Open tim2CF opened 4 years ago
how do we distinguish pure functions, by whitelisting?
It might be easiest way. In Erlang/Elixir actually there is white list of these functions. Functions which are allowed in guards are pure for sure. If we can introspect them somehow and get list of them in compile-time, will be super cool. But not big deal to copy this list manually as well. https://hexdocs.pm/elixir/guards.html If we do any of these options - we also should implement additional checks of AST or some introspection of currenct namespacing to not allow something like this
import Kernel, except: [{:'-', 1}]
import UnpureOverride, only: [{:'-', 1}]
It definitely can be done, but it's already a lot of job. Issue is not ungrent, it can be worked around with strings + String.to_integer in runtime
foo: "-36"
The most short and awesome solution there - just reuse some parts of Erlang/Elixir compiler which are doing validity checks for guard expressions. Something like
valid_guard?(ast) :: boolean
It probably exists somewhere, and already doing all smart checks
erl_internal:guard_bif/2
or erl_lint:is_guard_test/1
Atm ExEnv does not allow any function application in configs for security reasons. But it actually can safely accept any pure function application. For example
will not be accepted now because of
&Kernel.-/1
function application. But it make sense to accept pure expressions like this.