miniblog.

← Back to all posts
Jul 17, 2018 at 18:22
Cute idea (in a rather dramatic blog post): randomly generate strings for PL keywords, and apply the same transformation to your source code. This prevents code injection: https://blog.polyverse.io/introducing-polyscripting-the-beginning-of-the-end-of-code-injection-fe0c99d6f199 (I suppose you could brute force, and they don't say if it breaks eval.)

Related Posts

Jun 5, 2025 at 21:08
31
When a tool supports both regular expressions and literal strings, which should be the default? If you default to regex, users can match more strings than they realise (e.g. `foo.txt`) or less (e.g. `foo(bar)`). I typically see regex as the default, but I prefer the opposite.
Nov 4, 2023 at 03:05
I still find C-style format strings to be more readable than Rust format strings. "Player %s has score %d" vs "Player {} has score {}". The former feels a little easier to visualise how it will look in practice. Have I missed anything? Every format string specification I've ever looked at is surprisingly big.
Jul 13, 2023 at 00:45
I've released difftastic 0.48! Highlights in this release: * Subword highlighting in replaced strings! This is a big improvement in many situations. * Better Scala parsing * Better Haskell handling
PhotoPhoto
Release 0.48.0 · Wilfred/difftastic
Release 0.48.0 · Wilfred/difftastic
Difftastic is a structural diff tool that understands syntax. See the manual to get started, and the changelog for historical changes. Parsing Updated Scala parser. Improved parsing of qualified mo...