[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [DISCUSSION] The meaning of :cmdline header argument across babel ba
|
From: |
Max Nikulin |
|
Subject: |
Re: [DISCUSSION] The meaning of :cmdline header argument across babel backends |
|
Date: |
Sat, 27 Apr 2024 17:53:25 +0700 |
|
User-agent: |
Mozilla Thunderbird |
On 26/04/2024 20:09, Ihor Radchenko wrote:
Max Nikulin writes:
However looking wider, I do not like that :cmdline for ob-shell has
different meaning than for other languages, see e.g. ob-sql. Only for
shell this parameter is treated as arguments of a *script*. In other
cases :cmdline is used to specify arguments of *interpreter* and I think
ob-shell should follow this convention.
Alas, we already have the current state of affairs documented in
https://orgmode.org/worg/org-contrib/babel/languages/ob-doc-shell.html#orge70bc7b
So, no breaking changes.
It is documented as
" :cmdline <arg_1> ... [arg_n]
Use the :cmdline header arg to pass arguments to a shell command."
However current implementation allows code injection through args,
including a trivial one
#+header-arg: :results verbatim
#+begin_src sh :cmdline 1 ; touch /tmp/not-an-arg
printf '%s\n' "$@"
#+end_src
#+RESULTS:
: 1
"touch ..." *are not arguments of the script*. So users should be
careful to get documented behavior.
And shell scripts are not like SQL queries - they often do need to check
arguments. So, the current behaviour is justified, IMHO.
stackoverflow is full of suggestion how to pass arguments to a SQL
script executed by mysql. Unfortunately it is unsafe and allows
injection of code. psql (PostgreSQL) allows to pass parameters, however
it is more like :var than script arguments. So it is true that CLI
clients for SQL databases do not implement positional parameters.
ARGV is treated in a quite specific way by awk. It may contain file
names, variable assignments, and might be overwritten in BEGIN block.
However a close ob-awk header argument is :cmd-line, not :cmdline, so
inconsistency is even greater.
What might be done is introducing _two_ different header arguments - one
for interpreter switches, and another for script/program switches.
Say, :interpreter-cmdline and :script-cmdline.
Then, we can call the current :cmdline behaviour "dwim" and allow users
to be more explicit if necessary.
It is too easy to confuse org-babel, so "dwim" works in simple cases
only. Independent header arguments make things more clear, I would
prefer :script-args. The question is whether they should be interpreted
by shell (flexibility and shooting feet) or more strict syntax `("hello
world" 1 a) should be used.
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, (continued)
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Max Nikulin, 2024/04/24
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Ihor Radchenko, 2024/04/24
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Max Nikulin, 2024/04/25
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Ihor Radchenko, 2024/04/26
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Max Nikulin, 2024/04/27
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Max Nikulin, 2024/04/27
- Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Ihor Radchenko, 2024/04/28
Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Max Nikulin, 2024/04/23
Re: [PATCH] Re: [BUG] ob-shell: :shebang changes interpretation of :cmdline, Ihor Radchenko, 2024/04/26