Front page | perl.perl5.porters |
Postings from October 2012
David Golden <xdg@xdg.me> wrote: :On Sun, Oct 21, 2012 at 5:32 PM, <hv@crypt.org> wrote: [...] :> I do not think it is appropriate silently to subvert someone else's :> test suite based on your guesses about their intent. : :IMO, the "-t/-T" shebang hack in Test::Harness is a crude mechanism :that itself breaks things in subtle ways. I've had problems where -T :on the .t shebang in module A triggers a bug in module D way down in :the dependency chain that is only exposed when tainting is on. [...] That's a good thing, right? It's correctly showing that module A is not safe to use under taint, due to a deficient dependency? [...] :> Quite likely there will be some module authors who will rather feel :> "taint support is required for my module, it is quite correct for the :> test suite to fail if run using a perl that is unable to provide it". [...] :> Given the historical status quo, it is unreaonable to put the burden :> on the latter class of authors to discover the new state of affairs :> and take steps to cope with it : :No offense, but that's utter BS. Compared to the *absolute insanity* :we've created by CHANGING WARNING TEXT from time to time, or fixing :bugs that trigger new warnings, this would be trivial. We :not-infrequently make authors discover the new state of affairs to :avoid test failures. I'm not exactly sure what you're objecting to here, but I'm also not at all sure what I was actually trying to say, so it's probably a fair cop. The intent was: an author actively testing taint should not have their tests silently appear to pass - they should be required to opt in for such passing behaviour. However I can't think of a class of "active" tests that doesn't involve verifying that something is tainted, so given there's no plan to subvert anything to *appear* to raise taint errors I think this was just me coming up with a red herring. Apologies for any confusion, HugoThread Previous | Thread Next