feat(rust): Disallows Debug format derivation and Debug formatting in release code.

[stevenj]

Description

This change enforces that Debug formatting of structures can not be used in any release build.

This is achieved by using use_debug and also disallowd_macros

Why restrict this?

The purpose of the Debug trait is to facilitate debugging Rust code, and no guarantees are made about its output. It should not be used in user-facing output.

There is also a non zero risk of Debug formatted output leaking secrets or other information which can lead to vulnerabilities or security issues. They will also make any comprehensive security audit of the code difficult, if not impossible, as the output is uncontrolled.

This will also effect wrapping Errors by using {e:?} this is no longer permitted.
If an error is to be wrapped, it should impl Display and we should control what it produces when formatted for printing.

In preference complex structs should have a custom method attached (or impl Display) which allows the intended functional structure (without internal details) to be serialized to a json string. This allows this information to be properly embedded in logs, or later de-serialized and interpreted. This does not impose a requirement to allow all structs to have json de-serialization, and especially not serialization. It is suggested only where the structured contents of the structure are desirable for logging or reporting purposes.

Debug printing is useful during development, and there is no requirement to strip these logs or formatted prints from the code, instead they need to be wrapped to prevent them build built in release mode, but making them available to developers when debugging.

Example:

use clap::Parser;

/// Simple program to demonstrate debug exclusion from production builds
#[cfg_attr(debug_assertions, derive(Debug))]
#[derive(Parser)]
#[command(author, version, about, long_about = None)]
struct Args {
    /// Name of the person to greet
    #[arg(short, long)]
    name: String,

    /// Number of times to greet
    #[arg(short, long, default_value_t = 1)]
    count: u8,
}

/// The main entrypoint of this program.
fn main() {
    let args = Args::parse();

    #[cfg(debug_assertions)]
    println!("{args:?}");
}

Breaking Changes

Intentionally will break builds that use this in release builds.

Please confirm the following checks

• My code follows the style guidelines of this project
• I have performed a self-review of my code
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• My changes generate no new warnings
• I have added tests that prove my fix is effective or that my feature works
• New and existing unit tests pass locally with my changes
• Any dependent changes have been merged and published in downstream module

[Mr-Leshiy]

LGTM

[rafal-ch]

LGTM 👍