Hi,
I was just looking at the extensions/pref/autoconfig/ directory and trying
to understand what it does.
As far as I can tell, the code is there to allow custom deployments with
particular prefs set, as described at
On 10/30/2017 10:03 PM, Kris Maglione wrote:
On Mon, Oct 30, 2017 at 08:28:39AM -0700, Jim Blandy wrote:
Okay, this is half the argument. The second half would be:
- Does auto cause such mistakes more often than it prevents them? The
benefit claimed for auto is that it usually makes code more
This is a heads up that I am shutting down further development of my
Bugzilla Socorro Lens add-on. If you're currently using the add-on I
recommend that you uninstall it and please file issues at
https://github.com/ashughes1/bmo-bsl.
Over the past few weeks I've been working to integrate the
On Mon, Oct 30, 2017 at 08:28:39AM -0700, Jim Blandy wrote:
Okay, this is half the argument. The second half would be:
- Does auto cause such mistakes more often than it prevents them? The
benefit claimed for auto is that it usually makes code more legible.
Hopefully that prevents mistakes, on
понедельник, 23 октября 2017 г., 11:52:19 UTC+3 пользователь Karl Tomlinson
написал:
> I don't know how well GConf is supported by more recent GNOME
> versions. I assume GSettings support was added to
> nsUnixSystemProxySettings because GConf was to be no longer
> supported, but the crash
On Mon, Oct 30, 2017 at 11:04:10AM -0400, Boris Zbarsky wrote:
On 10/30/17 10:52 AM, Simon Sapin wrote:
How do new language features lead to security bugs?
By making unsafe behaviors easier or more tempting.
For example:
[&]() { /* stuff */ }
is a huge footgun in a language without a
On 2017-10-25 1:34 PM, Gregory Szorc wrote:
Adding --enable-release to your mozconfig (the configuration for builds we
ship to users) enables -Copt-level=2. (i.e. we didn't change optimization
settings for builds we ship to users.)
I've added a note about this to our benchmarking instructions
Okay, this is half the argument. The second half would be:
- Does auto cause such mistakes more often than it prevents them? The
benefit claimed for auto is that it usually makes code more legible.
Hopefully that prevents mistakes, on the balance.
- Is ranged-for more prone to iterator
On 10/30/2017 04:52 PM, Simon Sapin wrote:
On 30/10/17 15:05, smaug wrote:
And let's be careful with the new C++ features, pretty please. We
managed to not be careful when we started to use auto, or ranged-for
or lambdas. I'd prefer to not fix more security critical bugs or
memory leaks just
On 10/30/17 10:52 AM, Simon Sapin wrote:
How do new language features lead to security bugs?
By making unsafe behaviors easier or more tempting.
For example:
[&]() { /* stuff */ }
is a huge footgun in a language without a borrow checker. You _could_
still do something like that before
I don't know about C++14 specifically, but a good example is C++17's
std::string_view, which allows an implicit cast from std::string&& and can
very easily lead to UAF:
https://github.com/isocpp/CppCoreGuidelines/issues/1038
Alex
On Mon, Oct 30, 2017 at 10:52 AM, Simon Sapin
On 30/10/17 15:05, smaug wrote:
And let's be careful with the new C++ features, pretty please. We
managed to not be careful when we started to use auto, or ranged-for
or lambdas. I'd prefer to not fix more security critical bugs or
memory leaks just because of fancy hip and cool language
And let's be careful with the new C++ features, pretty please.
We managed to not be careful when we started to use auto, or ranged-for or
lambdas.
I'd prefer to not fix more security critical bugs or memory leaks just because
of fancy hip and cool
language features ;)
-Olli
On 10/30/2017
> On Oct 18, 2017, at 3:30 PM, Mike West wrote:
>
> We do have `worker-src` tests, FWIW:
> https://github.com/w3c/web-platform-tests/tree/master/content-security-policy/worker-src/
>
>
14 matches
Mail list logo