Are there any plans to help mitigate Trojan Source attacks when using Pantsbuild?
See example: https://github.com/nickboucher/trojan-source/blob/main/Python/commenting-out.py
I think it would be a good feature to be able to issue a warning/error in case there is any bidirectional unicode characters in any of the source files encountered (preferably in 3rdparty libs too, but that may be out of reach..)
h
hundreds-father-404
12/08/2021, 6:45 PM
No current plans, but agreed it would be cool for it to integrate into
./pants lint
or the
validate
goal, which should be merged with
lint
. which is only blocked by the Specs redesign I proposed last month but put on pause