Paul Ganssle <p.gans...@gmail.com> added the comment:
> why the code is executed? > I could do a library or a package and include evil code instead of a > print... The code is executed because the decorator syntax @decorator def f(): ... Is equivalent to def f(): ... f = decorator(f) So you are indeed calling the `decorator` function. It is true that you could put evil code in the decorator function, but it's also true that you can execute evil code directly in the Python function as well, e.g.: execute_evil_code() def f(): ... Importing such a package would call `execute_evil_code()`. ---------- nosy: +p-ganssle _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue37418> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com