Aldo Cortesi <[EMAIL PROTECTED]> wrote: > Thus spake Steven D'Aprano ([EMAIL PROTECTED]): > > > If you're relying on cursory visual inspection to recognize harmful code, > > you're already vulnerable to trojans. > > What a daft thing to say. How do YOU recognize harmful code in a patch > submission? Perhaps you blindly apply patches, and then run your test suite on > a quarantined system, with an instrumented operating system to allow you to > trace process execution, and then perform a few weeks worth of analysis on the > data? > > Me, I try to understand a patch by reading it. Call me old-fashioned.
I concur, Aldo. Indeed, if I _can't_ be sure I understand a patch, I don't accept it -- I ask the submitter to make it clearer. Homoglyphs would ensure I could _never_ be sure I understand a patch, without at least running it through some transliteration tool. I don't think the world of open source needs this extra hurdle in its path. Alex -- http://mail.python.org/mailman/listinfo/python-list
