## Friday, January 16, 2009

### Bioclipse and Gist integration

As you might have read, Bioclipse has scripting support (see for example, Scripting JChemPaint), and that we have been collection them on Gist and indexing them on Delicious with the tags bioclipse and gist. This provides a nice overview of what you can do with the current SVN version of Bioclipse2. And, hopefully, when released, allow users to quickly learn about Bioclipse features, allow people to share scripts etc. Think of it as MyExperiment.org for Bioclipse.

Now, what was missing until today, was easy access to gists in Bioclipse itself. No gist.load(33421) yet. There still is not, but I uploaded earlier today a Wizard for it. (The manager will follow later). Right click on an open Project, select New -> Other, and pick Download Gist:

and click Next:

Then, just type the number of the Gist you want to open in Bioclipse, for example 18315 (see Bioclipse2 Scripting #1: from SMILES to a UFF optimized structure in Jmol), and click another Next to select a file name and location:

The current code does require you to know the Gist number, so you'll need a web browser to look it up, but we do have search facilities in mind. Also, while the code attempts so, the resulting Gist is not automatically openend in an editor (a bug). Another idea is to just install the egit plugin in Bioclipse :)

1. Update: the manager is now available too. See this code example: http://gist.github.com/47981

2. How do you handle security? We've considered a similar sort of feature for Avogadro -- search GitHub to generate a list of Python-Avo scripts.

(There's a Mac text editor TextMate which does this too.)

My worry is about security -- it allows users to download arbitrary code which will operate on their data!

It seems like the alternatives are to either review and approve every script or to open a potential security hole. (I'd like to hope that everyone is ethical, but there are risks.)

3. The wizard does not allow automatic download, as it clearly is user triggered... and I hope the user knows what he is doing.

Regarding the 'gist.load()', and the 'ui.download(URI)' I want to add... that indeed introduces a potential security risk... Bioclipse currently is not a sandbox... I will need to bring this up on the mailing list...