|
updated draft
Alex Shinn
(23 Nov 2013 13:50 UTC)
|
|
Re: updated draft
John Cowan
(24 Nov 2013 23:23 UTC)
|
|
Re: updated draft
Alex Shinn
(25 Nov 2013 00:00 UTC)
|
|
Re: updated draft John Cowan (25 Nov 2013 00:38 UTC)
|
|
Re: updated draft
Alex Shinn
(25 Nov 2013 10:50 UTC)
|
|
Re: updated draft
John Cowan
(25 Nov 2013 18:04 UTC)
|
|
Re: updated draft
Alex Shinn
(29 Nov 2013 01:18 UTC)
|
|
Re: updated draft
John Cowan
(29 Nov 2013 03:39 UTC)
|
Re: updated draft John Cowan 25 Nov 2013 00:38 UTC
Alex Shinn scripsit:
> I answered this indirectly by expanding the history and making clear
> that the entire reason for using regular expressions is that they are
> efficient. I have no intention of removing these warnings because
> this is a genuine security concern that programmers should be aware of.
There's a big difference between "prohibitively expensive" and "should
avoid their use" on the one hand, and "very expensive" and "should
avoid their use except when necessary" on the other. I suggest the
latter language is more appropriate for a feature that is, after all,
being included, not excluded.
> > In <http://srfi.schemers.org/srfi-115/mail-archive/msg00020.html>,
> > Michael Montague requested textual alternate names for the patterns
> > ?, *, +, etc. You agreed, but haven't done it.
>
> I said I see no reason not to do it. If someone comes up with a
> reasonable list of names I can include them.
I propose `optional`, `zero-or-more`, `one-or-more`, `at-least`,
`exactly`, and `repeated`. Verbose, but easy to understand.
--
John Cowan xxxxxx@ccil.org http://ccil.org/~cowan
If I have seen farther than others, it is because I am surrounded by dwarves.
--Murray Gell-Mann