Re: too low-level Amirouche Boubekki 28 May 2020 07:05 UTC
Hello Alex, Le lun. 25 mai 2020 à 02:47, Alex Shinn <email@example.com> a écrit : > > json-tokens is a lexer, but many common parsing techniques > do not make use of lexers at all, so this is exposing a specific > implementation detail > > We can instead have json-fold take an input port and allow > implementations to choose their own parsing strategy. Ok, you are at least the second person to say that. I do not know those techniques. Still I will replace json-tokens with a port or generator. > I also don't see the practical use of generators here. Perhaps > an argument could be made for some core Scheme data type, > but JSON is just a transmission format - we're unlikely to want > to construct JSON dynamically for _reading_ purposes in Scheme > (although we might want to dynamically generate on write to > avoid the expensive in-memory representation). I am not sure which generators are not good. Can you point me to a particular definition please? > Also generators discourage fast FFI implementations for non-native-compiled > Schemes. Chibi-Scheme is slow but can beat the fastest > compilers on simple I/O tasks, so it would be a shame to put it > at a disadvantage here. > > I'm not sure it's worth having the nesting depth limit parameter, > as suitable values will be highly implementation dependent. That parameter does not seem very popular. In the JSON lib coming in the standard library of Python there is no such limit, there is only a global recursion limit which leads sometime the CPython interpreter to crash. I think I saw some C library that has it. Anyway, popularity should not prevent us from doing the good thing. In this case, the point of the parameter is to fail fast in web applications. _The default value is infinity._ But it is expected to change the value to something reasonable depending on the application when moving to production. The reason is that parsing any broken deeply nested JSON can lead the implementation to crash or fail in no obvious way which makes the JSON parsing an ideal attack vector for a Denial of Service kind of attack.