On Sun, Dec 11, 2005 at 01:07:47PM +0100, Sven Panne wrote:
Am Sonntag, 11. Dezember 2005 09:58 schrieb Tomasz Zielonka:
[...] I would like to see some support in tools for enforcing such a coding policy. It could look like this - a function written using only safe components would be marked as safe. Every unsafe feature like FFI, unsafePerformIO, etc. would "taint" a module/function, marking it unsafe. [...]
... in effect making things like putStrLn, getContents etc. "tainted", resulting in probably > 95% of the hierachical libraries in the fptools repository being "tainted", including lots of stuff from the H98 report. :-) Nice idea, but not very practical IMHO.
Those could be marked as trusted with a high level of confidence. Anyway, I haven't thought too long about this idea so it's bound to have problems. It would have to be very well thought out to be practical. For example, imagine that we have a function f implemented using functions g and h. I could mark f as safe, but if someone changes definitions of g or h? Should f be reviewed again? Perhaps the system should use some kind of contracts... Not an easy thing. But what can we do to keep Haskell safe? Does anybody else see the same danger? Best regards Tomasz -- I am searching for a programmer who is good at least in some of [Haskell, ML, C++, Linux, FreeBSD, math] for work in Warsaw, Poland