[Israel.pm] File::Find::Recursive

Levenglick Dov-RM07994 dov at freescale.com
Wed Oct 21 23:41:00 PDT 2009


Hi,
I uploaded a new version with fixes to

I'm quoting the open issues

> > 5. <<<< my ($self, $attr, @val) = @_; >>>> - @val is better passed
as an
> >  array ref (though it's a topic of much heated debate). PBP seems to
> > agree with me on it.
> 
> [Dov L.] The function is public and I didn't see the need to limit the
user
> 

Why do you think that it limits the user?

I think that passing a reference is less intuitive than passing an
array. Personally, as a module user, I prefer to use my actual data as
opposed to references thereof. I can understand both sides of the
arguments, but disagree with you and apparently PBP on it.

> > 6. You seem to also invent another attribute module. Why can't you
use
> > Class-XSAccessor , Moose or possibly even Class-Accessor?
> 
> [Dov L.] Please explain. I don't understand
> 

setters/getters/accessors are functions that are used to provide a more
robust 
API that instead of doing:

<<<<
$self->{'myfield'} = $value;
>>>>

You do:

<<<<
$self->myfield($value);
>>>>

Or:

<<<<
$self->set_myfield($value);
>>>>

Or whatever. Likewise for getters or mutators.

There are plenty of modules to do that on the CPAN, and from what I see
you've 
implemented something of your own. See:

http://www.shlomifish.org/lecture/Perl/Newbies/lecture5/accessors/


Actually, I took the attribute idea from File::Rule. I didn't provide
external direct access (nor do I prevent it); rather I have a
getter/setter.

> > 7. You have:
> >
> > <<<<
> > next if grep /$file/, @{$self->{"_IGNORE_FILE_PATTERN"}};
> >
> >
> > Shouldn't you use a hash here instead, or at least \Q and \E ? This
code
> > smells of regex code injection (similar to SQL injection and
XSS/HTML-
> > injection).
> 
> [Dov L.] Why is regex injection bad? I use it for matching the files
> 

What if $file contains q{.*.*.*} and other crazy stuff that will take a
lot of 
time to match and may not yield the right result. Generally, seeing a
string 
interpolated inside a regex is a red-flag that you want \Q ... \E , etc.
See 
also:

http://perldoc.perl.org/functions/quotemeta.html

I'll look into this

 
Best Regards,
Dov Levenglick
SmartDSP OS Development Leader


More information about the Perl mailing list