On 28/01/2015 07:14, Gregory P. Smith wrote:
It is a potentially bad idea if order is the default behavior of iteration, items(), keys() and values(). Ideally order should only be exposed when explicitly asked for to help prevent bugs and mitigate potential information leaks.
I have to be honest, I think that's the opposite of most new users assumption...
Experience cleaning up our huge code base at work to turn on hash randomization by default a couple years ago has shown that people depend on iteration order in code often without intending to. This often leads to latent bugs. Keep iteration order unstable by default and you prevent people from doing that.
Hmm, well, or you could say that always having ordering would mean the behaviour would match new users experimental understanding and so eliminate all bugs that occur when people accidentally rely on ordering.
Personally, I'd prefer to see us be explicit about data structures used when "security matters", an explicit RandomOrderedDict would make that clear.
cheers, Chris _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
