Some Perl 5 programs take a regex (in string form) as input, and simply interpolate it into a regex.
In Perl 6, you'd do that as my $re = rx/ <$input> /; But since $input can contain closures, arbitrary code can be executed. I'd like to propose a way to compile a string to a regex which doesn't allow code execution. When the compiler compiles a regex embedded in a normal Perl 6 program, it somehow has to know about lexical scopes for variable (non)-interpolation, and about the outer language to parse {...} and <{...}> closures. So I'd like an API which resets theses environmental informations. For example my $rx = Regex.new(:string('abc|d'), :safe); could compile the string 'abc|d' to a regex, disallowing references to external variables, {...} and <{...}> closures and code in the form of :my $x = somecode(); If the string is tainted, :safe could be enabled by default. Do you think it's a good idea? Do the implementers think it's doable with reasonable effort? Moritz