• @[email protected]
    link
    fedilink
    5
    edit-2
    5 months ago

    I don’t have an opinion on the topic but I see a blind spot in your argument, so I have to be that kind of person … 🥺

    One could use the exact same example to argue that humans are very bad at parsing code (especially if whitespace kicks in). In that regard a tool that allows them to reason on a standardized representation of the AST can be a protection against a whole class of attacks.

    • mox
      link
      fedilink
      10
      edit-2
      5 months ago

      That’s not a blind spot in my comment. See my final paragraph.

      It’s only one sentence. Maybe it was easy to miss. :)

      • @[email protected]
        link
        fedilink
        English
        15 months ago

        I like the idea, but I can’t come up with any method that won’t devolve into most reviewers only checking the highlighted parts tbh.

      • @[email protected]
        link
        fedilink
        15 months ago

        Oh yeah, so I’m that other kind of guy 🥺

        I kinda like your idea, but I think it can be difficult to detect some confusing situations. I think it would be a better idea, but I don’t think it’s a full replacement.