GNU bug report logs - #45068
[PATCH] 28.0.50; Update Modus themes 1.0.2 (backward-incompatible)

Previous Next

Full log

Message #170 received at 45068 <at> debbugs.gnu.org (full text, mbox):

From: "Basil L. Contovounesios" <contovob <at> tcd.ie>
To: Mauro Aranda <maurooaranda <at> gmail.com>
Cc: Protesilaos Stavrou <info <at> protesilaos.com>, Eli Zaretskii <eliz <at> gnu.org>,
 45068 <at> debbugs.gnu.org
Subject: Re: bug#45068: [PATCH] 28.0.50; Update Modus themes 1.0.2
 (backward-incompatible)
Date: Tue, 02 Mar 2021 11:38:34 +0000

Mauro Aranda <maurooaranda <at> gmail.com> writes:

> I'll just say that I raised the question because (usually) theme files
> are just settings, so for a user to check the safety it is normally
> enough to go through the custom-theme-set-* functions and see what the
> theme is setting.  Now the user would be asked to check a require-theme
> call for its safety, and since a call to require-theme looks a lot like
> require, it might not be obvious that it can load (and enable) any theme
> it wants.

I'm suggesting that require-theme never enables any themes.  And to the
eyes of the user, it would be no different than a call to require or
load, which we already don't warn a second time about.

> And if a theme uses require-theme to do that, it can "hide"
> the "unsafe theme" settings, because the first element of
> custom-enabled-themes will just be the "safe" theme.

Sorry, I'm not sure what you mean, could you please elaborate on the
steps involved?

> Those were my reasons, feel free to ignore them if you think they make
> no sense.

I doubt that's the case :).

Thanks,

-- 
Basil

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.