Matt Haggard iffy

## Dockerfile
# -- Stage 1 -- #
FROM nimlang/nim:1.6.10-alpine@sha256:408ebac99ad2d170a59e7a09c10e82e7336cf71fa38c7a1322aaa598a54d32c2 as builder
WORKDIR /app
RUN apk update && apk add libsodium-static libsodium musl-dev
RUN nimble install -y libsodium
COPY . .
RUN nim c -o:testapp main.nim
RUN ls -al

# -- Stage 2 -- #

## nbody.nim
## Compile for speed with `nim c -d:danger nbody.nim`
## Run `./nbody 10000000`

import std/os
import std/sequtils
import std/strformat
import std/strutils
import std/tables
from std/math import pow

## proposal.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                iffy
                / proposal.md
            
            
              Created
              March 30, 2021 12:51
            
              
                Idea for making Nim's `staticExec`/`staticRead` auditable
              
          
    I agree that it's impossible for Nim to protect you if you're willing to compile other people's code.
However, it could be good if Nim provided a means for auditing calls to staticExec/staticRead.  Or at least provided means for someone else to write an auditing library. I imagine something like the following could work and not be onerous either to the user or the compiler:

nim c --strictStatic myfile.nim

This would fail on all instances of staticExec with a message like:
ERROR: Prevented execution of myfile.nim:staticExec("/bin/echo foo") Pass --allowStatic:'myfile.nim:staticExec("/bin/echo foo")' to allow it

  
## equalproc.nim
import sequtils
import strutils
import macros
import sugar
export macros

proc replaceNodes*(ast: NimNode): NimNode =
  ## Replace NimIdent and NimSym by a fresh ident node
  ##
  ## Use with the results of ``quote do: ...`` to get

## dumpMem.nim
import strutils
import terminal

template lowerHex(x:untyped):untyped =
  toHex(x).toLower()

proc charRepr(x:byte):char =
  case x
  of 32..126: result = chr(x)
  else: result = '.'

## results.txt
python testsqlite.py 10000 :memory: 0
6.65568494797 seconds to do 10000 records db=:memory:, triggers=False
6.66251087189 seconds to do 10000 records db=:memory:, triggers=False
6.69321203232 seconds to do 10000 records db=:memory:, triggers=False

python testsqlite.py 10000 :memory: 1
6.76699709892 seconds to do 10000 records db=:memory:, triggers=True
6.82708096504 seconds to do 10000 records db=:memory:, triggers=True
6.82913088799 seconds to do 10000 records db=:memory:, triggers=True

## aoutput.md

      
              5 files
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                iffy
                / aoutput.md
            
            
              Created
              October 24, 2018 15:09
            
          
    v1

$ nim objc -r v1_manual.nim 
Hint: used config file '/Users/matt/lib/Nim/config/nim.cfg' [Conf]
Hint: system [Processing]
Hint: v1_manual [Processing]
CC: v1_manual
CC: stdlib_system
Error: execution of an external compiler program 'clang -c -w -I/Users/matt/lib/Nim/lib -o /Users/matt/.cache/nim/v1_manual_d/v1_manual.m.o /Users/matt/.cache/nim/v1_manual_d/v1_manual.m' failed with exit code: 1


## change.diff
--- /tmp/orig.nim	2018-10-24 09:01:22.000000000 -0600
+++ /tmp/frommanual.nim	2018-10-24 09:00:51.000000000 -0600
@@ -1,7 +1,6 @@
-{.passL: "-lobjc".}
 {.emit: """
-#include <objc/Object.h>
-@interface Greeter:Object
+#include <Cocoa/Cocoa.h>
+@interface Greeter:NSObject
 {

## .gitignore
hugefile.txt
myreader
builtinreader
hugebin.txt
hugestr.txt

## compile.sh
set -x
tsc okay.ts
tsc fails.ts
	# -- Stage 1 -- #
	FROM nimlang/nim:1.6.10-alpine@sha256:408ebac99ad2d170a59e7a09c10e82e7336cf71fa38c7a1322aaa598a54d32c2 as builder
	WORKDIR /app
	RUN apk update && apk add libsodium-static libsodium musl-dev
	RUN nimble install -y libsodium
	COPY . .
	RUN nim c -o:testapp main.nim
	RUN ls -al

	# -- Stage 2 -- #
	## Compile for speed with `nim c -d:danger nbody.nim`
	## Run `./nbody 10000000`

	import std/os
	import std/sequtils
	import std/strformat
	import std/strutils
	import std/tables
	from std/math import pow
	import sequtils
	import strutils
	import macros
	import sugar
	export macros

	proc replaceNodes*(ast: NimNode): NimNode =
	## Replace NimIdent and NimSym by a fresh ident node
	##
	## Use with the results of ``quote do: ...`` to get
	import strutils
	import terminal

	template lowerHex(x:untyped):untyped =
	toHex(x).toLower()

	proc charRepr(x:byte):char =
	case x
	of 32..126: result = chr(x)
	else: result = '.'
	python testsqlite.py 10000 :memory: 0
	6.65568494797 seconds to do 10000 records db=:memory:, triggers=False
	6.66251087189 seconds to do 10000 records db=:memory:, triggers=False
	6.69321203232 seconds to do 10000 records db=:memory:, triggers=False

	python testsqlite.py 10000 :memory: 1
	6.76699709892 seconds to do 10000 records db=:memory:, triggers=True
	6.82708096504 seconds to do 10000 records db=:memory:, triggers=True
	6.82913088799 seconds to do 10000 records db=:memory:, triggers=True
	--- /tmp/orig.nim 2018-10-24 09:01:22.000000000 -0600
	+++ /tmp/frommanual.nim 2018-10-24 09:00:51.000000000 -0600
	@@ -1,7 +1,6 @@
	-{.passL: "-lobjc".}
	{.emit: """
	-#include <objc/Object.h>
	-@interface Greeter:Object
	+#include <Cocoa/Cocoa.h>
	+@interface Greeter:NSObject
	{