From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms5.migadu.com with LMTPS id cPLYChufH2PSMwAAbAwnHQ (envelope-from ) for ; Mon, 12 Sep 2022 23:05:31 +0200 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id oEPfChufH2N4KwAA9RJhRA (envelope-from ) for ; Mon, 12 Sep 2022 23:05:31 +0200 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 9088815DE9 for ; Mon, 12 Sep 2022 23:05:30 +0200 (CEST) Received: from localhost ([::1]:45968 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1oXqcT-00049Y-DT for larch@yhetil.org; Mon, 12 Sep 2022 17:05:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:59600) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1oXqan-00049N-UW for emacs-orgmode@gnu.org; Mon, 12 Sep 2022 17:03:46 -0400 Received: from mail-pj1-x1029.google.com ([2607:f8b0:4864:20::1029]:40695) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1oXqam-0006GX-8C for emacs-orgmode@gnu.org; Mon, 12 Sep 2022 17:03:45 -0400 Received: by mail-pj1-x1029.google.com with SMTP id q9-20020a17090a178900b0020265d92ae3so13541731pja.5 for ; Mon, 12 Sep 2022 14:03:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:message-id:in-reply-to:date:subject:cc:to:from :user-agent:references:from:to:cc:subject:date; bh=OYjd68JE3qtKO6TCUp9Y/R6z7XJuk91mz/xV2m7PFB4=; b=VICIdlYmkJa8w7uoNZmWzXPjhnNipEMu2yorcqfA9xV8HZzjpJQCqqb2KWc+PN7sFr QQ6EUpyiqfODy4SkIr1w/68SqufWMK91mpEZKlMeFaMapVzHhl6k0oVPqa/Tbc/eeuTI KqTjNG1V1PzVuqZJolUoFMJUhy1g81+p9+0vt5YENFQQUdoNGxReIHLh7VZ9nyCgKAVN CaV0LSZQSCT9/1A3JpUBUSut/XT1NBf02OvrXmgmuHaYOFtbQorm0Dpe6wQe7cYNN2Z1 7rbLotDXHSYa+XWbTBdsf5SW6N9cJXKKaq1YHZT5t7g5LQXzsDn/1xJDXNQJahzStY4Q stmQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=mime-version:message-id:in-reply-to:date:subject:cc:to:from :user-agent:references:x-gm-message-state:from:to:cc:subject:date; bh=OYjd68JE3qtKO6TCUp9Y/R6z7XJuk91mz/xV2m7PFB4=; b=NODnHKYMmgMWYK+XwIduQAFO6//QinhbHOSngt3xgjYAWXAsIrns08zAZsKS5hfppn x6J4SUKnANQXQFgWuy9KJpb3vaLdtGlgcXIp1BYtXHqS6BZ5ZCdD463AeQDgyr+RjCLb uAVBIKuzu8MH/P89A6jotXnWvhDppm7ZT23qqtFXicEA7dvjitaeMu38DJc2q+kmjOmY FKSs7IYWXszuqHqyL+nCo2Ot6lqhuvR7Za7bc7wxIroNEHJWmRCZdoaKgK+vgGiL2Rbo Z44P4097sh7Mmc2xLIO2bYLpBoQ4wvOWrB7Ea7WHLKmmq1OC6hh+iYqu5W/sBEDFCIJE JmPQ== X-Gm-Message-State: ACgBeo1VtFWwxhXDyigTcHrCrA5UiHYJyhfLX4dxxSubAS8h0/pbiLDv XWoJZ9l4rooou+sG5AY8vaeh37kEQgk= X-Google-Smtp-Source: AA6agR6dKIsoVbJTjxtdl7V2Rd98P/WgykB+RuXw1YByKfbsd+6aZf5bUDwcETiOQjgFWghrNyt4xg== X-Received: by 2002:a17:902:e94f:b0:173:d0d:c4f5 with SMTP id b15-20020a170902e94f00b001730d0dc4f5mr28909353pll.167.1663016622025; Mon, 12 Sep 2022 14:03:42 -0700 (PDT) Received: from dingbat (2001-44b8-31f2-bb00-842a-7361-87c7-2662.static.ipv6.internode.on.net. [2001:44b8:31f2:bb00:842a:7361:87c7:2662]) by smtp.gmail.com with ESMTPSA id k6-20020a17090a514600b001f8c532b93dsm5624313pjm.15.2022.09.12.14.03.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 12 Sep 2022 14:03:41 -0700 (PDT) References: <595135.1662491125@archlinux> <87zgfao1hu.fsf@localhost> <877d2ddrkn.fsf@localhost> <8735cyxonl.fsf@localhost> <1966694.1662990962@archlinux> User-agent: mu4e 1.9.0; emacs 29.0.50 From: Tim Cross To: Greg Minshall Cc: Ihor Radchenko , Fedja Beader , emacs-orgmode@gnu.org Subject: Re: per-file (or, really, per buffer) allowing/disallowing code block execution Date: Tue, 13 Sep 2022 06:38:37 +1000 In-reply-to: <1966694.1662990962@archlinux> Message-ID: <86r10g9ufs.fsf@gmail.com> MIME-Version: 1.0 Content-Type: text/plain Received-SPF: pass client-ip=2607:f8b0:4864:20::1029; envelope-from=theophilusx@gmail.com; helo=mail-pj1-x1029.google.com X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: emacs-orgmode@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "General discussions about Org-mode." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org Sender: "Emacs-orgmode" X-Migadu-Flow: FLOW_IN X-Migadu-To: larch@yhetil.org X-Migadu-Country: US ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1663016730; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=OYjd68JE3qtKO6TCUp9Y/R6z7XJuk91mz/xV2m7PFB4=; b=C72VOKZm/qoVPo5j74kfzp3F8QRVAH9u2MzMzM6+yFBjcKfCfP01QqMcYqrG+9BqAgd0tI lt5OHeRdSrIVYfurNe7rew4qIN2HCRFX37hvxr7pxYixuACWesONZAg3I6S5fE4YKP7+h/ TehGYQBDYF/Twa9XwqQIasYQ8kGR82vIZchSq4wZhhVMJdNgDokUmHiH22HS0kYi5aqyyd 2o+aXm2fkST0aq5fFl/hToc2eE3Ogf0F2HrtKsvwu2uSgT/s25hNsTFrLDav4jG8Y72GuO qSFGnKszDGkh5sy63/HiGQlU8mPaUKGBrS7DWuusPSmHtCn9Gs9K1FtXiYjRDQ== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1663016730; a=rsa-sha256; cv=none; b=BGPPcWwwWu9VzdlI+pHZU7K5nKrlWSFgfYTz+FUcHQa4x+9QDtiJtbm4fvuTTGv3hdpKax cpDld1FpkFTcIUxvxX2dR2lCuevjHVXQXPylnnOrpJa1cMTymdxzv/jSMH2XLVaygg+l6c h3BZOHtM5D2KU9m1ISAAYlRJmWRfkEkHP8/Q9aw4yAeV8AgJgcX5um3jKrAmAS1MMI7WZ7 x86dDAMfT+B43+OuF0OqVtJdv9XE0uSu2m9lZgmdfmC/MhzQti0yp5pkbNsrsJ9ge6bfoW C95LP31keFqS5HVf9bP+6KCLR0lcVPHXAbjytZfMHYP4bv9DLvAOccZj6F7NJA== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=VICIdlYm; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Spam-Score: -2.31 Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=gmail.com header.s=20210112 header.b=VICIdlYm; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org" X-Migadu-Queue-Id: 9088815DE9 X-Spam-Score: -2.31 X-Migadu-Scanner: scn1.migadu.com X-TUID: ynKnwVLHDJy/ Greg Minshall writes: > Ihor, Fedja, et al., > > i think this is very good. > > my suggestion would be to *not* permanently mark a file as safe (i.e., i > would vote against org-confirm-babel-evaluate-safe-paths); rather, let a > local variable do that. i worry about keeping state in "side cars" (if > one calls them that), as it may be harder for the user to "grep" to find > why some expected behavior is occurring, etc. > > in the "default" setting, asking to evaluate a src block would ask: > - "yes" [y] > - "no" [n] > - "always this buffer" [Y?] > - "never this buffer" [N?] > > the last two would only survive this buffer; once the buffer is closed > and re-opened, you're back to "default" (unless, of course, there's a > local variable set). > > Ihor, you suggested other meanings for "yes +". while they all are > useful, i like the simplicity of just the "always for this buffer". > and, per-src block seems overkill, and too complicated, too much state > for the user to remember (but, i'm old, so memory is *always* an issue! > :). > > when the user responds "always this buffer", maybe a message that, if > they want the same behavior for future buffers of this same file, add a > local variable. > > anyway, that's my 2 cents. > > cheers, Greg > > ps -- i'm neutral w.r.t. single letter versus word-length, completing > read, prompts [the above suggestions notwithstanding]. All the points listed here seem reasonable at various levels. However, I do think we need to be careful not to go too far in the other direction. If the user wants a foot gun, they should be allowed to have one, we should not give them one by default though. There are valid use cases for a configuration which does not require user interaction (to answer questions on block evaluation), for example, when you want to process many org files in a batch process without user interaction. Likewise, I don'tg want Emacs to become too much of a 'nanny'. If I decide the code in a file is safe and permanently safe, I want to be able to disable the queries on that file permanently. I'm happy using local variables to do this, though I would also like a global option as well. With regard to long or short answers to such questions, I think the default should be the longer yes/no, but the user should be able to set it to y/n (i.e. same as normal Emacs behaviour). Ideally, this would fall under the same setting as the new y-or-n facility in recent emacs versions (replacing the old approaches like defalias). Finally, while I can see there is a use case for being able to have fine grained control over individual block execution, I don't think having it as a prompt is the correct approach. Once you have many of these blocks in a file, that prompt will rapidly become annoying. When I've required this level of control, I've found header arguments work fine and I'm not sure the added complexity is worth it.