style: add #![deny(unsafe_code)] and isolate wit_bindgen in modules

marclove · marclove · commit ca3d87619f93 · 2025-08-30T23:31:17.000-04:00
Move wit_bindgen::generate! calls into separate `bindings` modules
with #![allow(unsafe_code)] to isolate the unsafe code generation
from the rest of the codebase. Add #![deny(unsafe_code)] at the
crate level for all infrastructure components to enforce memory safety.

This ensures that unsafe code is only used where explicitly needed
(in the generated WIT bindings) while maintaining strict safety
guarantees for all hand-written code.
diff --git a/components/infrastructure/kv-rocksdb/src/lib.rs b/components/infrastructure/kv-rocksdb/src/lib.rs
@@ -1,12 +1,16 @@
+#![deny(unsafe_code)]
 //! Placeholder RocksDB KV adapter implementing `kv` WIT interface.
 //! To be completed with real RocksDB bindings suitable for WASM.
 
-wit_bindgen::generate!({
-    world: "kv-adapter",
-    path: "../../../wit",
-});
+mod bindings {
+    #![allow(unsafe_code)]
+    wit_bindgen::generate!({
+        world: "kv-adapter",
+        path: "../../../wit",
+    });
+}
 
-use exports::keel::infrastructure::kv as wit_kv;
+use bindings::exports::keel::infrastructure::kv as wit_kv;
 
 struct Adapter;
 
diff --git a/components/infrastructure/sql-cloudflare-do/src/lib.rs b/components/infrastructure/sql-cloudflare-do/src/lib.rs
@@ -1,6 +1,10 @@
+#![deny(unsafe_code)]
 //! # Cloudflare DO SQL Adapter
 
-wit_bindgen::generate!({
-    world: "sql-adapter",
-    path: "../../../wit",
-});
+mod bindings {
+    #![allow(unsafe_code)]
+    wit_bindgen::generate!({
+        world: "sql-adapter",
+        path: "../../../wit",
+    });
+}
diff --git a/components/infrastructure/sql-spin-sqlite/src/lib.rs b/components/infrastructure/sql-spin-sqlite/src/lib.rs
@@ -1,14 +1,18 @@
+#![deny(unsafe_code)]
 //! Spin-backed SQLite implementation of the `sql` WIT interface.
 //! Uses Spin's host-provided SQLite for performance and simplicity.
 
 use spin_sdk::sqlite::{Connection, QueryResult as SpinQueryResult, Value as SpinValue};
 
-wit_bindgen::generate!({
-    world: "sql-adapter",
-    path: "../../../wit",
-});
+mod bindings {
+    #![allow(unsafe_code)]
+    wit_bindgen::generate!({
+        world: "sql-adapter",
+        path: "../../../wit",
+    });
+}
 
-use exports::keel::infrastructure::sql::{self as wit_sql};
+use bindings::exports::keel::infrastructure::sql::{self as wit_sql};
 
 // Map WIT sql-value to Spin SQLite Value
 fn to_spin_value(v: &wit_sql::SqlValue) -> Result<SpinValue, wit_sql::SqlError> {
diff --git a/components/infrastructure/sql-sqlite/src/lib.rs b/components/infrastructure/sql-sqlite/src/lib.rs
@@ -1,9 +1,13 @@
+#![deny(unsafe_code)]
 //! # sqllite Adapter
 //!
 //! ## Implementation Status
 //!
 
-wit_bindgen::generate!({
-    world: "sql-adapter",
-    path: "../../../wit",
-});
+mod bindings {
+    #![allow(unsafe_code)]
+    wit_bindgen::generate!({
+        world: "sql-adapter",
+        path: "../../../wit",
+    });
+}
