On Thu, 25 Oct 2018 at 22:00, Nick Coghlan <ncogh...@gmail.com> wrote: > > On Thu, 25 Oct 2018 at 01:34, Calvin Spealman <cspea...@redhat.com> wrote: > > Simply put, there is no valid use case for os.system over subprocess by > > remaining it must be considered redundant. > > They do different things. The warnings against using os.system are > based on "If you don't know whether or not you have the use case that > this exists to handle it's much safer to assume that you don't", not > "This has no valid use cases" (your use case just has to meet the > criteria that makes os.system safe to use - no exposure to untrusted > input.
Whoops, hit send without finishing the sentence: no exposure to untrusted input, no need for cross-platform compatibility, no need for assistance with getting string quoting right, no need for significant interaction with the child process. os.system is a good thing for linters (especially security linters) to warn about, since running a linter over something is a decent hint that you're not writing a throwaway script, and if folks *are* running a linter against their ad hoc scripts, it's reasonably to expect them to configure it for their personal preferences. It isn't actively blocking the development of higher level alternatives though, so there isn't a good reason to deprecate it and break working code. Cheers, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
