From tal at it-innovation.soton.ac.uk Mon Feb 1 08:23:41 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 01 Feb 2010 16:23:41 +0000 Subject: [e-lang] XML library: requirements gathering In-Reply-To: References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> Message-ID: <1265041421.3552.26.camel@danebury.it-innovation.soton.ac.uk> On Sun, 2010-01-17 at 15:44 -0500, Kevin Reid wrote: > On Jan 17, 2010, at 14:03, Thomas Leonard wrote: > > 2010/1/17 Kevin Reid : > >> I'm currently implementing it by wrapping DOM trees with an immutable > >> interface, as this seems like both the simplest path and one which > >> minimizes the amount of (currently slow) E code executed in the high- > >> repeat-count paths. [...] > > Sounds good. How do namespaces combine? [...] > In the long run, this should be an option; currently, it will be > "whatever Java does" if Java does in fact ensure namespace > consistency. In general, I will preserve prefixes, since XML Infoset > says they are significant. Note that e.g. XSLT documents make > references to prefixes inside of attribute values (XPath expressions) > which makes renaming hairy. Good point. > >> * It is possible to construct a customized XML quasiparser with a > >> given set of namespace declarations. > >> > >> * There are means to traverse and pattern-match XML trees. > >> Currently I > >> have two plans in mind for this: > >> 1. XPath expressions can be used as subscripts. Example: > >> ? xml`xyzfoobar`[xpath`a/text()`] > >> # value: [xml`xyz`, xml`bar`] > >> (This is a working-right-now example.) [...] Can we get hold of this code from somewhere to test it? Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Mon Feb 1 08:49:41 2010 From: kpreid at mac.com (Kevin Reid) Date: Mon, 1 Feb 2010 11:49:41 -0500 Subject: [e-lang] XML library: requirements gathering In-Reply-To: <1265041421.3552.26.camel@danebury.it-innovation.soton.ac.uk> References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> <1265041421.3552.26.camel@danebury.it-innovation.soton.ac.uk> Message-ID: On Feb 1, 2010, at 11:23, Thomas Leonard wrote: >>>> * It is possible to construct a customized XML quasiparser with a >>>> given set of namespace declarations. >>>> >>>> * There are means to traverse and pattern-match XML trees. >>>> Currently I >>>> have two plans in mind for this: >>>> 1. XPath expressions can be used as subscripts. Example: >>>> ? xml`xyzfoobar`[xpath`a/text()`] >>>> # value: [xml`xyz`, xml`bar`] >>>> (This is a working-right-now example.) > [...] > Can we get hold of this code from somewhere to test it? It exists in a not-yet-published Git repository. I would have gotten it cleaned up and available, but schoolwork and a cold have wiped out my free time/enthusiasm for the past week. Sorry! -- Kevin Reid From tal at it-innovation.soton.ac.uk Thu Feb 11 08:50:27 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Thu, 11 Feb 2010 16:50:27 +0000 Subject: [e-lang] Alternative E loader Message-ID: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> Hi all, The E documentation (e.g. the Walnut guide) suggests that .emaker files should be placed somewhere in classpath and then imported using . If I want to depend on someone else's library then presumably I'm supposed to add their jar or directory to my classpath. However: - The classpath is a global (process-wide) namespace, so their emakers may override or conflict with existing ones. - Their jar may also introduce other files that affect the whole process (e.g. .safej files, giving their emakers access to unsafe Java code). - I have to mess around with extra -cpa options in the launcher scripts (which always has to be duplicated, to support Linux and Windows). - I can't add extra modules at runtime. - I can't depend on two libraries that use the same class names (e.g. two different versions of the same library). How is this normally handled? I tried adding a small loader of my own that loads from a directory rather than from classpath: http://barooga.it-innovation.soton.ac.uk/cgi-bin/gitweb.cgi?p=labs/e-prototype;a=blob;f=launchers/loader.emaker;h=1f05752899f9716357a40b0f4092766947e2d305;hb=a40ed46477f54ad3596fb98b53a7de8c1210aad1 For example, I have a module containing some test cases. These depend on some sample services in a module called "airport" and on some core code in a module called "gria". I have a launcher script that runs the tests like this: def makeScope := def makeLoader := makeLoaderAuthor(makeScope) # The main code gets access to itself through def := makeLoader(, [ => ], "gria$") # The airport sample services access the main code through and themselves as def := makeLoader(, [ => , => ], "airport$") # The tests get access to and the sample services def := makeLoader(, [ => , => ], "tests$") # Run the tests... .getWithBase("tests.e", privilegedScope.getState()) The first argument to makeLoader/3 is the directory with the code, the second is a map of extra things to put in the scope of every loaded emaker (here, loaders for the module's dependencies) and the third is the fqnPrefix (needed by makeScope, though it doesn't seem to matter what I use). For example, an emaker in the tests module would import something from the gria module using: def makeFoo := rather than (as before): def makeFoo := I also got it to put a loader in every emaker's scope, which allows importing from the same directory (or from sub-directories). This seems to be quite convenient, and would also make it easier for new users to get started because you can just put a second emaker file in the same directory as your main code and import it, without messing with your rune options. (I'm not quite decided as to whether should refer to the parent directory of the file or to the root directory for the whole module) As far as I can see, this solves my problems. I can add extra modules as dependencies without modifying classpath, and at runtime if necessary. Modules don't get to add .safej files or otherwise mess with the JVM, so they're easier to audit. Is there something like this already in the E library that I've missed? Is this a sensible approach? I was worried that a pure E loader might slow things down but, for reasons I don't understand, my loader is faster than E's ! At least, it is when running my tests (which were not designed to measure performance, just to test the code). They take about 40s to run using and about 35s using the new system. If I modify my loader to cache the result of each import (which is slightly unsafe, given that DeepFrozen doesn't work on code) then this drops to 30s, which is still slightly faster than E's modified to assume everything is deep-frozen (31s). -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From tal at it-innovation.soton.ac.uk Fri Feb 12 07:55:04 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Fri, 12 Feb 2010 15:55:04 +0000 Subject: [e-lang] XML library: requirements gathering In-Reply-To: References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> <1265041421.3552.26.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1265990104.2516.18.camel@danebury.it-innovation.soton.ac.uk> On Mon, 2010-02-01 at 11:49 -0500, Kevin Reid wrote: > On Feb 1, 2010, at 11:23, Thomas Leonard wrote: > > >>>> * It is possible to construct a customized XML quasiparser with a > >>>> given set of namespace declarations. > >>>> > >>>> * There are means to traverse and pattern-match XML trees. > >>>> Currently I > >>>> have two plans in mind for this: > >>>> 1. XPath expressions can be used as subscripts. Example: > >>>> ? xml`xyzfoobar`[xpath`a/text()`] > >>>> # value: [xml`xyz`, xml`bar`] > >>>> (This is a working-right-now example.) > > [...] > > Can we get hold of this code from somewhere to test it? > > > It exists in a not-yet-published Git repository. > > I would have gotten it cleaned up and available, but schoolwork and a > cold have wiped out my free time/enthusiasm for the past week. Sorry! No problem; I've make a temporary (string-based) one which we're using while the proper version is being developed: http://barooga.it-innovation.soton.ac.uk/cgi-bin/gitweb.cgi?p=labs/e-prototype;a=blob;f=src/main/e/gria/tools/xml.emaker;h=41b1281450570c2deb7c18b0e259fdfcc7aca2a9;hb=e9105f9e46db8680a3843cbafe9dae73e0d6cdec -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From tal at it-innovation.soton.ac.uk Fri Feb 12 08:25:48 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Fri, 12 Feb 2010 16:25:48 +0000 Subject: [e-lang] Some minor bugs (switch and traceln) Message-ID: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> A couple of minor bugs: When there is no match for a switch statement, the expansion (ENodeBuilder.switchx) is: throw("no match: " + temp) This leads to errors such as: ? switch (["hello"]) { } === 2010-02-12T16:21:04.362Z (Twine.add:Twine.java:345) WRN eruntime: Twine + non-Twine EList : (['n', 'o', ' ', 'm', 'a', 't', 'c', 'h', ':', ' ', "hello"]) @ Twine#add(Object) @ add/1 @ EExpr#evalToPair(Scope) @ evalToPair/1: # problem: # # - Thrower#run(RuntimeException) # . throw(['n', 'o', ' ', 'm', 'a', 't', 'c', 'h', ':', ' ', "hello"]) # @ run/1 # - EExpr#evalToPair(Scope) # . e`{\n def specimen__5 := ...tch: ".add(specimen__5))\n}`.evalToPair() # @ evalToPair/1: Secondly, the line wrapping code in Traceln.java loses a character when wrapping: ? traceln("." * 74 + "12345") === 2010-02-12T16:22:36.069Z (Traceln.traceit:Traceln.java:89) WRN __main: > ..........................................................................12\ > 45 (though really I'd prefer to disable the wrapping entirely and have the terminal deal with it; that way I could have my logs as wide or narrow as I like and copy-and-paste would work correctly) Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Fri Feb 12 09:04:15 2010 From: kpreid at mac.com (Kevin Reid) Date: Fri, 12 Feb 2010 12:04:15 -0500 Subject: [e-lang] Some minor bugs (switch and traceln) In-Reply-To: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> On Feb 12, 2010, at 11:25, Thomas Leonard wrote: > A couple of minor bugs: > > When there is no match for a switch statement, the expansion > (ENodeBuilder.switchx) is: > > throw("no match: " + temp) > > This leads to errors such as: > > ? switch (["hello"]) { } > > === 2010-02-12T16:21:04.362Z (Twine.add:Twine.java:345) WRN > eruntime: Twine + non-Twine EList : (['n', 'o', ' ', 'm', 'a', 't', > 'c', 'h', ':', ' ', "hello"]) > @ Twine#add(Object) > @ add/1 > @ EExpr#evalToPair(Scope) > @ evalToPair/1: e/elang/cmd/cmdMakerMaker.emaker#:span::129:57::129:66> > # problem: RuntimeException> > # > # - Thrower#run(RuntimeException) > # . throw(['n', 'o', ' ', 'm', 'a', 't', 'c', 'h', ':', ' ', > "hello"]) This should be fixed by changing the expansion to throw("no match: " + E.toQuote(temp)) If you could provide a patch for this and/or the line wrapping bug, I'll check and commit it. Also, MarkM and I have agreed you ought to have commit access; the only reason you don't yet is that we haven't been able to contact Dean to get you added to the password file. (Yes, yes, DVCS is better and all that.) (By the way, if the tracelog is showing intermixed with your regular IO, and you haven't done this on purpose or are using devrune, then your E is misconfigured or has a bug.) -- Kevin Reid From ansible at xnet.com Fri Feb 12 09:58:20 2010 From: ansible at xnet.com (James Graves) Date: Fri, 12 Feb 2010 11:58:20 -0600 Subject: [e-lang] DVCS hosting (was Re: Some minor bugs (switch and traceln)) In-Reply-To: <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com>; from kpreid@mac.com on Fri, Feb 12, 2010 at 12:04:15PM -0500 References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> Message-ID: <20100212115820.A7258@xnet.com> On Fri, Feb 12, 2010 at 12:04:15PM -0500, Kevin Reid wrote: > Also, MarkM and I have agreed you ought to have commit access; the > only reason you don't yet is that we haven't been able to contact Dean > to get you added to the password file. (Yes, yes, DVCS is better and > all that.) I just started a project using Google Code, and it was pretty easy. You'll need a Google account, and after that, you can just pick a project name, type in a description, select a repo type, and off you go. They are currently supporting Subversion and Mercurial (what I'm using for my project). Google auto-generates a random password for pushing changes to the repo, so you put the URL, username and password into your own .hgrc. So you can then clone the Google repo for your project, and then push back changes without typing in a password. The project owner(s) can change the repo password at any time. Best regards, James From kpreid at mac.com Fri Feb 12 10:05:40 2010 From: kpreid at mac.com (Kevin Reid) Date: Fri, 12 Feb 2010 13:05:40 -0500 Subject: [e-lang] DVCS hosting (was Re: Some minor bugs (switch and traceln)) In-Reply-To: <20100212115820.A7258@xnet.com> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <20100212115820.A7258@xnet.com> Message-ID: <49297E17-585F-4942-B180-BE0A803D3D92@mac.com> On Feb 12, 2010, at 12:58, James Graves wrote: > On Fri, Feb 12, 2010 at 12:04:15PM -0500, Kevin Reid wrote: > >> Also, MarkM and I have agreed you ought to have commit access; the >> only reason you don't yet is that we haven't been able to contact >> Dean >> to get you added to the password file. (Yes, yes, DVCS is better and >> all that.) > > I just started a project using Google Code, and it was pretty easy. > You'll need a Google account, and after that, you can just pick a > project name, type in a description, select a repo type, and off you > go. They are currently supporting Subversion and Mercurial (what I'm > using for my project). If we are going to move to another VCS, I would prefer Git. Thomas Leonard has already begun a mirror: -- Kevin Reid From kpreid at mac.com Sun Feb 14 16:38:18 2010 From: kpreid at mac.com (Kevin Reid) Date: Sun, 14 Feb 2010 19:38:18 -0500 Subject: [e-lang] Draft XML library now available In-Reply-To: <1265990104.2516.18.camel@danebury.it-innovation.soton.ac.uk> References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> <1265041421.3552.26.camel@danebury.it-innovation.soton.ac.uk> <1265990104.2516.18.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <2B2F1B12-898B-4950-B886-81B6335801E8@mac.com> On Feb 12, 2010, at 10:55, Thomas Leonard wrote: > On Mon, 2010-02-01 at 11:49 -0500, Kevin Reid wrote: >> It exists in a not-yet-published Git repository. >> >> I would have gotten it cleaned up and available, but schoolwork and a >> cold have wiped out my free time/enthusiasm for the past week. Sorry! > > No problem; I've make a temporary (string-based) one which we're using > while the proper version is being developed: > > http://barooga.it-innovation.soton.ac.uk/cgi-bin/gitweb.cgi?p=labs/e-prototype;a=blob;f=src/main/e/gria/tools/xml.emaker;h=41b1281450570c2deb7c18b0e259fdfcc7aca2a9;hb=e9105f9e46db8680a3843cbafe9dae73e0d6cdec The not-yet-published repository is now published, at . (I haven't set up gitweb or other browsing due to lack of time to research and do so. In fact, I didn't really have the time to do what I've just done to get this code working such that it does a reasonable amount, but ...) The code is *VERY* rough, badly-factored, and it probably isn't actually good for much yet. Tell me what you need immediately, and/or provide patches! (I'm guessing the answer will be "value-holes in XML literals".) Here's how I run the test cases: $ rlwrap rune -cpa classpath ? rune(["/path/to/updoc.e", "test"]) (By the way, your code will fail to generate proper results if the XML literal contains a "$" since it doesn't unescape them in substitute/1.) -- Kevin Reid From tal at it-innovation.soton.ac.uk Mon Feb 15 02:26:01 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 15 Feb 2010 10:26:01 +0000 Subject: [e-lang] Some minor bugs (switch and traceln) In-Reply-To: <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> Message-ID: <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> On Fri, 2010-02-12 at 12:04 -0500, Kevin Reid wrote: > On Feb 12, 2010, at 11:25, Thomas Leonard wrote: > > > A couple of minor bugs: > > > > When there is no match for a switch statement, the expansion > > (ENodeBuilder.switchx) is: > > > > throw("no match: " + temp) [...] > This should be fixed by changing the expansion to > > throw("no match: " + E.toQuote(temp)) > > If you could provide a patch for this and/or the line wrapping bug, > I'll check and commit it. I've committed the fixes to a new "proposed" branch. If you have a Git clone of the svn repository (made with the command I sent earlier), you should be able to review and commit like this: # Download Thomas's "proposed" branch... git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation.git proposed # See what he changed, relative to the svn copy... git log -p git-svn.. # Push changes to svn... (or use --dry-run to see what would happen) git svn dcommit Otherwise, the patches can be seen in a browser here: http://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation/commits/proposed > Also, MarkM and I have agreed you ought to have commit access; the > only reason you don't yet is that we haven't been able to contact Dean > to get you added to the password file. (Yes, yes, DVCS is better and > all that.) Thanks, though I'd prefer having someone review and comment on my changes, as I'm not still not that familiar with the code. On a related note, I'm updating the Walnut guide on the wiki to answer questions from co-workers. I'm writing the new text as if I know what I'm talking about, and relying on you guys to fix it... (but I can't update it at the moment because I get the error "Could not open socket") > (By the way, if the tracelog is showing intermixed with your regular > IO, and you haven't done this on purpose or are using devrune, then > your E is misconfigured or has a bug.) I put this in my ~/.e/user-eprops.txt: TraceLog_dir=- e.onErrorExit=report I think most people here are using these options. Not being able to see errors easily, and having to press Return after getting one, were the two main complaints people had when they started using E. But, even if the trace messages were going to a file, I'd still rather have them wrapped by my text editor, to the width of the window. Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From ansible at xnet.com Mon Feb 15 05:55:02 2010 From: ansible at xnet.com (James Graves) Date: Mon, 15 Feb 2010 07:55:02 -0600 Subject: [e-lang] Wiki problems? (was:: Some minor bugs (switch and traceln)) In-Reply-To: <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk>; from tal@it-innovation.soton.ac.uk on Mon, Feb 15, 2010 at 10:26:01AM +0000 References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <20100215075502.A16109@xnet.com> On Mon, Feb 15, 2010 at 10:26:01AM +0000, Thomas Leonard wrote: > On a related note, I'm updating the Walnut guide on the wiki to answer > questions from co-workers. I'm writing the new text as if I know what > I'm talking about, and relying on you guys to fix it... > > (but I can't update it at the moment because I get the error "Could not > open socket") I just tried to edit the sandbox page, and it worked. Let me know if you have problems editing the wiki. Have you created an account? BR, James From tal at it-innovation.soton.ac.uk Mon Feb 15 06:16:12 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 15 Feb 2010 14:16:12 +0000 Subject: [e-lang] Wiki problems? (was:: Some minor bugs (switch and traceln)) In-Reply-To: <20100215075502.A16109@xnet.com> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <20100215075502.A16109@xnet.com> Message-ID: <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk> On Mon, 2010-02-15 at 07:55 -0600, James Graves wrote: > On Mon, Feb 15, 2010 at 10:26:01AM +0000, Thomas Leonard wrote: > > > On a related note, I'm updating the Walnut guide on the wiki to answer > > questions from co-workers. I'm writing the new text as if I know what > > I'm talking about, and relying on you guys to fix it... > > > > (but I can't update it at the moment because I get the error "Could not > > open socket") > > I just tried to edit the sandbox page, and it worked. Let me know if > you have problems editing the wiki. > > Have you created an account? I'm editing "Editing Walnut/Ordinary Programming/Emakers", logged in as "ThomasLeonard". When I click "Save page" I get asked to solve a CAPTCHA. Either pressing Return in the box or clicking Submit leads to a "Could not open socket" message. Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From ansible at xnet.com Mon Feb 15 10:59:31 2010 From: ansible at xnet.com (James Graves) Date: Mon, 15 Feb 2010 12:59:31 -0600 Subject: [e-lang] Wiki problems? (was:: Some minor bugs (switch and traceln)) In-Reply-To: <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk>; from tal@it-innovation.soton.ac.uk on Mon, Feb 15, 2010 at 02:16:12PM +0000 References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <20100215075502.A16109@xnet.com> <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <20100215125931.A5355@xnet.com> On Mon, Feb 15, 2010 at 02:16:12PM +0000, Thomas Leonard wrote: > I'm editing "Editing Walnut/Ordinary Programming/Emakers", logged in as > "ThomasLeonard". When I click "Save page" I get asked to solve a > CAPTCHA. Either pressing Return in the box or clicking Submit leads to a > "Could not open socket" message. Short version: I've added Thomas to the 'bots' group, which should skip the recaptcha prompt, for him at least. More generally, however, the recaptcha mechanism is suddenly broken, and I don't know why. Anyone being prompted: please send me your username in private email and you'll be added to the bots group. --------------------------------------------------------------------------- Long version: Well, this is quite a puzzle. The 'Could not open socket' is from the Recaptcha plugin. So I go and dig into that a little. So we've got an on-going problem with DNS lookups... but I won't get into that now. The recaptcha servers weren't resolving, but that is fixed (temporarily). I can now ping them from the wiki host, and I can also run a wget on them to retrieve a web page. OK, fine. The recaptcha is still not working at this poing. I add some debugging information, to have it print out the host, socket, request, etc. That all looks fine. I can use netcat to submit a request to the verify server, and it returns a webpage indicating that the request is invalid. Maybe I didn't copy and paste it correctly, whatever. It does not, however, give me an error that it could not open the socket (on port 80) to the verify server. So running on the command line, I can get a response from the verify server, but running it from inside the mediawiki, it doesn't work. We currently have v1.7 of the plugin installed. This is the latest release for MediaWiki... and I haven't seen anything yet to indicate that there is some kind of protocol error. Digging around the recaptcha mailing list hasn't uncovered anything real useful yet. So members of 'bots', sysops (like Kevin, MarkM, etc.) will not be asked to fill in the captcha. However, everyone else (including anonymous users of course) will be prompted... and the verification will fail. So I'll be working on it this week. BR, James From kpreid at mac.com Mon Feb 15 11:08:40 2010 From: kpreid at mac.com (Kevin Reid) Date: Mon, 15 Feb 2010 14:08:40 -0500 Subject: [e-lang] Wiki problems? (was:: Some minor bugs (switch and traceln)) In-Reply-To: <20100215125931.A5355@xnet.com> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <20100215075502.A16109@xnet.com> <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk> <20100215125931.A5355@xnet.com> Message-ID: <739A001E-3168-4706-B103-30F1CFBDF2CE@mac.com> On Feb 15, 2010, at 13:59, James Graves wrote: > Anyone being prompted: please send me your username in private email > and you'll be added to the bots group. This is not a good idea, because the normal assumption is that bot edits are 'boring' and possibly to be hidden, etc. -- Kevin Reid From ansible at xnet.com Mon Feb 15 11:20:22 2010 From: ansible at xnet.com (James Graves) Date: Mon, 15 Feb 2010 13:20:22 -0600 Subject: [e-lang] Wiki problems? (was:: Some minor bugs (switch and traceln)) In-Reply-To: <739A001E-3168-4706-B103-30F1CFBDF2CE@mac.com>; from kpreid@mac.com on Mon, Feb 15, 2010 at 02:08:40PM -0500 References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <20100215075502.A16109@xnet.com> <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk> <20100215125931.A5355@xnet.com> <739A001E-3168-4706-B103-30F1CFBDF2CE@mac.com> Message-ID: <20100215132022.E5355@xnet.com> On Mon, Feb 15, 2010 at 02:08:40PM -0500, Kevin Reid wrote: > On Feb 15, 2010, at 13:59, James Graves wrote: > > > Anyone being prompted: please send me your username in private email > > and you'll be added to the bots group. > > > This is not a good idea, because the normal assumption is that bot > edits are 'boring' and possibly to be hidden, etc. Yes, you are correct. Bot edits are hidden by default... though I suppose I could change that too. At any rate, I've changed Thomas and Zarutian to the 'sysops' group instead. Note that this is only temporary until we get the recaptcha situation straightened out. BR, James From daw at cs.berkeley.edu Mon Feb 15 12:27:07 2010 From: daw at cs.berkeley.edu (David Wagner) Date: Mon, 15 Feb 2010 12:27:07 -0800 (PST) Subject: [e-lang] New paper: Fine-Grained Privilege Separation for Web Applications Message-ID: <201002152027.o1FKR77D031318@taverner.cs.berkeley.edu> I thought I'd let you all know about a new paper from Akshay Krishnamurthy, Adrian Mettler, and I: Akshay Krishnamurthy, Adrian Mettler, and David Wagner. "Fine-Grained Privilege Separation for Web Applications". To appear at WWW 2010, April 26-30, 2010. http://www.cs.berkeley.edu/~daw/papers/capsules-www10.pdf The paper looks at how to build web applications with a privilege-separated architecture, following the principle of least privilege. In particular, the paper is an application of object capabilities to this problem. We look at an approach based on building web applications in Joe-E, using a framework that is designed to support least-privilege application architectures and to support reasoning about the security of the webapp. Let us know what you think! Abstract: We present a programming model for building web applications with security properties that can be confidently verified during a security review. In our model, applications are divided into isolated, privilege-separated components, enabling rich security policies to be enforced in a way that can be checked by reviewers. In our model, the web framework enforces privilege separation and isolation of web applications by requiring the use of an object-capability language and providing interfaces that expose limited, explicitly-specified privileges to application components. This approach restricts what each component of the application can do and quarantines buggy or compromised code. It also provides a way to more safely integrate third-party, less-trusted code into a web application. We have implemented a prototype of this model based upon the Java Servlet framework and used it to build a webmail application. Our experience with this example suggests that the approach is viable and helpful at establishing reviewable application-specific security properties. From kpreid at mac.com Mon Feb 15 15:27:56 2010 From: kpreid at mac.com (Kevin Reid) Date: Mon, 15 Feb 2010 18:27:56 -0500 Subject: [e-lang] Some minor bugs (switch and traceln) In-Reply-To: <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <2B8DA3F5-30F9-4E3B-A87C-D62235AA340D@mac.com> On Feb 15, 2010, at 5:26, Thomas Leonard wrote: > I've committed the fixes to a new "proposed" branch. If you have a Git > clone of the svn repository (made with the command I sent earlier), > you > should be able to review and commit like this: > > # Download Thomas's "proposed" branch... > git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it- > innovation.git proposed > > # See what he changed, relative to the svn copy... > git log -p git-svn.. I used this command: git svn clone svn://svn.synchrona.org/erights/e --stdlayout e-on-java- git followed by the above git pull, and there is no branch called "git- svn" (just "master" and the branch I created to pull your patches into). Is this just an accident of naming or does it indicate something missing? I'll review your changes as time permits. Does it create problems for you if they are committed in a different order than you did? >> Also, MarkM and I have agreed you ought to have commit access; the >> only reason you don't yet is that we haven't been able to contact >> Dean >> to get you added to the password file. (Yes, yes, DVCS is better and >> all that.) > > Thanks, though I'd prefer having someone review and comment on my > changes, as I'm not still not that familiar with the code. Of course, but my experience is that it's generally easier if the person who constructed the changes commits them ? at least in Subversion. > On a related note, I'm updating the Walnut guide on the wiki to answer > questions from co-workers. I'm writing the new text as if I know what > I'm talking about, and relying on you guys to fix it... Understood. The change is currently in my todo bucket [it's hardly an ordered list] to review; the semantics of the 'interface' construct are rather dubious and I'm not sure they should even be in introductory material in detail. > But, even if the trace messages were going to a file, I'd still rather > have them wrapped by my text editor, to the width of the window. I'm in general in favor of soft wrapping, but I'm not familiar with the tracing subsystem enough to judge this proposal. -- Kevin Reid From tal at it-innovation.soton.ac.uk Tue Feb 16 01:58:45 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Tue, 16 Feb 2010 09:58:45 +0000 Subject: [e-lang] Some minor bugs (switch and traceln) In-Reply-To: <2B8DA3F5-30F9-4E3B-A87C-D62235AA340D@mac.com> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <2B8DA3F5-30F9-4E3B-A87C-D62235AA340D@mac.com> Message-ID: <1266314325.2413.6.camel@danebury.it-innovation.soton.ac.uk> On Mon, 2010-02-15 at 18:27 -0500, Kevin Reid wrote: > On Feb 15, 2010, at 5:26, Thomas Leonard wrote: > > > I've committed the fixes to a new "proposed" branch. If you have a Git > > clone of the svn repository (made with the command I sent earlier), > > you > > should be able to review and commit like this: > > > > # Download Thomas's "proposed" branch... > > git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it- > > innovation.git proposed > > > > # See what he changed, relative to the svn copy... > > git log -p git-svn.. > > I used this command: > git svn clone svn://svn.synchrona.org/erights/e --stdlayout e-on-java- > git > followed by the above git pull, and there is no branch called "git- > svn" (just "master" and the branch I created to pull your patches > into). Is this just an accident of naming or does it indicate > something missing? Ah, it's probably called 'remotes/trunk' (I think it calls it 'git-svn' in my copy because I only cloned one branch). "git branch -a" will list all branches if you still don't see it. > I'll review your changes as time permits. > > Does it create problems for you if they are committed in a different > order than you did? No. I'll just "git rebase -i remotes/git-svn" to remove whichever ones you applied from my branch. [...] > > On a related note, I'm updating the Walnut guide on the wiki to answer > > questions from co-workers. I'm writing the new text as if I know what > > I'm talking about, and relying on you guys to fix it... > > Understood. The change > is currently in my todo bucket [it's hardly an ordered list] to > review; the semantics of the 'interface' construct are rather dubious > and I'm not sure they should even be in introductory material in detail. I had trouble finding any information about it at all, but I wanted the guide to include enough of the syntax that people can read existing code, and it seems useful. Coming from Java, I was quite surprised that you could implement an interface without implementing the methods it defines, though. Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Tue Feb 16 04:05:14 2010 From: kpreid at mac.com (Kevin Reid) Date: Tue, 16 Feb 2010 07:05:14 -0500 Subject: [e-lang] Some minor bugs (switch and traceln) In-Reply-To: <1266314325.2413.6.camel@danebury.it-innovation.soton.ac.uk> References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <2B8DA3F5-30F9-4E3B-A87C-D62235AA340D@mac.com> <1266314325.2413.6.camel@danebury.it-innovation.soton.ac.uk> Message-ID: On Feb 16, 2010, at 4:58, Thomas Leonard wrote: > Ah, it's probably called 'remotes/trunk' (I think it calls it 'git- > svn' in my copy because I only cloned one branch). "git branch -a" > will list all branches if you still don't see it. Got it. My error; I forgot about -a and the distinction it made. > Coming from Java, I was quite surprised that you could implement an > interface without implementing the methods it defines, though. The "interface" expression is really a shortcut to a bunch of guard/ auditor functionality, none of which actually cares about methods; the body containing message declarations is just for documentation purposes. Or so we've sometimes thought; the future definition of 'interface' really is in doubt. In particular, the non-"guards" interface declaration has no useful security properties even though it looks like it might (due to __conformTo leaking the guard-which-is-the- stamp), and it might lose the rubber-stamp functionality altogether, especially if my "signature" proposal goes into effect. Remember, E does not have a static type system; for all E knows, the contract of the object *is* to throw whenever you call any of its methods. And since E objects are opaque, there is no *should-be- visible* distinction between "doesn't have this method" and "deliberately throws when you call this", other than the __getAllegedType. -- Kevin Reid From ansible at xnet.com Tue Feb 16 09:46:46 2010 From: ansible at xnet.com (James Graves) Date: Tue, 16 Feb 2010 11:46:46 -0600 Subject: [e-lang] Recaptcha working on wiki again In-Reply-To: <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk>; from tal@it-innovation.soton.ac.uk on Mon, Feb 15, 2010 at 02:16:12PM +0000 References: <1265991948.2516.24.camel@danebury.it-innovation.soton.ac.uk> <8D74F1FA-EA9A-4C54-BBA7-3AFC8A5CD397@mac.com> <1266229561.2442.19.camel@danebury.it-innovation.soton.ac.uk> <20100215075502.A16109@xnet.com> <1266243372.7595.3.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <20100216114646.A14321@xnet.com> Hello, So, after some more mucking around, it seemed that under no circumstances (even calling an external program like /usr/sbin/dig) would the php recaptcha module successfully do name lookups. Why? Don't know. I ended up restarting Apache, and now everything is working. Why? Don't know. Remind me again why I work with computers... BR, James From toby.murray at comlab.ox.ac.uk Tue Feb 16 13:58:21 2010 From: toby.murray at comlab.ox.ac.uk (Toby Murray) Date: Tue, 16 Feb 2010 21:58:21 +0000 Subject: [e-lang] New paper: Fine-Grained Privilege Separation for Web Applications In-Reply-To: <201002152027.o1FKR77D031318@taverner.cs.berkeley.edu> References: <201002152027.o1FKR77D031318@taverner.cs.berkeley.edu> Message-ID: On 15 February 2010 20:27, David Wagner wrote: > I thought I'd let you all know about a new paper from Akshay > Krishnamurthy, Adrian Mettler, and I: > > Akshay Krishnamurthy, Adrian Mettler, and David Wagner. > "Fine-Grained Privilege Separation for Web Applications". > To appear at WWW 2010, April 26-30, 2010. > http://www.cs.berkeley.edu/~daw/papers/capsules-www10.pdf Very cool. One question struck me while reading the following (from the "Session Initialisation" part of the Section 5.1.1) that the paper doesn't appear to address. "We reviewed the application's session initialisation code and confirmed that it doesn't use unsafe Java features to violate the isolation properties that Joe-E guarantees ..." How much more difficult would this step be for user's unfamiliar with the design of Joe-E ? Is there a set of simple rules that users can follow when writing Java code that sits alongside a Joe-E application to ensure that the Joe-E semantics are maintained for the Joe-E part of that application? This seems like something that would be required in order to make this step of the security review easy for end users. Of course, such a guide is likely to be useful for all Joe-E applications, so maybe it already exists? Apologies if it's just my ignorance. Cheers Toby From kpreid at mac.com Tue Feb 16 18:31:44 2010 From: kpreid at mac.com (Kevin Reid) Date: Tue, 16 Feb 2010 21:31:44 -0500 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? Message-ID: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> Running into a bit of a problem with the XML library design. My starting premise has been that XML values are not single elements/ spans of text/etc (like DOM nodes) but rather arbitrary sequences of XML data; that is, they can contain arbitrary concatenations: ? xml`xxx yyy zzz`[xpath`a/text()`] # value: [xml`xxx`] My notion was that this is more the right thing when one is working with constructing an XML tree in code; being able to carry arbitrary fragments around as single objects means that you can do natural things such as xml`this simple example` without contortions such as the DOM DocumentFragment objects. So, for XPath semantics, the above sample implies that the ?a? element is a child of the context node. But what about xml`xxx`? Given that one *has* an object which is a single element, one would imagine it to be natural to want to refer to its attributes directly: ? xml`xxx`[xpath`@@b`] # value: [xmlattr`b="c"`] But this is inconsistent with the previous example, because the XPath context node must be the ?a? element for this to work! Given this model, this must be instead written as: ? xml`xxx`[xpath`a/@@b`] # value: [xmlattr`b="c"`] or ? xml`xxx`[xpath`*/@@b`] # value: [xmlattr`b="c"`] I think this is reasonably the Right Thing given my original premise, but I'm wondering whether I should reconsider my original premise. What do you think? -- Kevin Reid From daw at cs.berkeley.edu Tue Feb 16 18:57:49 2010 From: daw at cs.berkeley.edu (David Wagner) Date: Tue, 16 Feb 2010 18:57:49 -0800 (PST) Subject: [e-lang] New paper: Fine-Grained Privilege Separation for Web Applications Message-ID: <201002170257.o1H2vnqA010780@taverner.cs.berkeley.edu> Toby Murray wrote: >One question struck me while reading the following (from the "Session >Initialisation" part of the Section 5.1.1) that the paper doesn't >appear to address. >"We reviewed the application's session initialisation code and >confirmed that it doesn't use unsafe Java features to violate the >isolation properties that Joe-E guarantees ..." > >How much more difficult would this step be for user's unfamiliar with >the design of Joe-E ? Hmm! Good question. I'm not sure. Maybe Adrian or Akshay have some thoughts on this. If you want to try reviewing the relevant session initialization code for yourself, you can take a look. It's here: http://code.google.com/p/joe-e/source/browse/trunk/apps/servlet/src/org/joe_e/servlet/mail/notjoe_e/SessionInit.java http://code.google.com/p/joe-e/source/browse/trunk/apps/servlet/src/org/joe_e/servlet/mail/notjoe_e/PostfixClient.java http://code.google.com/p/joe-e/source/browse/trunk/apps/servlet/src/org/joe_e/servlet/mail/notjoe_e/TransportAgent.java Tyler's Waterken is a more sophisticated example of an app that mixes Java and Joe-E code. I don't know if Tyler has any experience to share on what you have to review about the Java code to know that mixing it with Joe-E code doesn't negate all the good properties of Joe-E. >Is there a set of simple rules that users can follow when writing Java >code that sits alongside a Joe-E application to ensure that the Joe-E >semantics are maintained for the Joe-E part of that application? This >seems like something that would be required in order to make this step >of the security review easy for end users. My rough intuition says: the typical case is that the Java code ought to be valid Joe-E, with the one exception that it might construct capabilities out of thin air by using untamed Java APIs (which is something Joe-E code isn't supposed to do). So maybe one could eyeball those files to make sure that this is the only way that it violates Joe-E rules. I don't know if this is exactly the right set of rules to use, and I don't have a lot of experience with this. I wonder if one could run the Joe-E verifier on those files, note all violations of the Joe-E rules, and then check that those violations are intended and necessary for functioning of the app. In my mind the use of Java files together with Joe-E is a definite hazard and a source of risk, and reviewing those Java files seems likely to be tricky and potentially error-prone, particularly if there is a non-trivial amount of Java. >Of course, such a guide is likely to be useful for all Joe-E >applications, so maybe it already exists? Apologies if it's just my >ignorance. As far as I know this does not already exist. Unfortunately there is very little in the way of documentation for Joe-E, I'm afraid, beyond the spec, the published papers, and some Javadoc. From rasmussen.bryan at gmail.com Wed Feb 17 01:11:45 2010 From: rasmussen.bryan at gmail.com (bryan rasmussen) Date: Wed, 17 Feb 2010 10:11:45 +0100 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? In-Reply-To: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> References: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> Message-ID: <3bb44c6e1002170111j63187d19r8fd93a87497ce788@mail.gmail.com> Well the first question is - should this handle malformed XML data - because > ? xml`xxx yyy zzz`[xpath`a/text()`] > # value: [xml`xxx`] is malformed - the XML you give there doesn't have a document node. > So, for XPath semantics, the above sample implies that the ?a? element > is a child of the context node. yes it does, but you don't have a context node? if you had xxxyyyzzz and the context node was 'data' the xpath you gave would be correct. > But what about xml`xxx`? > > Given that one *has* an object which is a single element, one would > imagine it to be natural to want to refer to its attributes directly: > > ? xml`xxx`[xpath`@@b`] > # value: [xmlattr`b="c"`] Yes if the context node is a then the xpath @b should return the value of the b attribute. > But this is inconsistent with the previous example, because the XPath > context node must be the ?a? element for this to work! Given this > model, this must be instead written as: > > ? xml`xxx`[xpath`a/@@b`] > # value: [xmlattr`b="c"`] > > or > > ? xml`xxx`[xpath`*/@@b`] > # value: [xmlattr`b="c"`] > yes.. > I think this is reasonably the Right Thing given my original premise, > but I'm wondering whether I should reconsider my original premise. > What do you think? The problem with the premise is it is incomplete - do you want to only handle well-formed XML, then the rest of the premise is wrong, if you want to handle malformed data then you still need to have a rule as how the context node is set. For example you could say that malformed XML has an implicit document node it has already been matched. Which would match your first example. Cheers, Bryan Rasmussen From tal at it-innovation.soton.ac.uk Wed Feb 17 02:10:01 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Wed, 17 Feb 2010 10:10:01 +0000 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? In-Reply-To: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> References: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> Message-ID: <1266401401.2436.4.camel@danebury.it-innovation.soton.ac.uk> On Tue, 2010-02-16 at 21:31 -0500, Kevin Reid wrote: > Running into a bit of a problem with the XML library design. > > My starting premise has been that XML values are not single elements/ > spans of text/etc (like DOM nodes) but rather arbitrary sequences of > XML data; that is, they can contain arbitrary concatenations: > > ? xml`xxx yyy zzz`[xpath`a/text()`] > # value: [xml`xxx`] > > My notion was that this is more the right thing when one is working > with constructing an XML tree in code; being able to carry arbitrary > fragments around as single objects means that you can do natural > things such as xml`this simple example` without > contortions such as the DOM DocumentFragment objects. > > So, for XPath semantics, the above sample implies that the ?a? element > is a child of the context node. > > But what about xml`xxx`? > > Given that one *has* an object which is a single element, one would > imagine it to be natural to want to refer to its attributes directly: > > ? xml`xxx`[xpath`@@b`] > # value: [xmlattr`b="c"`] I'd be happy having the context be the document (or document fragment) containing , rather than itself. Even if xml`` isn't a well-formed document, xml`` is, and you still need to be able to refer to the comment. -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From rasmussen.bryan at gmail.com Wed Feb 17 02:20:11 2010 From: rasmussen.bryan at gmail.com (bryan rasmussen) Date: Wed, 17 Feb 2010 11:20:11 +0100 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? In-Reply-To: <1266401401.2436.4.camel@danebury.it-innovation.soton.ac.uk> References: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> <1266401401.2436.4.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <3bb44c6e1002170220q152ec1e6w5475587a8ef572fc@mail.gmail.com> >> >> But what about xml`xxx`? >> >> Given that one *has* an object which is a single element, one would >> imagine it to be natural to want to refer to its attributes directly: >> >> ? xml`xxx`[xpath`@@b`] >> # value: [xmlattr`b="c"`] > > I'd be happy having the context be the document (or document fragment) > containing , rather than itself. > > Even if xml`` isn't a well-formed document, > xml`` is, and you still need to be able to refer to > the comment. Yeah. The XPath / is to the root node, a sort of virtual node around the document node. In the example >> ? xml`xxx`[xpath`@@b`] >> # value: [xmlattr`b="c"`] > a would be the document element in the example ? xml`xxx yyy zzz`[xpath`a/text()`] > # value: [xml`xxx`] there isn't a document element... most APIs have some method for dealing with fragments like the above, but understood that they are coming from some well-formed XML that does have a document element, thus if you had xxxyyyzzz and selected /* then your context would be data and your fragment would be xxxyyyzzz so then the a/text() would work.. The assumption seems to be though that as well as the virtual root node if we had malformed XML then the API would provide a virtual document node as well - that is then wrong, probably the compromise would be an error in the formedness of the XML could allow you to treat it as malformed and then parsing with some specific rules for treating XML-like markup without it being properly XML. Cheers, Bryan Rasmussen From tal at it-innovation.soton.ac.uk Wed Feb 17 02:36:33 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Wed, 17 Feb 2010 10:36:33 +0000 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? In-Reply-To: <3bb44c6e1002170220q152ec1e6w5475587a8ef572fc@mail.gmail.com> References: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> <1266401401.2436.4.camel@danebury.it-innovation.soton.ac.uk> <3bb44c6e1002170220q152ec1e6w5475587a8ef572fc@mail.gmail.com> Message-ID: <1266402993.2436.9.camel@danebury.it-innovation.soton.ac.uk> On Wed, 2010-02-17 at 11:20 +0100, bryan rasmussen wrote: > >> > >> But what about xml`xxx`? > >> > >> Given that one *has* an object which is a single element, one would > >> imagine it to be natural to want to refer to its attributes directly: > >> > >> ? xml`xxx`[xpath`@@b`] > >> # value: [xmlattr`b="c"`] > > > > I'd be happy having the context be the document (or document fragment) > > containing , rather than itself. > > > > Even if xml`` isn't a well-formed document, > > xml`` is, and you still need to be able to refer to > > the comment. > > Yeah. > > The XPath / is to the root node, a sort of virtual node around the > document node. > In the example > >> ? xml`xxx`[xpath`@@b`] > >> # value: [xmlattr`b="c"`] > > > a would be the document element > > in the example > ? xml`xxx yyy zzz`[xpath`a/text()`] > > # value: [xml`xxx`] > there isn't a document element... > most APIs have some method for dealing with fragments like the above, > but understood that they are coming from some well-formed XML that > does have a document element, thus if you had > > xxxyyyzzz > and selected /* > then your context would be data > and your fragment would be xxxyyyzzz > so then the a/text() would work.. I think that would be confusing. In XSLT, you'd select using "/data/a" even if was the document element. [ The XML/DOM terminology is rather confusing. The Document corresponds to the XML file itself, and contains a sequence of Nodes, exactly one of which must be an Element (i.e. the "document element", a child of the Document). ] -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Wed Feb 17 04:29:19 2010 From: kpreid at mac.com (Kevin Reid) Date: Wed, 17 Feb 2010 07:29:19 -0500 Subject: [e-lang] XML library design: what is XPath self? Or, is this "fragment" idea a good one? In-Reply-To: <3bb44c6e1002170111j63187d19r8fd93a87497ce788@mail.gmail.com> References: <9973FD0B-B4E7-45EB-AD22-BBF0D6C5EA98@mac.com> <3bb44c6e1002170111j63187d19r8fd93a87497ce788@mail.gmail.com> Message-ID: <66BD9172-DEDC-40BE-A84C-E9B10BA354D0@mac.com> On Feb 17, 2010, at 4:11, bryan rasmussen wrote: > Well the first question is - should this handle malformed XML data - > because > >> ? xml`xxx yyy zzz`[xpath`a/text()`] >> # value: [xml`xxx`] > is malformed - the XML you give there doesn't have a document node. You have not understood the premise of my design. It is intended to make sure that *CONSTRUCTING* XML documents using this interface is no more painful than doing it by concatenating strings. As I wrote before: >> My starting premise has been that XML values are not single elements/ >> spans of text/etc (like DOM nodes) but rather arbitrary sequences of >> XML data; that is, they can contain arbitrary concatenations: >> ... >> My notion was that this is more the right thing when one is working >> with constructing an XML tree in code; being able to carry arbitrary >> fragments around as single objects means that you can do natural >> things such as xml`this simple example` without >> contortions such as the DOM DocumentFragment objects. It is true that the example above is not a well-formed *document*, but it is not intended to be. It *is* a well-formed *subsequence of element content* -- it corresponds to the grammar production "content" in the XML specification. Note that the restriction of this to having only one element makes it a well-formed XML document, except that the prolog is not represented. -- Kevin Reid From clandau at macslab.com Wed Feb 17 09:46:18 2010 From: clandau at macslab.com (Charles Landau) Date: Wed, 17 Feb 2010 09:46:18 -0800 Subject: [e-lang] Fwd: Re: Problem with wiki.erights.org Message-ID: <4B7C2B6A.5060800@macslab.com> I have an account on the erights wiki, but I'm still unable to get my email address confirmed. It says it will send an email to me, then goes to http://wiki.erights.org/wiki/Special:Confirmemail, which is blank. I receive no email. -------- Original Message -------- Subject: Re: [e-lang] Problem with wiki.erights.org Date: Fri, 17 Jul 2009 08:08:37 -0700 From: Charles Landau To: James Graves James Graves wrote: > Charles Landau wrote: >> James Graves wrote: >>> On Fri, Jun 12, 2009 at 03:36:09PM -0700, Charles Landau wrote: >>> >>>> Nope, still not getting an email. >>> >>> The PHP installation on that box is missing packages... and missing a >>> functioning 'pear' installer. It'll take me a little while longer to >>> get that all straightened out. >> >> Did this get fixed? >> > > I apologize, no. I haven't taken the time to look into it. If you need > a password reset, for now just contact me directly. I'm attempting to get my email address confirmed, so I can receive email notifications when a page I'm interested in changes. From tal at it-innovation.soton.ac.uk Fri Feb 19 07:45:34 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Fri, 19 Feb 2010 15:45:34 +0000 Subject: [e-lang] Alternative E loader [patch] In-Reply-To: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1266594334.2469.21.camel@danebury.it-innovation.soton.ac.uk> On Thu, 2010-02-11 at 16:50 +0000, Thomas Leonard wrote: > Hi all, > > The E documentation (e.g. the Walnut guide) suggests that .emaker files > should be placed somewhere in classpath and then imported using > . > > If I want to depend on someone else's library then presumably I'm > supposed to add their jar or directory to my classpath. However: > > - The classpath is a global (process-wide) namespace, so their emakers > may override or conflict with existing ones. > > - Their jar may also introduce other files that affect the whole process > (e.g. .safej files, giving their emakers access to unsafe Java code). > > - I have to mess around with extra -cpa options in the launcher scripts > (which always has to be duplicated, to support Linux and Windows). > > - I can't add extra modules at runtime. > > - I can't depend on two libraries that use the same class names (e.g. > two different versions of the same library). I've extended my loader a bit now, and created a patch to include it in the main E distribution: git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation.git eloader The patch can be viewed in a browser here: http://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation/commit/b979de85d03d3104fe223624b1b4bac98612775c The updoc shows some examples, but the main changes are: - imports relative to the whole module, not relative to the directory. This means that you never need to give a module its own loader explicitly. - Each file gets its own scope, with a unique FQName and its own traceln(). - Each loader has a getRoot/0 method which returns a read-only view of the module's root directory. This is to allow modules to find resources (icons, help text, etc) relative to their code. If accepted, it could also be used by rune to load the main program. This would allow all E programs to import emaker files from the same directory without any extra configuration (e.g. rune -cpa ...). In terms of speed, it is dramatically faster than . This test case imports "testMaker.emaker" 100 times using both methods: def makeLoaderAuthor := def makeScope := def makeTraceln := def makeELoader := makeLoaderAuthor(makeScope, makeTraceln) def := makeELoader(, [].asMap(), "test$") def timeIt(cb) { for x in 1..10 { cb() } def start := timer.now() for x in 1..100 { cb() } def finish := timer.now() println(`Took: ${finish-start} ms`) } timeIt(fn { } ) timeIt(fn { } ) The test file was just this: if (1 =~ x :int) { 2 } Using it took: 3237 ms Using it took: 195 ms Notes: - The getRoot method allows emakers to discover their own location. If this is a problem, we could replace it with "getTextWriter" and "getOutputStream" instead. - Rather than creating a whole new scope for each file, I just extend safeScope. This avoids having to keep reloading things. I'm assuming that safeScope's slots can be safely shared between files? - I'm not sure I've understood E's Scope system correctly. My code seems to work, but it might be unnecessarily complicated and/or fragile. Thoughts? -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From john.carlson3 at sbcglobal.net Fri Feb 19 08:25:15 2010 From: john.carlson3 at sbcglobal.net (John Carlson) Date: Fri, 19 Feb 2010 08:25:15 -0800 Subject: [e-lang] Alternative E loader [patch] In-Reply-To: <1266594334.2469.21.camel@danebury.it-innovation.soton.ac.uk> References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> <1266594334.2469.21.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <3DD8624C-2792-4D2C-8B5B-2F68E376C3B9@sbcglobal.net> On Feb 19, 2010, at 7:45 AM, Thomas Leonard wrote: > On Thu, 2010-02-11 at 16:50 +0000, Thomas Leonard wrote: >> Hi all, >> >> The E documentation (e.g. the Walnut guide) suggests that .emaker files >> should be placed somewhere in classpath and then imported using >> . >> >> If I want to depend on someone else's library then presumably I'm >> supposed to add their jar or directory to my classpath. However: >> >> - The classpath is a global (process-wide) namespace, so their emakers >> may override or conflict with existing ones. >> >> - Their jar may also introduce other files that affect the whole process >> (e.g. .safej files, giving their emakers access to unsafe Java code). >> >> - I have to mess around with extra -cpa options in the launcher scripts >> (which always has to be duplicated, to support Linux and Windows). >> >> - I can't add extra modules at runtime. >> >> - I can't depend on two libraries that use the same class names (e.g. >> two different versions of the same library). Have you looked at OSGi? Are you using OSGi in your solution? John From kpreid at mac.com Fri Feb 19 08:32:39 2010 From: kpreid at mac.com (Kevin Reid) Date: Fri, 19 Feb 2010 11:32:39 -0500 Subject: [e-lang] Alternative E loader In-Reply-To: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> Message-ID: On Feb 11, 2010, at 11:50, Thomas Leonard wrote: > Hi all, > > The E documentation (e.g. the Walnut guide) suggests that .emaker > files > should be placed somewhere in classpath and then imported using > . > > If I want to depend on someone else's library then presumably I'm > supposed to add their jar or directory to my classpath. However: > > - The classpath is a global (process-wide) namespace, so their emakers > may override or conflict with existing ones. > > - Their jar may also introduce other files that affect the whole > process (e.g. .safej files, giving their emakers access to unsafe > Java code). > > - I have to mess around with extra -cpa options in the launcher > scripts > (which always has to be duplicated, to support Linux and Windows). > > - I can't add extra modules at runtime. > > - I can't depend on two libraries that use the same class names (e.g. > two different versions of the same library). Yes, these are all problems with the current system. Fixing it has been on my mind for a while, under the name "module system". The old draft code is at http://switchb.org/darcs/e-modules/ I really need to write further about this, and consider your contributions, but I haven't found the time to do a thorough review since you wrote this first message; I'm just informing you of the current situation and prior work. On Feb 19, 2010, at 10:45, Thomas Leonard wrote: > If accepted, it could also be used by rune to load the main program. > This would allow all E programs to import emaker files from the same > directory without any extra configuration (e.g. rune -cpa ...). Per capability design principles, programs should not get automatic read authority to what happens to be in the same directory. However, a "run the program which consists of this module-directory's main entry point" or other invocation mechanism which explicitly specifies *that the directory access should exist* would be reasonable. > In terms of speed, it is dramatically faster than . This test > case imports "testMaker.emaker" 100 times using both methods: This is surprising. If true in general, then fixing whatever is slow about would probably significantly speed up a lot of E code. Also, I note that your system still re-evaluates on every get/1; eliminating this (though it raises shared-state issues until such time as the results are audited DeepFrozen) ought to also be a speedup for the situation where many other files use the same library emaker. > - The getRoot method allows emakers to discover their own location. If > this is a problem, we could replace it with "getTextWriter" and > "getOutputStream" instead. I have thought for a while that there ought to be an operation on file objects to hide their pathnames, making them "virtual filesystem roots". > - Rather than creating a whole new scope for each file, I just extend > safeScope. This avoids having to keep reloading things. I'm assuming > that safeScope's slots can be safely shared between files? This is correct. A number of additional points: (1) The name "scope" is deprecated in favor of "env", as a matter of terminological correctness; the corresponding code changes have not been made, but new code should use the proper names within itself. (2) Your explicit env manipulation can be simplified by using the evaluation of code (untested example): def [traceln__Resolver, fileScope] := e` def traceln traceln__Resolver `.evalToPair(safeScope.withPrefix(...)) bind traceln := makeTraceln(fileFQName) return fileScope.nestOuter() However, this technique has the disadvantage of putting a spurious traceln__Resolver variable in the env. (3) You should not bind "safeScope" to the file env; the name "safeScope" (should be safeEnv) denotes the *particular* env which has no interesting authority, whereas yours does. (4) When setting up an env, always do a nestOuter() last; this operation makes all of the variables considered to be in an enclosing scope rather than the current one, so that they are permitted to be rebound. (This is the subsystem which prohibits { def x := 1; def x := 2 } but permits { def x := 1; { def x := 2 } }.) (5) Code which manipulates envs using state maps should be avoided, as this discards the ?binding? guard information which will be required by guard-based auditing. However, there will arguably be larger changes here as E-on-CL and E-on-Java are reconciled in the area of env manipulation. -- Kevin Reid From tal at it-innovation.soton.ac.uk Fri Feb 19 09:23:20 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Fri, 19 Feb 2010 17:23:20 +0000 Subject: [e-lang] Alternative E loader In-Reply-To: References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1266600200.2469.41.camel@danebury.it-innovation.soton.ac.uk> On Fri, 2010-02-19 at 11:32 -0500, Kevin Reid wrote: > On Feb 11, 2010, at 11:50, Thomas Leonard wrote: > > > Hi all, > > > > The E documentation (e.g. the Walnut guide) suggests that .emaker > > files should be placed somewhere in classpath and then imported using > > . [...] > Yes, these are all problems with the current system. Fixing it has > been on my mind for a while, under the name "module system". > > The old draft code is at > http://switchb.org/darcs/e-modules/ > > I really need to write further about this, and consider your > contributions, but I haven't found the time to do a thorough review > since you wrote this first message; I'm just informing you of the > current situation and prior work. That certainly looks relevant! Though instead of having it download things via HTTP I was going to just implement the local case in E, and use an existing package system (0install.net) to actually download things, resolve dependencies, select versions according to policy, etc, as an optional extra. > On Feb 19, 2010, at 10:45, Thomas Leonard wrote: > > > If accepted, it could also be used by rune to load the main program. > > This would allow all E programs to import emaker files from the same > > directory without any extra configuration (e.g. rune -cpa ...). > > Per capability design principles, programs should not get automatic > read authority to what happens to be in the same directory. However, a > "run the program which consists of this module-directory's main entry > point" or other invocation mechanism which explicitly specifies *that > the directory access should exist* would be reasonable. OK. Though I'm not too worried about this case. If it's a single script.e then it already has , and using is just a way to pass the read authority to other files, as it could have done anyway. It shouldn't be used if you run a .emaker directly, though. > > In terms of speed, it is dramatically faster than . This test > > case imports "testMaker.emaker" 100 times using both methods: > > This is surprising. If true in general, then fixing whatever is slow > about would probably significantly speed up a lot of E code. I don't really know what causes it. I used a __matchBind in the test code, but even if the file is empty the new system is still faster! > Also, I note that your system still re-evaluates on every get/1; > eliminating this (though it raises shared-state issues until such time > as the results are audited DeepFrozen) ought to also be a speedup for > the situation where many other files use the same library emaker. Yes, caching does speed it up further, but I thought that was too much of a change from the normal E behaviour. > > - The getRoot method allows emakers to discover their own location. If > > this is a problem, we could replace it with "getTextWriter" and > > "getOutputStream" instead. (er... I mean getInputStream ;-) > I have thought for a while that there ought to be an operation on file > objects to hide their pathnames, making them "virtual filesystem roots". Would be nice. > > - Rather than creating a whole new scope for each file, I just extend > > safeScope. This avoids having to keep reloading things. I'm assuming > > that safeScope's slots can be safely shared between files? > > This is correct. > > A number of additional points: > > (1) The name "scope" is deprecated in favor of "env", as a matter of > terminological correctness; the corresponding code changes have not > been made, but new code should use the proper names within itself. (2) > Your explicit env manipulation can be simplified by using the > evaluation of code (untested example): > > def [traceln__Resolver, fileScope] := e` > def traceln > traceln__Resolver > `.evalToPair(safeScope.withPrefix(...)) > bind traceln := makeTraceln(fileFQName) > return fileScope.nestOuter() > However, this technique has the disadvantage of putting a spurious > traceln__Resolver variable in the env. > > (3) You should not bind "safeScope" to the file env; the name > "safeScope" (should be safeEnv) denotes the *particular* env which has > no interesting authority, whereas yours does. I copied this pattern from the default safeScope (which also includes the interesting "traceln"), but I don't mind either way. What should safeScope["traceln"] be, then? > (4) When setting up an env, always do a nestOuter() last; this > operation makes all of the variables considered to be in an enclosing > scope rather than the current one, so that they are permitted to be > rebound. (This is the subsystem which prohibits { def x := 1; def x := > 2 } but permits { def x := 1; { def x := 2 } }.) > > (5) Code which manipulates envs using state maps should be avoided, as > this discards the ?binding? guard information which will be required > by guard-based auditing. However, there will arguably be larger > changes here as E-on-CL and E-on-Java are reconciled in the area of > env manipulation. Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Fri Feb 19 11:04:10 2010 From: kpreid at mac.com (Kevin Reid) Date: Fri, 19 Feb 2010 14:04:10 -0500 Subject: [e-lang] Alternative E loader In-Reply-To: <1266600200.2469.41.camel@danebury.it-innovation.soton.ac.uk> References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> <1266600200.2469.41.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1393F402-1EE2-4912-8B66-D9E4F1FD3B78@mac.com> On Feb 19, 2010, at 12:23, Thomas Leonard wrote: > That certainly looks relevant! Though instead of having it download > things via HTTP I was going to just implement the local case in E, and > use an existing package system (0install.net) to actually download > things, resolve dependencies, select versions according to policy, > etc, > as an optional extra. There are really two parts: 1. Given that some client wants module X, how do we locate the appropriate definition of X to load? This could be downloading or just local files. 2. Given a module definition, how do we turn it into objects in memory, what properties do they have, what are their interconnections, what are their connections to other modules, and how are they addressed by the client? What is at issue here is mostly the second part: assume there is no doubt about what to load, and make it possible to load into an running process, and safe to load at all. >> On Feb 19, 2010, at 10:45, Thomas Leonard wrote: >> >>> If accepted, it could also be used by rune to load the main program. >>> This would allow all E programs to import emaker files from the same >>> directory without any extra configuration (e.g. rune -cpa ...). >> >> Per capability design principles, programs should not get automatic >> read authority to what happens to be in the same directory. >> However, a >> "run the program which consists of this module-directory's main entry >> point" or other invocation mechanism which explicitly specifies *that >> the directory access should exist* would be reasonable. > > OK. Though I'm not too worried about this case. If it's a single > script.e then it already has , and using is just a > way > to pass the read authority to other files, as it could have done > anyway. Oh. Right. That is not an issue, yes. Incidentally, I feel it is a mistake that refers to the current directory, and that is different from ; I think that the current-directory access ought to be a different object. I forget the detailed rationale at the moment. There are issues with accepting conventional pathnames as input then, though. (There is also the issue of file URL vs. host pathname syntax, and of pathname references vs. filehandles, and ...) >> Also, I note that your system still re-evaluates on every get/1; >> eliminating this (though it raises shared-state issues until such >> time >> as the results are audited DeepFrozen) ought to also be a speedup for >> the situation where many other files use the same library emaker. > > Yes, caching does speed it up further, but I thought that was too much > of a change from the normal E behaviour. In the ideal world of the current import system, everything importable is DeepFrozen and cached (the cache could be weak-valued). In the ideal world of a well-designed module system -- I'm not sure whether everything-is-DeepFrozen or not. This is one of the issues which bogged down my progress on designing and implementing the module system. >> (3) You should not bind "safeScope" to the file env; the name >> "safeScope" (should be safeEnv) denotes the *particular* env which >> has >> no interesting authority, whereas yours does. > > I copied this pattern from the default safeScope (which also includes > the interesting "traceln"), but I don't mind either way. What should > safeScope["traceln"] be, then? Not sure, actually. But the issue is actually not relevant for traceln, because by definition the difference between tracelns is not observable other than their having different identities. -- Kevin Reid From tal at it-innovation.soton.ac.uk Mon Feb 22 03:14:38 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 22 Feb 2010 11:14:38 +0000 Subject: [e-lang] Modifying safeScope? Message-ID: <1266837278.2375.7.camel@danebury.it-innovation.soton.ac.uk> I found this a bit surprising... I guess safeScope can't be shared? # scope.emaker def someFunction() { def evalContext := safeScope.newContext(0) def tracelnNoun := safeScope.getScopeLayout().getNoun("traceln") tracelnNoun.initFinal(evalContext, def _(x) { traceln("Goodbye") } ) } safeScope["traceln"]("Hello from traceln") someFunction() safeScope["traceln"]("Hello from traceln") $ rune scope.emaker > Hello from traceln ... > Goodbye Bug? -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From tal at it-innovation.soton.ac.uk Mon Feb 22 04:36:17 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 22 Feb 2010 12:36:17 +0000 Subject: [e-lang] Alternative E loader In-Reply-To: References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1266842177.2375.32.camel@danebury.it-innovation.soton.ac.uk> On Fri, 2010-02-19 at 11:32 -0500, Kevin Reid wrote: > On Feb 11, 2010, at 11:50, Thomas Leonard wrote: [...] I've made some changes following your comments: git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation.git eloader http://gitorious.org/repo-roscidus/it-innovation/commit/4797228524e785f9c30759855da3b4adabc58078 - safeScope no longer contains the extra bindings, just a traceln with the right FQName. - The new environments are constructed without using Scope.fromState. - "scopeExtras" is now "envExtras". - Added a nestOuter call, so that the bindings can be overridden. I also made two other changes: - is no longer added automatically. It's easy enough to pass it in explicitly to envExtras when desired, and this allows it to be subclassed too. - getRoot() has been removed. A subclass of the loader that provides it can be bound to where necessary. -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From tal at it-innovation.soton.ac.uk Mon Feb 22 06:19:21 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 22 Feb 2010 14:19:21 +0000 Subject: [e-lang] Modifying safeScope? In-Reply-To: <1266837278.2375.7.camel@danebury.it-innovation.soton.ac.uk> References: <1266837278.2375.7.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1266848361.2375.37.camel@danebury.it-innovation.soton.ac.uk> On Mon, 2010-02-22 at 11:14 +0000, Thomas Leonard wrote: > I found this a bit surprising... I guess safeScope can't be shared? > > # scope.emaker > def someFunction() { > def evalContext := safeScope.newContext(0) > def tracelnNoun := safeScope.getScopeLayout().getNoun("traceln") > tracelnNoun.initFinal(evalContext, def _(x) { traceln("Goodbye") } ) > } > > safeScope["traceln"]("Hello from traceln") > someFunction() > safeScope["traceln"]("Hello from traceln") > > > $ rune scope.emaker > > Hello from traceln > ... > > Goodbye > > Bug? Another strange thing is that: ? interface SturdyRef {} java.lang.RuntimeException: Failed: can't redefine SturdyRef But I can override it using my loader. I think this is a good thing (I want to run my unit-tests in an environment with fake SturdyRef objects that don't really use the network), but I'm wondering if there's some security reason that means it shouldn't be redefined (auditors, etc)? Also: ? { interface SturdyRef {} } syntax error: { interface SturdyRef {} } But: ? { interface Foo {} } # value: Foo -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Mon Feb 22 06:35:50 2010 From: kpreid at mac.com (Kevin Reid) Date: Mon, 22 Feb 2010 09:35:50 -0500 Subject: [e-lang] Modifying safeScope? In-Reply-To: <1266848361.2375.37.camel@danebury.it-innovation.soton.ac.uk> References: <1266837278.2375.7.camel@danebury.it-innovation.soton.ac.uk> <1266848361.2375.37.camel@danebury.it-innovation.soton.ac.uk> Message-ID: On Feb 22, 2010, at 9:19, Thomas Leonard wrote: > Another strange thing is that: > > ? interface SturdyRef {} > java.lang.RuntimeException: Failed: can't redefine SturdyRef > > But I can override it using my loader. I think this is a good thing (I > want to run my unit-tests in an environment with fake SturdyRef > objects > that don't really use the network), but I'm wondering if there's some > security reason that means it shouldn't be redefined (auditors, etc)? This is from the ?unshadowable names? auditors plan. The idea was that a certain set of nouns (all those in the safeScope) *always* have the values they do, so auditors can rely on their behavior. This system has been superseded by the ?guard-based auditing? plan, which allows auditors to instead get a certain amount of information about what nouns *are* bound to, but E-on-Java has not been updated to acknowledge this. -- Kevin Reid From tal at it-innovation.soton.ac.uk Mon Feb 22 07:42:07 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Mon, 22 Feb 2010 15:42:07 +0000 Subject: [e-lang] JSON / XML support in E In-Reply-To: References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> Message-ID: <1266853327.2375.40.camel@danebury.it-innovation.soton.ac.uk> On Sat, 2010-01-16 at 17:07 -0800, Mark Miller wrote: > On Fri, Jan 15, 2010 at 4:47 AM, Kevin Reid wrote: > On Jan 15, 2010, at 6:12, Thomas Leonard wrote: > > OK, I can create JSON documents easily enough using > > > > def Term := > > def serialised := (testData :Term).asText() > > > > This is nice and fast, and I assume it could produce XML in > a > > similar way. > > > Huh, I didn't know that worked except for leaf types. (I find > that the > relevant code is in > org.erights.e.meta.org.quasiliteral.astro.AstroGuardSugar.) > > > Yes. The first test case at src/jsrc/org/quasiliteral/term/Term.updoc > is > > ? [3=>4, "a"=>'x', [2,3]=>[4,5]]:Term > # value: term`{3: 4, > # "a": 'x', > # [2, 3]: > # [4, 5]}` > > which exercises some of the interesting cases. This fails though: ? def Term := ? def jsonSurgeon := .makeSurgeon() ? def data := [["hello\nworld"]] ? def text := (data:Term).asText() ? def data2 := jsonSurgeon.unserialize(text) ? data == data2 # value: true The pretty printing inserts a space into the string after the \n: ? println(text) [["hello world"]] -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Mon Feb 22 08:32:58 2010 From: kpreid at mac.com (Kevin Reid) Date: Mon, 22 Feb 2010 11:32:58 -0500 Subject: [e-lang] JSON / XML support in E In-Reply-To: <1266853327.2375.40.camel@danebury.it-innovation.soton.ac.uk> References: <1256576936.3937.16.camel@danebury.it-innovation.soton.ac.uk> <8D537FBA-3DF3-4359-BBA2-5233D43B50A9@mac.com> <1263465938.2456.32.camel@danebury.it-innovation.soton.ac.uk> <3AC876A0-1082-46C8-B45C-AAA578103182@mac.com> <1266853327.2375.40.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <38E868E6-6676-48BF-8D1F-E86F548A7D15@mac.com> On Feb 22, 2010, at 10:42, Thomas Leonard wrote: > The pretty printing inserts a space into the string after the \n: > > ? println(text) > [["hello > world"]] This is definitely a bug, in that Terms should have read/print consistency. Condensed test cases: ? println(term`foo(["hello\nworld"])`.asText()) foo(["hello world"]) ? println(term`foo("hello\nworld")`.asText()) foo("hello world") ? println(term`foo(bar("hello\nworld"))`.asText()) foo(bar("hello world")) The first and third are wrong, the second is acceptable. -- Kevin Reid From tal at it-innovation.soton.ac.uk Fri Feb 26 08:17:01 2010 From: tal at it-innovation.soton.ac.uk (Thomas Leonard) Date: Fri, 26 Feb 2010 16:17:01 +0000 Subject: [e-lang] Alternative E loader In-Reply-To: <1266842177.2375.32.camel@danebury.it-innovation.soton.ac.uk> References: <1265907027.5611.14.camel@danebury.it-innovation.soton.ac.uk> <1266842177.2375.32.camel@danebury.it-innovation.soton.ac.uk> Message-ID: <1267201021.2354.12.camel@danebury.it-innovation.soton.ac.uk> On Mon, 2010-02-22 at 12:36 +0000, Thomas Leonard wrote: > On Fri, 2010-02-19 at 11:32 -0500, Kevin Reid wrote: > > On Feb 11, 2010, at 11:50, Thomas Leonard wrote: > [...] > > I've made some changes following your comments: > > git pull git://gitorious.org/~tal-itinnov/repo-roscidus/it-innovation.git eloader > > http://gitorious.org/repo-roscidus/it-innovation/commit/4797228524e785f9c30759855da3b4adabc58078 Hi Kevin, Did you get a chance to look at this? Does it need further changes? There are other patches I could submit (e.g. an sql__quasiParser, if you don't have one already), but I'd like to get these ones done first... Thanks, -- Dr Thomas Leonard IT Innovation Centre 2 Venture Road Southampton Hampshire SO16 7NP Tel: +44 0 23 8076 0834 Fax: +44 0 23 8076 0833 mailto:tal at it-innovation.soton.ac.uk http://www.it-innovation.soton.ac.uk From kpreid at mac.com Sat Feb 27 15:41:06 2010 From: kpreid at mac.com (Kevin Reid) Date: Sat, 27 Feb 2010 18:41:06 -0500 Subject: [e-lang] Fwd: ScopeLayout hidden References: Message-ID: <7956F9BB-11AC-497A-9F0A-5FCA64A82987@mac.com> Begin forwarded message: > From: Mark Miller > Date: February 27, 2010 18:06:46 EST > To: Kevin Reid > Cc: Thomas Leonard > Subject: ScopeLayout hidden > > Kevin, Besides the obvious change, this [patch] also does a bit of > comment > reformatting. And it adds maximally restrictive safej files for > ScopeLayout and EvalContext, just in case they leak by other means. > See ENode#getScopeLayout() as such a leak that should probably be > plugged more directly than just making ScopeLayouts opaque. > > Hi Thomas, I'm cc'ing you as our new committer. Welcome aboard! This > is in reaction to the bug you reported. The underlying problem is that > our taming system is too permissive. This doesn't fix this underlying > problem, but only a symptom: It restricts Scope to not expose > ScopeLayouts or EvalContexts, as these are really details of the > implementation that shouldn't be visible from E. The specific bug you > found came from exposing an internal optimization that relied to > delicate invariants to E code which could violate these invariants. -- Kevin Reid From kpreid at mac.com Sat Feb 27 18:11:06 2010 From: kpreid at mac.com (Kevin Reid) Date: Sat, 27 Feb 2010 21:11:06 -0500 Subject: [e-lang] Fwd: ScopeLayout hidden In-Reply-To: <7956F9BB-11AC-497A-9F0A-5FCA64A82987@mac.com> References: <7956F9BB-11AC-497A-9F0A-5FCA64A82987@mac.com> Message-ID: <497BBD0F-FC40-4B70-996D-F65AF18C96D1@mac.com> On Feb 27, 2010, at 18:41, Kevin Reid wrote: > Begin forwarded message: > >> From: Mark Miller >> Date: February 27, 2010 18:06:46 EST >> To: Kevin Reid >> Cc: Thomas Leonard >> Subject: ScopeLayout hidden >> >> Kevin, Besides the obvious change, this [patch] also does a bit of >> comment >> reformatting. And it adds maximally restrictive safej files for >> ScopeLayout and EvalContext, just in case they leak by other means. >> See ENode#getScopeLayout() as such a leak that should probably be >> plugged more directly than just making ScopeLayouts opaque. This patch has now been committed. -- Kevin Reid