Bastien Guerry <b...@gnu.org> writes: > I've skimmed through the discussion but I'm not entirely clear about > the situation. > > Has the situation changed between 9.5 and 9.6? Tom first message > seems to suggest it did, but etc/ORG-NEWS does not say.
I considered this change as a bugfix. Though it was more user-facing than I anticipated. What changed: The prompt previously displayed on code block evaluation is now also displayed when expanding header arguments: #+begin_src emacs-lisp :var x = (message "pwned!") (concat x "foo") #+end_src Before Org 9.6: 1. "pwned!" is displayed 2. Query to evaluate code block is displayed Org 9.6: 1. Query to evaluate (message "pwned!") is displayed 2. If confirmed, it is evaluated 3. Query to evaluate the whole code block is displayed > Whether it changed or not, what is the problem in 9.6? The problem is that Org now displays more queries. > How does the patch solves this problem? It allows disabling these new queries about lisp evaluation outside code blocks without disabling code block eval confirmation completely. I later suggested disabling the queries by default - mimicking the pre 9.6 behaviour yet keeping the ability for concerned users enable the extra confirmation. > Is it a temporary change while we wait for a better change? Yes. Ideally, we need to improve the code evaluation query. It should allow confirming evaluation in bulk and add some code blocks/files to whitelist. Similar to `org--confirm-resource-safe'. > In particular, I'm not sure I understand why this should be added to > 9.6.1---I'm not opposed to it, I just try to understand. A concern have been expressed that more queries may annoy users and drive them towards setting `org-confirm-babel-evaluate' to nil globally. Upon doing this, the future more flexible security queries may be not used by such users. > Also, org-confirm-babel-evaluate-table-cell seems more explicit than > org-confirm-babel-evaluate-cell. But it will not be accurate. The query is now displayed upon executing `org-babel-read' -- cell refers to Elisp code "cell" here. Not to a table cell. -- Ihor Radchenko // yantar92, Org mode contributor, Learn more about Org mode at <https://orgmode.org/>. Support Org development at <https://liberapay.com/org-mode>, or support my work at <https://liberapay.com/yantar92>