Looks great. Thanks, Jay. Robby
On Wed, Nov 27, 2013 at 8:24 PM, Jay McCarthy <j...@racket-lang.org> wrote: > I left the other commit in place so that even if users customize > download? and install? the command-line tool will continue to work. > > Jay > > On Wed, Nov 27, 2013 at 7:23 PM, <j...@racket-lang.org> wrote: > > jay has updated `master' from c980182b6b to 1741e1b0d1. > > http://git.racket-lang.org/plt/c980182b6b..1741e1b0d1 > > > > =====[ 2 Commits ]====================================================== > > Directory summary: > > 44.7% pkgs/planet-pkgs/planet-doc/planet/ > > 55.2% racket/collects/planet/private/ > > > > ~~~~~~~~~~ > > > > 680b6f4 Jay McCarthy <j...@racket-lang.org> 2013-11-27 19:09 > > : > > | Revert "Remove arbitrary code execution exploit from Racket and > DrRacket" > > | > > | This reverts commit cf1755fc173cef39c3c4592011623269735084c0. > > : > > M racket/collects/planet/private/resolver.rkt | 8 ++++---- > > > > ~~~~~~~~~~ > > > > 1741e1b Jay McCarthy <j...@racket-lang.org> 2013-11-27 19:22 > > : > > | Explain how to control whether Planet auto-installation is enabled > > : > > M pkgs/planet-pkgs/planet-doc/planet/planet.scrbl | 10 ++++++++++ > > > > =====[ Overall Diff ]=================================================== > > > > pkgs/planet-pkgs/planet-doc/planet/planet.scrbl > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > --- OLD/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl > > +++ NEW/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl > > @@ -8,6 +8,7 @@ > > planet/util > > planet/version > > planet/syntax > > + planet/resolver > > planet/scribble) > > scribble/bnf) > > > > @@ -160,6 +161,15 @@ Once that is complete, PLaneT will use that version > of the > > package for any subsequent @racket[require]s and won't try > > to use the network. > > > > +If you wish to ensure that PLaneT won't use the network even if your > > +operating system allows it, you can use the @racket[download?] > > +parameter of the @racketmodname[planet/resolver] module to control > > +whether it attempts to download files. Similarly, you can use the > > +@racket[install?] parameter to prevent installation. Finally, you can > > +block access at the operating system level to the path returned by > > +@racket[(PLANET-BASE-DIR)] to control which operating system users can > > +install PLaneT packages. > > + > > @subsection{Fine-Grained Control Over Package Imports} > > > > The PLaneT client is designed to balance two competing goals: > > > > racket/collects/planet/private/resolver.rkt > > ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > > --- OLD/racket/collects/planet/private/resolver.rkt > > +++ NEW/racket/collects/planet/private/resolver.rkt > > @@ -219,9 +219,9 @@ See the scribble documentation on the > planet/resolver module. > > (struct-out exn:fail:planet)) > > > > ;; if #f, will not install packages and instead raise a > exn:fail:install? error > > -(define install? (make-parameter #f)) > > +(define install? (make-parameter #t)) > > ;; if #f, will not download packages and instead raise a > exn:fail:install? error > > -(define download? (make-parameter #f)) > > +(define download? (make-parameter #t)) > > (define-struct (exn:fail:planet exn:fail) ()) > > > > ;; update doc index only once for a set of installs: > > @@ -541,7 +541,7 @@ See the scribble documentation on the > planet/resolver module. > > (unless (download?) > > (raise (make-exn:fail:planet > > (format > > - "PLaneT error: cannot download package ~s without > permission. Give permission with download? parameter or use 'raco planet > install'" > > + "PLaneT error: cannot download package ~s since the > download? parameter is set to #f" > > (list (car (pkg-spec-path pkg)) (pkg-spec-name pkg))) > > (current-continuation-marks)))) > > ((if (USE-HTTP-DOWNLOADS?) download-package/http > download-package/planet) > > @@ -577,7 +577,7 @@ See the scribble documentation on the > planet/resolver module. > > (unless (install?) > > (raise (make-exn:fail:planet > > (format > > - "PLaneT error: cannot install package ~s without > permission. Give permission with download? parameter or use 'raco planet > install'" > > + "PLaneT error: cannot install package ~s since the > install? parameter is set to #f" > > (list (car pkg-path) pkg-name maj min)) > > (current-continuation-marks)))) > > (define owner (car pkg-path)) > _________________________ > Racket Developers list: > http://lists.racket-lang.org/dev >
_________________________ Racket Developers list: http://lists.racket-lang.org/dev