raiph mellor wrote:
>> However it seems we have to pay a price: each act of rendering a Pod
>> file actually means executing the program that's being documented (at
>> least the BEGIN blocks and other stuff that happens at compile time),
>> with all the security risks implied. So we'll need a *very* good
>> sandbox. Is that worth it?
> 
> From the spec:
> 
>    However, during parsing and initialization under K<-doc>, the
>    interpreter only executes those C<BEGIN>, C<CHECK>, and
>    C<INIT> blocks (and equivalents, such as C<use> statements
>    and subroutine declarations) that are preceded by the special
>    prefix: C<DOC>

I didn't read that part, and I wonder how useful it is.

Basically to produce a correct parse, any 'use' directive has to be
executed, otherwise you can't know if something is a type name, a
subroutine name or what not. Also modules can export special syntax,
causing the parse to be significantly altered.

Cheers,
Moritz

Reply via email to