This patch adds several unit tests for `CappedString`, which are
intended to be run under miri since `CappedString` uses lots of unsafe
code. It also adds documentation and documentation tests for a number of
previously undocumented `CappedString` methods.
This patch implements the `CappedString::push` and
`CappedString::push_truncating` methods, which are like
`CappedString::push_str` and friends but take a single character rather
than a string slice.
This patch implements `CappedString::push_str` and its truncating
counterpart, `CappedString::push_str_truncating`. These methods provide
a safe API to append additional string data to the end of a
`CappedString`.
This is a work-in-progress and, like the rest of `CappedString`,
requires unit testing.
This patch replaces the logic in `CappedString::new` for copying the
string data into a `[MaybeUninit<u8>]` buffer with a call to
`CappedString::from_raw_ptr`, which performs the same task.
This patch changes the name of the CappedString error type to be more
descriptive, adds inline and must_use annotations to more public
functions, and begins implementing a wider variety of ways to create a
CappedString.
test.sh previously had each of its runs hard-coded; this patch changes
the script to loop over an array of cargo flags instead. This allows new
flags to be added to the array to easily add new runs to the test
script.
CappedString was previously backed by a `[u8; N]`, which required
zeroing the buffer on creation. It now uses a `[MaybeUninit<u8>; N]`,
which does need to be zeroed. This should improve the performance of
creating a new CappedString, at the cost of slightly more unsafe code
required in its implementation.
Additionally, `as_bytes` and `as_bytes_mut` methods were introduced.
These are primarily used internally in the implementation of
CappedString, but are also provided as part of the public API to allow
users to do low-level operations on the underlying buffer backing the
CappedString. `as_bytes_mut` is unsafe, as this method can be used to
violate the UTF-8 property of the CappedString, which is undefined
behaviour.
The unsafe_op_in_unsafe_fn lint was previously set to allow, meaning
that unsafe function calls and operations were allowed within unsafe
functions without a surrounding unsafe block. This patch changes the
lint to deny, for the purpose of making unsafe operations in the
codebase more explicit.
pantonshire