Proposal: shallow validation of unquoted AST #13950
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
LGTM. |
josevalim
reviewed
Nov 2, 2024
lib/elixir/src/elixir_quote.erl
Outdated
|
|
||
| shallow_valid_ast(Expr) when is_list(Expr) -> lists:all(fun shallow_valid_ast/1, Expr); | ||
| shallow_valid_ast(Expr) when is_atom(Expr); is_binary(Expr); is_number(Expr); is_pid(Expr) -> true; | ||
| shallow_valid_ast({Left, Right}) -> shallow_valid_ast(Left) andalso shallow_valid_ast(Right); |
There was a problem hiding this comment.
I am thinking we should skip this one... the combination of traversing lists and two-element tuples mean we can traverse large keywords? 🤔 Or perhaps we pass a flag to control the level, so we don't recur beyond the first 2-elem tuple/list?
There was a problem hiding this comment.
Keywords was what I had in mind, I didn't think about large ones (is it so common in AST?)
I like the idea of having some nested flag to avoid doing a deep check 👍 will update
There was a problem hiding this comment.
Fixed in 96bb33a.
- we can now only check one depth of lists
- I don't think having deeply nested size-2 tuples is such a realistic scenario, so I'm not checking for the depth there to keep it simple
sabiwara
force-pushed
the
invalid-unquote
branch
from
6ea0b44 to
fa8a05d
Compare
sabiwara
force-pushed
the
invalid-unquote
branch
from
fa8a05d to
2a74ab8
Compare
josevalim
approved these changes
Nov 3, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I didn't fix all tests yet, this is a proof of concept for discussion.
The idea is to introduce a shallow validation when using
unquote, to give early feedback to meta-programmers when building obviously invalid AST which might fail later down the lane in a way that would then be non-obvious and harder to debug.In order to avoid any slowdown especially when building complex ASTs, we do not loop on the whole AST (args just have to be a list), but this could catch many trivial errors e.g. forgetting to escape a map.
I had the idea on the back of my mind for a while, but #13948 reminded me of it.
Note: This could perhaps just be a warning for now if we want to be conservative.