Re: Why a taint flag on test files?

Generally, I like to run all my tests both in normal mode and taint mode. And the prove command's -T switch is very handy for that. By doing that, I can ensure that my module will work from a taint mode program.

Not only that, but verifying that your tests run the same both in normal mode and taint mode can uncover bugs in perl itself, since taint mode has historically been a source of perl bugs and weird differences in behaviour.

The trouble with -T is that "make test" runs the test in taint mode only. I wish there was some way to tell it to run a test twice: once in normal mode and once in taint mode.

To further ensure that your module works in still broader environments, it would be nice to test that it works fine in "persistent" environments, such as mod_perl (e.g. a module that uses an INIT block will not be mod_perl-safe). I don't know of an easy way to test that a module is "persistent-environment-safe".

Comment on Re: Why a taint flag on test files? Download Code

Replies are listed 'Best First'.
Re^2: persistant environment testing (was Why a taint flag on test files) by xdg (Monsignor) on Oct 14, 2005 at 10:15 UTC
To further ensure that your module works in still broader environments, it would be nice to test that it works fine in "persistent" environments, such as mod_perl (e.g. a module that uses an INIT block will not be mod_perl-safe). I don't know of an easy way to test that a module is "persistent-environment-safe". According to perlmod, `CHECK` and `INIT` blocks are not executed in a string `eval`. So something like this should work: `use Test::More 'no_plan'; eval "require My::Module; My::Module->import()"; # test behaviors without INIT/CHECK` [download] Of course, you'd have to duplicate your test files to be sure of all behavior, but I'd probably tackle that by putting all the tests into helper libraries and then the duplication isn't quite so painful. `# t/Test/BehaviorA.pm package t::Test::BehaviorA; use base 'Exporter'; use vars qw(@EXPORT); @EXPORT = qw( run_tests_for_A ); use Test::More tests => 42; sub run_tests_for_A { # put 42 tests for Behavior A here } 1; # need this` [download] `# 01-test-A-normal.t use t::Test::BehaviorA qw( run_tests_for_A ); use My::Module; run_tests_for_A();` [download] `# 01-test-A-persistant.t use t::Test::BehaviorA qw( run_tests_for_A ); eval "require My::Module; My::Module->import()"; run_tests_for_A();` [download] This kind of thing starts to beg for using something like Test::Class, perhaps. -xdg Code written by xdg and posted on PerlMonks is public domain. It is provided as is with no warranties, express or implied, of any kind. Posted code may not have been tested. Use of posted code is at your own risk.	[reply] [d/l] [select]
Re^2: Why a taint flag on test files? by Perl Mouse (Chaplain) on Oct 14, 2005 at 10:07 UTC
Ideally, you should run your tests with a 32bit and a 64bit perl, with threads and without threads enabled (that is, threads enabled in perl, doesn't mean your code actually uses threads), with blead-perl, maint-perl and a selection of older versions of perl (5.8.1, 5.8.0, 5.6.2, ...). With and without taint-checking enabled. With and without PERL_HASH_SEED set. With and without PERL_SIGNALS set to unsafe. All possibilites for -C (or PERL_UNICODE). And in all combinations. `Perl --((8:>*`	[reply]


Welcome to the Monastery
	PerlMonks