a CI: https://ci.nodejs.org/job/node-test-pull-request/5715 |
|
PR doesn't touch the docs... it appears it is currently impossible to tell from the docs whether deprecation is doc-only, or runtime, which is not good. I don't know, @jasnell, @addaleax , someone?, is there way to make this clear in the docs? Is this something that can be addressed in this PR, for this API, or does it need more wide-spread changes in docs? |
|
@sam-github This is definitely the kind of information #10116 would provide in the docs |
|
@sam-github.... funny you should ask... I have a PR that provides a place to document deprecations that's still sitting waiting for some reviews. It would be excellent if I could get some clear LGTM's on it so I can get it landed. #10116 |
|
Any progress about this PR? requesting more reviews, thank you :) |
sam-github
left a comment
There was a problem hiding this comment.
@yorkie LGTM, but I would suggest you write the commit message as "tls.createSecurePair()" --- note the trailing () indicating its a function, not a property
|
@bnoordhuis @indutny Would be good to get a LGTM from someone who remembers when |
|
Ping... able to merge? |
|
Please hold off landing this one. I ended up with a largely duplicate pr that we need to reconcile. |
|
Closing this. Another PR deprecating this has landed in master |
Checklist
make -j8 test(UNIX), orvcbuild test nosign(Windows) passesAffected core subsystem(s)
tls
Description of change
We should use
util.deprecatedto wrap the deprecatedcreateSecurePairin tls module.