[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#19479: Package manager vulnerable
From: |
Stefan Kangas |
Subject: |
bug#19479: Package manager vulnerable |
Date: |
Mon, 7 Sep 2020 11:11:08 -0700 |
Noam Postavsky <npostavs@gmail.com> writes:
> Stefan Kangas <stefan@marxist.se> writes:
>
>>> Is this a function (rather than a variable) just so it can be in the
>>> same cl-flet* as do-check?
>>
>> I'm not sure I understand; it should be a function instead of a variable
>> because there is logic in there to match `(secure-hash-algorithms)'
>> against `(package-desc-checksums pkg-desc)' and signal an error.
>
> Ah, I think had forgotten about/was confused by cl-flet's (FUNC (lambda
> ARGLIST ...)) syntax when I wrote that. Although I suppose you could
> make it a plain variable by moving it inside do-check's lambda (not sure
> if that's an improvement)?
Sure, you could do that. I guess it's mostly down to style, but I
personally feel like that change would make the code a little bit harder
to read here.