Re: [Python-Dev] Coroutines and PEP 380

On Jan 19, 2012, at 4:41 PM, Greg wrote: > Glyph wrote: >> [Guido] mentions the point that coroutines that can implicitly switch out >> from under you have the same non-deterministic property as threads: you >> don't know where you're going to need a lock or lock-like construct to >> update an

Re: [Python-Dev] Counting collisions for the win

On 1/19/2012 8:54 PM, Carl Meyer wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Victor, On 01/19/2012 05:48 PM, Victor Stinner wrote: [snip] Using a randomized hash may also break (indirectly) real applications because the application output is also somehow "randomized". For example,

Re: [Python-Dev] Counting collisions for the win

On Fri, Jan 20, 2012 at 2:54 PM, Carl Meyer wrote: > I don't have the expertise to speak otherwise to the alternatives for > fixing the collisions vulnerability, but I don't believe it's accurate > to presume that Django would not want to fix a dict-ordering dependency, > and use that as a justifi

Re: [Python-Dev] Counting collisions for the win

On Fri, Jan 20, 2012 at 2:00 PM, Steven D'Aprano wrote: > With a limit of 35 collisions, it only takes 35 keys to to force a dict to > raise an exception, if you are an attacker able to select colliding keys. > We're trying to defend against an attacker who is able to force collisions, > not one w

Re: [Python-Dev] Counting collisions for the win

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi Victor, On 01/19/2012 05:48 PM, Victor Stinner wrote: [snip] > Using a randomized hash may > also break (indirectly) real applications because the application > output is also somehow "randomized". For example, in the Django test > suite, the HTML

Re: [Python-Dev] Counting collisions for the win

On Fri, Jan 20, 2012 at 03:48, Guido van Rossum wrote: > I think that's because your collision-counting algorithm was much more > primitive than MAL's. Conceded. >> This, >> combined with the second problem (needing to catch an exception), led >> me to abandon this approach and write Securetypes

Re: [Python-Dev] Counting collisions for the win

Victor Stinner wrote: The last solution is very simple: count collision and raise an exception if it hits a limit. ... According to my basic tests, a limit of 35 collisions requires a dictionary with more than 10,000,000 integer keys to raise an error. I am not talking about the attack, but vali

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

On Thu, Jan 19, 2012 at 17:54, "Martin v. Löwis" wrote: > Ok, so let me add then that I'm worried about the additional work-load. > > I'm particularly worried about the coordination of vacation across the > three people that work on a release. It might well not be possible to > make any release fo

Re: [Python-Dev] Counting collisions for the win

On Thu, Jan 19, 2012 at 7:32 PM, Ivan Kozik wrote: > On Fri, Jan 20, 2012 at 00:48, Victor Stinner > wrote: > > I propose to solve the hash collision vulnerability by counting > > collisions because it does fix the vulnerability with a minor or no > > impact on applications or backward compatibi

Re: [Python-Dev] Counting collisions for the win

On Fri, Jan 20, 2012 at 00:48, Victor Stinner wrote: > I propose to solve the hash collision vulnerability by counting > collisions because it does fix the vulnerability with a minor or no > impact on applications or backward compatibility. I don't see why we > should use a different fix for Pytho

Re: [Python-Dev] Coroutines and PEP 380

On Fri, Jan 20, 2012 at 8:41 AM, Greg wrote: > Glyph wrote: >> >> [Guido] mentions the point that coroutines that can implicitly switch out >> from under you have the same non-deterministic property as threads: you >> don't know where you're going to need a lock or lock-like construct to >> update

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

On Fri, Jan 20, 2012 at 9:54 AM, "Martin v. Löwis" wrote: >> I can't help noticing that so far, worries about the workload came mostly >> from >> people who don't actually bear that load (this is no accusation!), while >> those >> that do are the proponents of the PEP... > > Ok, so let me add th

Re: [Python-Dev] Counting collisions for the win

On Thu, Jan 19, 2012 at 4:48 PM, Victor Stinner < victor.stin...@haypocalc.com> wrote: > Hi, > > I'm working on the hash collision issue since 2 or 3 weeks. I > evaluated all solutions and I think that I have now a good knowledge > of the problem and how it should be solved. The major issue is to

Re: [Python-Dev] Coroutines and PEP 380

Glyph wrote: [Guido] mentions the point that coroutines that can implicitly switch out from under you have the same non-deterministic property as threads: you don't know where you're going to need a lock or lock-like construct to update any variables, so you need to think about concurrency more

[Python-Dev] Counting collisions for the win

Hi, I'm working on the hash collision issue since 2 or 3 weeks. I evaluated all solutions and I think that I have now a good knowledge of the problem and how it should be solved. The major issue is to have a minor or no impact on applications (don't break backward compatibility). I saw three major

[Python-Dev] python build failed on mac

Hi all, I am trying to build python 3 on mac and build failing with following error can somebody help me with this $ hg clone http://hg.python.org/cpython $ ./configure $ make gcc -framework CoreFoundation -o python.exe Modules/python.o libpython3.3m.a -ldl -framework CoreFoundation ./pyt

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

> I can't help noticing that so far, worries about the workload came mostly from > people who don't actually bear that load (this is no accusation!), while those > that do are the proponents of the PEP... Ok, so let me add then that I'm worried about the additional work-load. I'm particularly wor

Re: [Python-Dev] Writable __doc__

Stephen J. Turnbull wrote: Ethan Furman writes: Where does one draw the line between feature and bug? Miracle: Works as documented.[2] [2] Python is pretty miraculous, isn't it? Yes, indeed it is! :) ~Ethan~ ___ Python-Dev mailing list Pytho

Re: [Python-Dev] Writable __doc__

On 1/19/2012 1:04 PM, Stephen J. Turnbull wrote: Ethan Furman writes: > Where does one draw the line between feature and bug? Bug: Doesn't work as documented. The basic idea is that the x.y docs define (mostly) the x.y language. Patches to the x.y docs fix typos, omissions, ambiguiti

Re: [Python-Dev] [Python-checkins] cpython (2.7): Issue #13605: add documentation for nargs=argparse.REMAINDER

On Thu, Jan 19, 2012 at 22:07, Terry Reedy wrote: > typo ... > lits .> list yep, i've already fixed it committing a more useful example too -- Sandro Tosi (aka morph, morpheus, matrixhasu) My website: http://matrixhasu.altervista.org/ Me at Debian: http://wiki.debian.org/SandroTosi

Re: [Python-Dev] Writable __doc__

On Thu, Jan 19, 2012 at 9:46 AM, Ethan Furman wrote: > Guido van Rossum wrote: > > We should not encourage people to write code that works with a certain > > bugfix release but not with the previous bugfix release of the same > > feature release. > > Then what's the point of a bug-fix release? I

Re: [Python-Dev] [Python-checkins] cpython (2.7): Issue #13605: add documentation for nargs=argparse.REMAINDER

On Thu, Jan 19, 2012 at 22:09, Nadeem Vawda wrote: > On Thu, Jan 19, 2012 at 11:03 PM, sandro.tosi > wrote: >> +  are gathered into a lits. This is commonly useful for command line > > s/lits/list ? crap! I committed an older version of the patch... thanks for spotting it, i'll fix it right away

Re: [Python-Dev] [Python-checkins] cpython (2.7): Issue #13605: add documentation for nargs=argparse.REMAINDER

On Thu, Jan 19, 2012 at 11:03 PM, sandro.tosi wrote: > +  are gathered into a lits. This is commonly useful for command line s/lits/list ? ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe:

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

Am 19.01.2012 01:12, schrieb Steven D'Aprano: > One on-going complaint is that Python-Dev doesn't have the manpower or time > to > do everything that needs to be done. Bugs languish for months or years > because > nobody has the time to look at it. Will going to a more rapid release cycle > g

Re: [Python-Dev] Writable __doc__

On 19/01/2012 17:46, Ethan Furman wrote: Guido van Rossum wrote: > We should not encourage people to write code that works with a certain > bugfix release but not with the previous bugfix release of the same > feature release. Then what's the point of a bug-fix release? If 3.2.1 had broken thr

Re: [Python-Dev] Writable __doc__

Guido van Rossum wrote: > We should not encourage people to write code that works with a certain > bugfix release but not with the previous bugfix release of the same > feature release. Then what's the point of a bug-fix release? If 3.2.1 had broken threading, wouldn't we fix it in 3.2.2 and en

Re: [Python-Dev] Writable __doc__

Ethan Furman writes: > Where does one draw the line between feature and bug? Bug: Doesn't work as documented. Feature: Works as expected but not documented[1] to do so. Miracle: Works as documented.[2] Unspecified behavior that doesn't work as you expect is the unmarked case (ie, none of

Re: [Python-Dev] PEP 407 / splitting the stdlib

On Jan 19, 2012 9:28 AM, "Bill Janssen" wrote: > I'm not sure how much of a problem this really is. I continually build > fairly complicated systems with Python that do a lot of HTTP networking, > for instance. It's fairly easy to replace use of the standard library > modules with use of Tornado

Re: [Python-Dev] Hashing proposal: change only string-only dicts

On Wed, Jan 18, 2012 at 9:55 AM, "Martin v. Löwis" wrote: > Am 18.01.2012 17:01, schrieb PJ Eby: > > On Tue, Jan 17, 2012 at 7:58 PM, "Martin v. Löwis" > > wrote: > > > > Am 17.01.2012 22:26, schrieb Antoine Pitrou: > > > Only 2 bits are used in ob_sstate, meani

Re: [Python-Dev] PEP 407 / splitting the stdlib

Nick Coghlan wrote: > On Thu, Jan 19, 2012 at 10:19 AM, Steven D'Aprano wrote: > > Brett Cannon wrote: > > Do we have any evidence of this alleged bitrot? I spend a lot of time on the > > comp.lang.python newsgroup and I see no evidence that people using Python > > believe the standard library i

Re: [Python-Dev] Writable __doc__

On Thu, Jan 19, 2012 at 8:36 AM, Ethan Furman wrote: > Benjamin Peterson wrote: > >> 2012/1/19 Victor Stinner **: >> >>> http://bugs.python.org/**issue12773 :) >>> The bug is marked as close, whereas the bug exists in Python 3.2 and >>> has no been closed.

Re: [Python-Dev] Writable __doc__

Benjamin Peterson wrote: 2012/1/19 Victor Stinner : http://bugs.python.org/issue12773 :) The bug is marked as close, whereas the bug exists in Python 3.2 and has no been closed. The fix must be backported. It's not a bug; it's a feature. Where does one draw the line between feature and bug

Re: [Python-Dev] Hashing proposal: change only string-only dicts

On Jan 18, 2012 12:55 PM, Martin v. Löwis wrote: > > Am 18.01.2012 17:01, schrieb PJ Eby: > > On Tue, Jan 17, 2012 at 7:58 PM, "Martin v. Löwis" > > wrote: > > > > Am 17.01.2012 22:26, schrieb Antoine Pitrou: > > > Only 2 bits are used in ob_sstate, meaning 30 a

Re: [Python-Dev] [Python-checkins] cpython: add str.casefold() (closes #13752)

Thanks for 0b5ce36a7a24 Benjamin. ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com

Re: [Python-Dev] Writable __doc__

2012/1/19 Victor Stinner : >> http://bugs.python.org/issue12773  :) > > The bug is marked as close, whereas the bug exists in Python 3.2 and > has no been closed. The fix must be backported. It's not a bug; it's a feature. -- Regards, Benjamin ___ Py

Re: [Python-Dev] PEP 407 / splitting the stdlib

On Jan 19, 2012, at 12:17 PM, Antoine Pitrou wrote: >The main problem I see with this is that Python 3 was a big >disruptive event for the community, and calling a new version "Python >4" may make people anxious at the prospect of compatibility breakage. s/was/is/ The Python 3 transition is ongo

Re: [Python-Dev] PEP 407 / splitting the stdlib

On Thu, Jan 19, 2012 at 9:17 PM, Antoine Pitrou wrote: > If I were a casual user of a piece of software, I'd really find such a > numbering scheme complicated and intimidating. I don't think most users > want such a level of information. I think the ideal numbering scheme from a *new* user point

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

On Thu, Jan 19, 2012 at 9:07 PM, Antoine Pitrou wrote: >> I fear the day that people asking >> questions on the tutor or python-list mailing lists will have to say (e.g.) >> "I'm using Python 3.4.1 and standard library 1.2.7" in order to specify the >> version they're using. > > Yeah, that's my bi

Re: [Python-Dev] Writable __doc__

On Wed, 18 Jan 2012 20:31:38 -0700 Eric Snow wrote: > > > > Should I create a bug report? > > http://bugs.python.org/issue12773 :) Well done Eric :) ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-de

Re: [Python-Dev] PEP 407 / splitting the stdlib

On Thu, 19 Jan 2012 11:03:15 +1000 Nick Coghlan wrote: > > 1. I believe the PEP currently proposes just taking the "no more than > 9" limit off the minor version of the language. Feature releases would > just come out every 6 months, with every 4th release flagged as a > language release. With t

Re: [Python-Dev] PEP 407: New release cycle and introducing long-term support versions

On Thu, 19 Jan 2012 11:12:06 +1100 Steven D'Aprano wrote: > Antoine Pitrou wrote: > > Le jeudi 19 janvier 2012 à 00:25 +0900, Stephen J. Turnbull a écrit : > >> > You claim people won't use stable releases because of not enough > >> > alphas? That sounds completely unrelated. > >> > >> Surely t

Re: [Python-Dev] Writable __doc__

> http://bugs.python.org/issue12773  :) The bug is marked as close, whereas the bug exists in Python 3.2 and has no been closed. The fix must be backported. Victor ___ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo