On Thu, Aug 5, 2021 at 6:41 PM S Pradeep Kumar
On Thu, Aug 5, 2021 at 1:50 AM Guido van Rossum
wrote: I think you are looking for the concept named “tainting” in other languages.
Guido: No, I wasn't looking for full-fledged taint analysis for finding security vulnerabilities. (We do that with Pysa [1], for example :) )
Okay, fine. Format strings, explicit database queries, etc. are places where we simply
don't want to allow any non-literals.
Still, you intend this as a security check, right? (Quoting your first message: "my_format_string(user_controlled_string, sensitive_data)".) And one could certainly write a taint-clearing function like this (following your identity() example): def clear_or_die(a: str) -> L[str]: if not verify(a): raise ValueError(...) return cast(L[str], a)
As Jelle had pointed out, people already write ad hoc tools to check for literalness. I think the concept of arbitrary literal strings gives us a simple, readable way to express our intentions.
Your examples didn't *quite* show this, but I do think you'd allow this, right? def f(a: L[str]): ... def g(a: L[str]): f(a) # Allowed, even though 'a' isn't a literal -- its type is stil literal g("hello") I do agree with Jelle that the notation Literal[str] feels inconsistent with Literal["hello"]. -- --Guido van Rossum (python.org/~guido) *Pronouns: he/him **(why is my pronoun here?)* http://feministing.com/2015/02/03/how-using-they-as-a-singular-pronoun-can-c...