From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>
Received: from mp11.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by ms5.migadu.com with LMTPS
	id eBsHAXg9lmM+/QAAbAwnHQ
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 11 Dec 2022 21:28:40 +0100
Received: from aspmx1.migadu.com ([2001:41d0:8:6d80::])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	by mp11.migadu.com with LMTPS
	id uEsZAXg9lmOQQwAA9RJhRA
	(envelope-from <emacs-orgmode-bounces+larch=yhetil.org@gnu.org>)
	for <larch@yhetil.org>; Sun, 11 Dec 2022 21:28:40 +0100
Received: from lists.gnu.org (lists.gnu.org [209.51.188.17])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by aspmx1.migadu.com (Postfix) with ESMTPS id CC9F02FDA4
	for <larch@yhetil.org>; Sun, 11 Dec 2022 21:28:39 +0100 (CET)
Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-orgmode-bounces@gnu.org>)
	id 1p4SvO-0006UN-Fk; Sun, 11 Dec 2022 15:27:50 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <tgbugs@gmail.com>) id 1p4SvM-0006Tv-KO
 for emacs-orgmode@gnu.org; Sun, 11 Dec 2022 15:27:48 -0500
Received: from mail-yb1-xb36.google.com ([2607:f8b0:4864:20::b36])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128)
 (Exim 4.90_1) (envelope-from <tgbugs@gmail.com>) id 1p4SvL-0007hG-2B
 for emacs-orgmode@gnu.org; Sun, 11 Dec 2022 15:27:48 -0500
Received: by mail-yb1-xb36.google.com with SMTP id j206so11453774ybj.1
 for <emacs-orgmode@gnu.org>; Sun, 11 Dec 2022 12:27:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112;
 h=cc:to:subject:message-id:date:from:in-reply-to:references
 :mime-version:from:to:cc:subject:date:message-id:reply-to;
 bh=ePasfxvZDCHNRp1ukVQPBhp9oBG1twy1hb4LO/qxvzU=;
 b=Px+l1xkEe2M3eB+aawkANoalsnNYG/HC61ytL/Wd8xIqi1MNnyL9B0k5d3+NZHWHIo
 xBg4hQ7v5K8vtQeOcLpFLLHDCBWKmAxPmBKE1i9/UiYLbxEG8BefFqRa2ijRWB/uUcyn
 QPlzQOB4NhyYC42e8BgXBkFzHy53WuxscEtczLW/nQqOM5nRwPtocVqL//l1T+UbkQOh
 tjnFerqIjU5f0MmsKC3DtdTNxFzlRhMq2Ijfn7PZ2u6zHwGljOZxpwy4B4zZlJuoWD7P
 zc5ky7VG4pC6Gx8iNBw6oxPuVE0i3f6aDzD3a2Ayz0D9eqmxmKechI0Oi2ogHpm6h6FN
 d3RA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=cc:to:subject:message-id:date:from:in-reply-to:references
 :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id
 :reply-to;
 bh=ePasfxvZDCHNRp1ukVQPBhp9oBG1twy1hb4LO/qxvzU=;
 b=7vwpmhaHU32G08jAyR4DbDgSw0Gplnor2x3jOFqZAERjD7c0iQOw0DbDektTzZWujt
 eAKFchpNEbBmIYpzgFG3bR8wu3vFy+qxzq2FRt1zDYLDfpNG7Ghc06zlmZtWKk4AzwN5
 LtpN2wDnyTcA+E2CimF9neD6dntElaUNpc+lCyazUSUCvyqqQ1bdniI54zqUUzpclLp4
 k2uS5W+jS/F3eHHZugiIZzmjwdLlyJnCBzOrv/lMuCEPaKbLTSdirY+Z0KivdvxsIPp/
 Z3v3rSOIZaY9ZRSUPtukDg5R1G9TeJ049sZZp7ipy4AY340KgGXCxU9pSAWXrIZegOx2
 Tl3A==
X-Gm-Message-State: ANoB5pl5E8FjNVzp1gOBHYgA4hyTs4iW1Cdo5EZEWJ2VtG4XeeIDx4Lv
 HBBOpRO+iNa31fNJifSGePpmVHbmTCzccR/HCt8=
X-Google-Smtp-Source: AA0mqf5ca5vR21FOSbHGp7is3XTNv5IByAL3yg44+zNK/3JymVymQt1vtiFo6W5cgXZGG2Hmd9jJGEllhu9O87W8rGs=
X-Received: by 2002:a25:bd4c:0:b0:706:d47d:ef59 with SMTP id
 p12-20020a25bd4c000000b00706d47def59mr9291420ybm.62.1670790464422; Sun, 11
 Dec 2022 12:27:44 -0800 (PST)
MIME-Version: 1.0
References: <CA+G3_PNmnJ-ehnYOBkaOOsyNjeb-OJyoy+sg_g5v3AZVGiNoXg@mail.gmail.com>
 <tn3h08$1099$1@ciao.gmane.io>
In-Reply-To: <tn3h08$1099$1@ciao.gmane.io>
From: Tom Gillespie <tgbugs@gmail.com>
Date: Sun, 11 Dec 2022 12:27:32 -0800
Message-ID: <CA+G3_PNHe3J+PHzv_L+X1DR66TGc3sW5FxiJC5HqDd57N75P0w@mail.gmail.com>
Subject: Re: [PATCH] ob-core: add org-confirm-babel-evaluate-cell custom
 variable
To: Max Nikulin <manikulin@gmail.com>
Cc: emacs-orgmode@gnu.org
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=2607:f8b0:4864:20::b36;
 envelope-from=tgbugs@gmail.com; helo=mail-yb1-xb36.google.com
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001,
 RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001,
 SPF_PASS=-0.001 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-orgmode@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "General discussions about Org-mode." <emacs-orgmode.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-orgmode>
List-Post: <mailto:emacs-orgmode@gnu.org>
List-Help: <mailto:emacs-orgmode-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-orgmode>,
 <mailto:emacs-orgmode-request@gnu.org?subject=subscribe>
Errors-To: emacs-orgmode-bounces+larch=yhetil.org@gnu.org
Sender: emacs-orgmode-bounces+larch=yhetil.org@gnu.org
X-Migadu-Country: US
X-Migadu-Flow: FLOW_IN
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org;
	s=key1; t=1670790519;
	h=from:from:sender:sender:reply-to:subject:subject:date:date:
	 message-id:message-id:to:to:cc:cc:mime-version:mime-version:
	 content-type:content-type:in-reply-to:in-reply-to:
	 references:references:list-id:list-help:list-unsubscribe:
	 list-subscribe:list-post:dkim-signature;
	bh=ePasfxvZDCHNRp1ukVQPBhp9oBG1twy1hb4LO/qxvzU=;
	b=EjdXe6JOu7hSY6XtKX573KIOQKuYj/cFAAAsbbGHvD2NHx4GyjzhtmMaNNdFPNk6I3Di/g
	UlOpj+TfCGNa1MSSKfhkvxktWJm+wbSBAMC4iOy482TPdydfoDYMpC4UCSPQQCpQPG5FH/
	d6jTQRuoWqfLpWfO9jh0LzZ+uIG5nZUnzlNiJfMAmZclvSMwJaO5nmw1sq2bT0qTNRL5Ib
	1xzb3Dqt2yQKn4f5USGApvx2YREIrHeb6nxCfgyMVEll3Bs0m1ghTpHUOhh59I4MOruKpJ
	GfCM1+DQ/y28TvqwNdz2+vmOskm52mT7eRyaZjDWFbSA5oNQ5MrOlFwUAZKgvA==
ARC-Authentication-Results: i=1;
	aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Px+l1xkE;
	spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gmail.com
ARC-Seal: i=1; s=key1; d=yhetil.org; t=1670790519; a=rsa-sha256; cv=none;
	b=mc5gQx4ir5Acd+grGGy7VGtiY855274QXc59vf38ToYaA0HgwtICCWfWcqTqj1YaclUjwM
	gy4NaioZcqssTDSGR1SKI5FnmLdn4Frol/CKO0gfr6D68/qF2GFcofUxPa9JDcufN1UUDu
	O1T9hR8+hQuI36S+xxrsq442hxHPA8oQpsv1CWpWaEWMKK83wiE7LkyKQHzrieLM6u3H1k
	BIYYn/l29SoezJRCAHUuuQl7ugCbjX9/1rL6N6ibssyLtH3obcJIOUqmSeySuvxCOcYUdN
	7Gr61mrNA3IH2KhTtUiwnHPH51KouI4os8N5Ng8c0QtCIAGrZF93ELrA2ELT2g==
X-Migadu-Spam-Score: -10.89
X-Spam-Score: -10.89
X-Migadu-Queue-Id: CC9F02FDA4
X-Migadu-Scanner: scn0.migadu.com
Authentication-Results: aspmx1.migadu.com;
	dkim=pass header.d=gmail.com header.s=20210112 header.b=Px+l1xkE;
	spf=pass (aspmx1.migadu.com: domain of "emacs-orgmode-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="emacs-orgmode-bounces+larch=yhetil.org@gnu.org";
	dmarc=pass (policy=none) header.from=gmail.com
X-TUID: dvp7ZgomYNp5

Hi Max,
   Thank you for the feedback. More replies in lines. Best!
Tom

> I am not sure concerning "exactly".
>
> lisp/ob-core.el:248
> `org-confirm-babel-evaluate' is called with 2 arguments. In your patch
> `org-confirm-babel-evaluate-cell' has a single argument.

You're right, and in point of fact I should have retained the structure
exactly because in other contexts I have thought about ways to use
other languages in contexts like that. At the moment everything is
elisp so I dropped the argument, but that is clearly a mistake.

> It seems, you do not change defaults. Could you, please, provide an
> example of configuration that is less annoying, but still safe?

#+begin_src elisp :results none
(setq-local
 org-confirm-babel-evaluate-cell
 (lambda (lang body)
   (ignore lang)
   (let ((rb (read body)))
     (not ; aka (unless condition t)
      (or
       (member rb
               '((or)
                 (and)
                 ;; add more forms that are known safe here
                 ))
       (and
        (eq (car rb) 'identity)
        (let ((v (cadr rb)))
          (or
           (symbolp v)
           (stringp v)
           (numberp v)
           ))))))))
#+end_src

#+header: :var v1=(or) v2=(and) v3=(identity nil)
#+header: :var v4=(identity default-directory) v5=(identity #o0755)
#+header: :var v6=(identity "not sure why you would want to do this")
#+header: :var v7=(identity (concat "this" "will" "fail"))
#+header: :var v8="reminder that strings are ok"
#+begin_src elisp
(mapcar
 #'list
 (list v1 v2 v3 v4 v5 v6 v7 v8))
#+end_src

> I was thinking if it is possible to collect requests to confirm and to
> allow the user to decide for the whole bunch of expressions and code
> blocks. Besides implementation issues, there is a question concerning UI
> that will allow to inspect code to be evaluated.

Yes, in the example above I thought about including something
with a yes-or-no-p where users could quickly add forms to a
safe list some (defcustom org-known-safe-cells '()) or something
like that. A user could do that with the new machinery, and we
could do the same for the default implementation. I think that
is the next step once we get the basics in place.

> Calling convention for the case of function value is not described. If
> it is really the same as for `org-confirm-babel-evaluate' then this user
> option should be mentioned in the docstring.

When I correct the function signature to actually match
I will make a note in the docstring.

> :package-version instead of :version?

I think because org is part of emacs core we use the emacs version?
I see "24.1" included with other org defcustoms.

> Is there any reason to not use the :safe property of `defcustom'? I see
> that you take definition of `org-confirm-babel-evaluate' as a template
> so I wonder if there is some particular reason or the original code was
> just written before introducing of :safe.

I'm guessing that it was written before :safe, but don't
know for sure. A systematic cleanup of stuff like that
could come after this maybe?