Will ruby support require 'path/to/dir/**' in the future

addis_a · October 3, 2014, 5:55pm

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’
require ‘path/to/dir/**’

is eql with

require ‘path/to/dir/file’
require ‘path/to/dir/file2’

roroco · October 3, 2014, 6:38pm

Hi roro,
roro codeath [email protected] writes:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’
require ‘path/to/dir/**’

is eql with

require ‘path/to/dir/file’
require ‘path/to/dir/file2’

You can achieve this with the “require_all” gem:

Vale,
Quintus

–
Blog: http://www.quintilianus.eu

I will reject HTML emails. | Ich akzeptiere keine HTML-Nachrichten.
|
Use GnuPG for mail encryption: | GnuPG für Mail-Verschlüsselung:
http://www.gnupg.org | The GNU Privacy Guard

roroco · October 3, 2014, 6:57pm

On Oct 3, 2014, at 12:49, Ammar A. [email protected] wrote:

On Oct 3, 2014, at 6:54 PM, roro codeath [email protected] wrote:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’
require 'path/to/dir/**

Most probably, no. For security reasons.

Its not for security reasons. If someone can write arbitrary files into
a directory youre requiring wholesale, they can probably delete and
write new files too.

Id consider it to not exist just because you rarely need it. When I have
a directory full of files, Im probably only requiring one or two at a
time, and letting those files sort out their requirements themselves. In
other cases, I just have the parent file outside the directory load them
all in a correct order; i.e. the base class before any subclasses, like
this:

%w{ operation base inner_register inner_flag counter inner_counter etc
}.each do |f|
require “riak/crdt/#{f}”
end

roroco · October 3, 2014, 6:50pm

On Oct 3, 2014, at 6:54 PM, roro codeath [email protected] wrote:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’
require 'path/to/dir/**

Most probably, no. For security reasons.

is eql with

require ‘path/to/dir/file’
require 'path/to/dir/file2

That is not what it equals. It could equal:

require path/to/dir/file
require path/to/dir/file2
require path/to/dir/some_thing_nasty
require path/to/dir/something_you_dont_want
require path/to/dir/god_knows_what
require path/to/dir/omg_what_is_this
etc.

If you know (ruby doesn’t) that you want all the files in a given
directory, you can use Dir, something like:

Dir[path/to/dir/*.rb’].each {|file| require file }

But, I think that has the same security issue. A better way is to list
the exact files you want to require, or if you dont want to do that,
maybe something like:

%w{file file2 file3}.each {|file|
require path/to/dir/#{file}"
}

Regards,
Ammar

roroco · October 3, 2014, 7:08pm

On Oct 3, 2014, at 7:56 PM, Bryce K. [email protected]
wrote:

Its not for security reasons. If someone can write arbitrary files into a
directory youre requiring wholesale, they can probably delete and write new files
too.
I consider it a security risk, and if it existed, I would consider it
poor practice. Require what you know you want.

%w{ operation base inner_register inner_flag counter inner_counter etc }.each do
|f|
require “riak/crdt/#{f}”
end

Thats exactly the example I gave.

Regards,
Ammar

roroco · October 3, 2014, 7:01pm

i use rubymine, i hope ruby core team provide native support and
rubymine
will inspect when index file system,ca you where to send this suggetion
to
ruby-core team.

roroco · October 3, 2014, 7:15pm

On Friday, October 03, 2014 07:49:42 PM Ammar A. wrote:

On Oct 3, 2014, at 6:54 PM, roro codeath [email protected] wrote:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’ require 'path/to/dir/**’

Most probably, no. For security reasons.

Could you tell what security reasons you are talking about ? Asking out
of
curiosity.

–

Regards,
Arup R.

Debugging is twice as hard as writing the code in the first place.
Therefore,
if you write the code as cleverly as possible, you are, by definition,
not
smart enough to debug it.

–Brian Kernighan

roroco · October 3, 2014, 7:34pm

On 14-10-03, 8:54, roro codeath wrote:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’
require ‘path/to/dir/**’

is eql with

require ‘path/to/dir/file’
require ‘path/to/dir/file2’

The idiomatic way to do this in ruby is to make a “manifest” file
outside of “/dir/…” called “dir.rb” that handles requiring everything
inside it. This is commonly done in rubygems, e.g.

 require 'active_support'

 # active_support.rb
 require 'active_support/time'
 require 'active_support/...'

Then you can require all of it or just the components you need.

I don’t see the need for “**”. Also, with files coming from multiple
locations in the load path, wildcards just seem like a bad idea.

Andrew V.

roroco · October 3, 2014, 8:06pm

On Oct 3, 2014, at 7:14 PM, Arup R. [email protected]
wrote:

On Friday, October 03, 2014 07:49:42 PM Ammar A. wrote:

On Oct 3, 2014, at 6:54 PM, roro codeath [email protected] wrote:

for instance, there are two exist files, ‘path/to/dir/file’ and
‘path/to/dir/file2’ require 'path/to/dir/**

Most probably, no. For security reasons.

Could you tell what security reasons you are talking about ? Asking out of
curiosity.

The risk of requiring a file you did not intend to require. I believe
that reason was part of the rationale behind introducing
require_relative in 1.9.

I could be paranoid about the security aspect, but thats what most of
security is about, not doing things that could be abused.

Even if the security concerns were negligible, or even unfounded, I
still think it is poor practice to require all files from a directory en
masse. It really doesnt take that much effort to explicitly list them.

Regards,
Ammar

roroco · October 4, 2014, 8:52am

On Oct 3, 2014, at 21:08, roro codeath [email protected] wrote:

i know how to implement require_all, i only wanna add this feature when i write
simple cli. […]

So… a vast minority of the time. I don’t think this proposal has
enough utility to outweigh the problems it causes.

roroco · October 4, 2014, 6:08am

i know how to implement require_all, i only wanna add this feature when
i
write simple cli. i think this feature is fit in following case

lib/my/core_ext/module.rb
lib/my/core_ext/class.rb
…

lib/my/core_ext.rb

require ‘lib/my/core_ext/**’

roroco · October 4, 2014, 11:45am

On Sat, Oct 4, 2014 at 8:52 AM, Ryan D. [email protected]
wrote:

On Oct 3, 2014, at 21:08, roro codeath [email protected] wrote:

i know how to implement require_all, i only wanna add this feature when i write
simple cli. […]

So… a vast minority of the time. I don’t think this proposal has enough
utility to outweigh the problems it causes.

I agree, it is a security risk and it should not be a standard
feature. Especially since it’s so easy to hand code:

Dir[“foo/**/*.rb”].each {|f| require f}

Oh, and btw. something these generic algorithms cannot do: they cannot
decide on the order to import which will work poorly when having
dependencies inside the library (which is usually the case) - you will
have to declare them properly in all the files anyway. And loading the
whole tree at once will also defy autoload. So, all in all, it’s a bad
idea.

Kind regards

robert

Will ruby support require 'path/to/dir/**' in the future

–

Regards, Arup R.

lib/my/core_ext.rb

Regards,
Arup R.