Eric Sunshine <sunshine@xxxxxxxxxxxxxx> writes: > What I was really asking was whether this sort of checking really > belongs in git-send-email or if it is better left to Net::SMTP (and > Authen::SASL) to do so since they are in better positions to know what > is valid and what is not. If the Perl module(s) generate suitable > diagnostics for bad input, then it makes sense to leave the checking > to them. If not, then I can understand your motivation for > git-send-email doing the checking instead in order to emit > user-friendly diagnostics. > > So, that's what I meant when I asked 'What are the consequences of not > limiting the input to this "approved" list?'. > > The other reason I asked was that it increases maintenance costs for > us to maintain a list of "approved" mechanisms, since the list needs > to be updated when new ones are implemented (and, as brian pointed > out, some may already exist which are not in your list). Both are very good points. I do not think we should be limiting the user input; instead, we (1) either let the Perl module emit proper diagnosis (e.g. it may say "There is no valid auth method in the list you gave me, which was 'PLIAN LOGIN CROM-MD5'") and do nothing, or (2) catch the error from the Perl module and then guess what happened after the fact (e.g. the module may say in its die() message something that is understandable by the program but not by the user, and "eval { ... module call ... }; if ($@) { ... HERE ... }" would massage what it can learn in HERE from $@ into what the end user would understand. It may be that it is sufficient to have something as simple as this: my $msg = "$@" if ($smtp_auth is used to customize) { $msg .= "\nYour customized <$smtp_auth> might be misspelt?" } die $msg; in "HERE" above. > ... > Maybe. This leads back to my original question of whether it's really > git-send-email's responsibility to do validation or if that can be > left to Net::SMTP/Authen::SASL. If the Perl module(s) emit suitable > diagnostics for bad input, then validation can be omitted from > git-send-email. Yes, exactly. What happens if we go the route of doing nothing here? What are the horrible diagnostic message the end user would not understand? -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html