develooper Front page | perl.perl5.porters | Postings from August 2016

Re: Alternative Fix for base.pm dot-in-INC mechanic.

Thread Previous | Thread Next
From:
Sawyer X
Date:
August 24, 2016 08:23
Subject:
Re: Alternative Fix for base.pm dot-in-INC mechanic.
Message ID:
c7490edf-2012-8dac-bd07-6e9e28e08f08@gmail.com
Aristotle, thank you for the review and the patch change!


On 08/24/2016 09:04 AM, Aristotle Pagaltzis wrote:
> * Father Chrysostomos <sprout@cpan.org> [2016-08-24 03:36]:
>> (Hey, you have a commit bit!)
> I am well aware. This is not a hard change to make, it’s a hard change
> to vet. I am after code review, not patch submission.

I agree. I think your change makes sense (and I tend to opt for
consistency as well, since it's easier to debug - hopefully without
sacrificing the security perspective of this). I'm sorry to say I'm less
familiar with the base.pm behavior than you or Ribasushi, by far.

We'll delay 5.22.3 and 5.24.1 until we're able to resolve this, and
while I don't want to push, we have to think about vendors who will
merge patches and will release on a different cycle than we do,
including providing backported fixes (as patches) to current "live" systems.

>  Even a single
> person going over a change like this beyond the “your mail looks good
> to me” level of effort seems a lot to hope for, based on track record.
> (Please prove me wrong.)

The original changes (which included many files) *have* been reviewed by
multiple people. People can still make mistakes (especially when it
comes to one specific case that is different than the rest).

Is anyone also familiar with the oddities and internals of base.pm
enough to review it and give more comments? (Even if a +1 of agreement
on Aristotle's comments and revisions.)

Thread Previous | Thread Next


nntp.perl.org: Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About