Lint code and add SAFETY comments

Author: andreacorbellini

src/imp/generic.rs

@@ -1,5 +1,5 @@
-use rand::distr::Alphanumeric;
 use rand::Rng;
+use rand::distr::Alphanumeric;
 use std::ffi::OsStr;
 use std::ffi::OsString;
 use std::fs;

src/imp/unix/generic.rs

@@ -1,9 +1,9 @@
+use crate::imp::unix::Dir;
+use crate::imp::unix::OpenOptions;
 use crate::imp::unix::copy_file_perms;
 use crate::imp::unix::create_temporary_file;
 use crate::imp::unix::remove_temporary_file;
 use crate::imp::unix::rename_temporary_file;
-use crate::imp::unix::Dir;
-use crate::imp::unix::OpenOptions;
 use nix::errno::Errno;
 use std::ffi::OsString;
 use std::fs::File;

src/imp/unix/linux.rs

@@ -1,14 +1,14 @@
+use crate::imp::unix::Dir;
+use crate::imp::unix::OpenOptions;
+use crate::imp::unix::RandomName;
 use crate::imp::unix::copy_file_perms;
 use crate::imp::unix::create_temporary_file;
 use crate::imp::unix::remove_temporary_file;
 use crate::imp::unix::rename_temporary_file;
-use crate::imp::unix::Dir;
-use crate::imp::unix::OpenOptions;
-use crate::imp::unix::RandomName;
 use nix::errno::Errno;
-use nix::fcntl::openat;
 use nix::fcntl::AtFlags;
 use nix::fcntl::OFlag;
+use nix::fcntl::openat;
 use nix::libc;
 use nix::sys::stat::Mode;
 use nix::unistd::fdatasync;
@@ -35,6 +35,7 @@ fn create_unnamed_temporary_file(dir: &Dir, opts: &OpenOptions) -> nix::Result<F
 
     let file_fd = openat(Some(dir.as_raw_fd()), ".", flags, create_mode)?;
 
+    // SAFETY: `file_fd` is an exclusively owned file descriptor, and it's open
     let file = unsafe { File::from_raw_fd(file_fd) };
     Ok(file)
 }

src/imp/unix/mod.rs

@@ -1,22 +1,22 @@
 use nix::errno::Errno;
+use nix::fcntl::AtFlags;
+use nix::fcntl::OFlag;
 use nix::fcntl::open;
 use nix::fcntl::openat;
 use nix::fcntl::renameat;
-use nix::fcntl::AtFlags;
-use nix::fcntl::OFlag;
 use nix::libc;
+use nix::sys::stat::Mode;
 use nix::sys::stat::fchmod;
 use nix::sys::stat::fstatat;
 use nix::sys::stat::mode_t;
-use nix::sys::stat::Mode;
-use nix::unistd::fchown;
-use nix::unistd::fsync;
-use nix::unistd::unlinkat;
 use nix::unistd::Gid;
 use nix::unistd::Uid;
 use nix::unistd::UnlinkatFlags;
-use rand::distr::Alphanumeric;
+use nix::unistd::fchown;
+use nix::unistd::fsync;
+use nix::unistd::unlinkat;
 use rand::Rng;
+use rand::distr::Alphanumeric;
 use std::ffi::OsStr;
 use std::ffi::OsString;
 use std::fs::File;
@@ -99,6 +99,7 @@ impl Dir {
             OFlag::O_DIRECTORY | OFlag::O_CLOEXEC,
             Mode::empty(),
         )?;
+        // SAFETY: `fd` is an exclusively owned file descriptor, and it's open
         Ok(unsafe { Self::from_raw_fd(fd) })
     }
 }
@@ -120,7 +121,8 @@ impl AsRawFd for Dir {
 impl FromRawFd for Dir {
     unsafe fn from_raw_fd(fd: RawFd) -> Self {
         Self {
-            fd: OwnedFd::from_raw_fd(fd),
+            // SAFETY: upheld by the caller
+            fd: unsafe { OwnedFd::from_raw_fd(fd) },
         }
     }
 }
@@ -190,6 +192,7 @@ fn create_temporary_file(
         }
     };
 
+    // SAFETY: `file_fd` is an exclusively owned file descriptor, and it's open
     let file = unsafe { File::from_raw_fd(file_fd) };
     let temporary_name = random_name.into_os_string();
     Ok((file, temporary_name))

src/lib.rs

@@ -166,6 +166,10 @@
 #![warn(clippy::dbg_macro)]
 #![warn(clippy::print_stderr)]
 #![warn(clippy::print_stdout)]
+#![warn(clippy::missing_safety_doc)]
+#![warn(clippy::unnecessary_safety_doc)]
+#![warn(clippy::unnecessary_safety_comment)]
+#![warn(clippy::undocumented_unsafe_blocks)]
 #![warn(missing_debug_implementations)]
 #![warn(unnameable_types)]
 #![warn(unused_macro_rules)]

src/tests.rs

@@ -63,13 +63,12 @@ fn verify_temporary_file_name<P1: AsRef<Path>, P2: AsRef<Path>>(
 ) {
     let dst_file_name = dst_file_name.as_ref().to_string_lossy().to_string();
     let temp_file_name = temp_file_name.as_ref().to_string_lossy().to_string();
-    let prefix = format!(".{}.", dst_file_name);
+    let prefix = format!(".{dst_file_name}.");
     assert!(
         temp_file_name.is_ascii()
             && temp_file_name.starts_with(&prefix)
             && temp_file_name.len() == prefix.len() + 6,
-        "invalid temporary file name: {:?}",
-        temp_file_name
+        "invalid temporary file name: {temp_file_name:?}"
     );
 }
 

src/unix.rs

@@ -1,8 +1,8 @@
 //! Unix-specific extensions to [`AtomicWriteFile`] and [`OpenOptions`].
 
-use crate::imp::Preserve;
 use crate::AtomicWriteFile;
 use crate::OpenOptions;
+use crate::imp::Preserve;
 use nix::sys::stat::mode_t;
 use std::io::Result;
 use std::os::unix::fs;