[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: updated draft

This page is part of the web mail archives of SRFI 115 from before July 7th, 2015. The new archives for SRFI 115 contain all messages, not just those from before July 7th, 2015.

On Mon, Nov 25, 2013 at 9:38 AM, John Cowan <cowan@xxxxxxxxxxxxxxxx> wrote:
Alex Shinn scripsit:

> I answered this indirectly by expanding the history and making clear
> that the entire reason for using regular expressions is that they are
> efficient.  I have no intention of removing these warnings because
> this is a genuine security concern that programmers should be aware of.

There's a big difference between "prohibitively expensive" and "should
avoid their use" on the one hand, and "very expensive" and "should
avoid their use except when necessary" on the other.  I suggest the
latter language is more appropriate for a feature that is, after all,
being included, not excluded.

Expensive is the O(n^3) for the next step up the Chomsky hierarchy.
I think exponential warrants the use of "prohibitively."  The feature
is included mostly for completeness, for round-trip conversion from
existing PCRE libraries, and I think the advice that it should never
actually be used is warranted.

More importantly, while I appreciate your attention to editorial
detail, I think you need to lighten up.  We had to be very precise
for the core document because there were a lot of eyes on it and
people were very, very picky about exactly what went into it.
This is just a SRFI for a library, and I think a little opinion and dare
I say "color" from the authors should be allowed.

Right now what we want more than anything is people jumping
in and writing new SRFIs.  It's a tiring and thankless enough task
as it is without requiring that the prose be boring.

> > In <http://srfi.schemers.org/srfi-115/mail-archive/msg00020.html>,
> > Michael Montague requested textual alternate names for the patterns
> > ?, *, +, etc.  You agreed, but haven't done it.
>
> I said I see no reason not to do it.  If someone comes up with a
> reasonable list of names I can include them.

I propose `optional`, `zero-or-more`, `one-or-more`, `at-least`,
`exactly`, and `repeated`.  Verbose, but easy to understand.

And the same all prefixed with `non-greedy-' I suppose?
`non-greedy-one-or-more', ...

-- 
Alex