raiph mellor wrote: >> However it seems we have to pay a price: each act of rendering a Pod >> file actually means executing the program that's being documented (at >> least the BEGIN blocks and other stuff that happens at compile time), >> with all the security risks implied. So we'll need a *very* good >> sandbox. Is that worth it? > > From the spec: > > However, during parsing and initialization under K<-doc>, the > interpreter only executes those C<BEGIN>, C<CHECK>, and > C<INIT> blocks (and equivalents, such as C<use> statements > and subroutine declarations) that are preceded by the special > prefix: C<DOC>
I didn't read that part, and I wonder how useful it is. Basically to produce a correct parse, any 'use' directive has to be executed, otherwise you can't know if something is a type name, a subroutine name or what not. Also modules can export special syntax, causing the parse to be significantly altered. Cheers, Moritz
