From a9c6ab1182d7ae2d7be848c33e822324855df967 Mon Sep 17 00:00:00 2001
From: Lucas Kent <rubickent@gmail.com>
Date: Wed, 8 May 2024 11:37:39 +1000
Subject: [PATCH] deny unsafe_code in shotover (#1614)

---
 shotover/src/lib.rs | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/shotover/src/lib.rs b/shotover/src/lib.rs
index e9122ad99..dcfca851d 100644
--- a/shotover/src/lib.rs
+++ b/shotover/src/lib.rs
@@ -24,11 +24,14 @@
 //!     shotover::runner::Shotover::new().run_block();
 //! }
 //! ```
-//!
 
+// If we absolutely need unsafe code, it should be isolated within a separate small crate that exposes a sound safe API.
+// "sound" means that it is impossible for any interaction with the public API of the crate to violate an unsafe invariant which causes UB.
+#![deny(unsafe_code)]
 // Accidentally printing would break json log output
 #![deny(clippy::print_stdout)]
 #![deny(clippy::print_stderr)]
+// allow some clippy lints that we disagree with
 #![allow(clippy::needless_doctest_main)]
 #![allow(clippy::box_default)]
 // Allow dead code if any of the protocol features are disabled