Use a sensible editor, instead of an operating system, to view and edit your source files. :)

I'm not using Komodo...

Cheers Rolf

Sorry. Beyond the name I've no knowledge of Komodo. I meant Emacs.

Every perl editor which tries to check for compile time errors and warnings (Komodo, Padre, emacs with flyspell using perl -c, vi?) need to put use Safe upfront, and no Safe at the end of the BEGIN or the begin of INIT.

This cannot be done within Perl generally as users need to execute BEGIN blocks, just not in editors.

The only remaining problem with Safe is then XS code, which might get executed at compile-time and cannot be checked for harm.

Every perl editor which tries to check for compile time errors and warnings...

Which is one reason I don't use such editors. It's like sticking your finger in a power socket to check if it's live.

---

Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.

"Science is about questioning the status quo. Questioning authority".

In the absence of evidence, opinion is indistinguishable from prejudice.

RIP an inspiration; A true Folk's Guy

Hi Reini

I'm not sure what you mean... the editor should parse the code for all occurrences of BEGIN, CHECK and UNITCKECK and wrap each block with "use Safe" and "no Safe"?

Regarding the described problems to parse for such blocks I have no idea how to achieve this reliably withot adding a hook to Perl's parser.

Please see Intercepting compile time blocks like BEGIN {} for more detailed description of what I mean.

Cheers Rolf

your approach wouldn't help:

exit; ''=~('(?{B'.'EGIN{print "owned"}})')

see also Acme::EyeDrops

looks like this has been taken care of!

D:\tmp\pm>type unsafe_regex_BEGIN.pl
exit;

'' =~ ('(?{B'.'EGIN{die "owned"}})');


D:\tmp\pm>perl -c unsafe_regex_BEGIN.pl
Eval-group not allowed at runtime, use re 'eval' in regex m/(?{BEGIN{d
+ie "owned"
}})/ at unsafe_regex_BEGIN.pl line 3.

D:\tmp\pm>perl -v

This is perl 5, version 32, subversion 1 (v5.32.1) built for MSWin32-x
+64-multi-thread
[download]

Tho I don't understand the message. Why "runtime"???

update

found this https://github.com/rurban/perl-compiler/issues/137 and mailed Reini asking for insight. :)

Cheers Rolf
_{(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery}

OK the term "eval-group" seems to refer to an optimization which concats 2 strings °

'' =~ ('STRING1'.'STRING2');

but if you don't bother splitting up the BEGIN you can still inject code at compiletime :(

D:\tmp\pm>type unsafe_regex_BEGIN.pl
exit;
'' =~ m/(?{ BEGIN{ die "owned"} })/ ;

D:\tmp\pm>perl -c unsafe_regex_BEGIN.pl
owned at unsafe_regex_BEGIN.pl line 2.
BEGIN failed--compilation aborted at unsafe_regex_BEGIN.pl line 2.

D:\tmp\pm>
[download]

Cheers Rolf
_{(addicted to the Perl Programming Language :)
Wikisyntax for the Monastery}

°) and variable interpolation in general see re#'eval'-mode

Really???

lanx@nc10-ubuntu:~$ cat >/tmp/tst.pl
exit; ''=~('(?{B'.'EGIN{print "owned\n"}})')
lanx@nc10-ubuntu:~$ perl /tmp/tst.pl
owned
lanx@nc10-ubuntu:~$ perl -c /tmp/tst.pl
/tmp/tst.pl syntax OK
[download]

A syntax check doesn't execute your code!

UPDATE:

corrected test:

lanx@nc10-ubuntu:/tmp$ cat >tst.pl
exit; ''=~('(?{B'.'EGIN{print "owned"}})')
lanx@nc10-ubuntu:/tmp$ cat tst.pl
exit; ''=~('(?{B'.'EGIN{print "owned"}})')
lanx@nc10-ubuntu:/tmp$ perl -c tst.pl
tst.pl syntax OK
ownedlanx@nc10-ubuntu:/tmp$
[download]

WOW! 8(

Cheers Rolf

well, it actually executes for me:

$ perl -c tst.pl
owned
tst.pl syntax OK
$ perl -MO=Deparse tst.pl
owned
exit;
'' =~ /(?{BEGIN{print "owned\n"}})/;
tst.pl syntax OK
$ perl --version

This is perl, v5.10.0 built for x86_64-linux-gnu-thread-multi

Copyright 1987-2007, Larry Wall

Perl may be copied only under the terms of either the Artistic License
+ or the
GNU General Public License, which may be found in the Perl 5 source ki
+t.

Complete documentation for Perl, including FAQ lists, should be found 
+on
this system using "man perl" or "perldoc perl".  If you have access to
+ the
Internet, point your browser at http://www.perl.org/, the Perl Home Pa
+ge.

$
[download]