Re: [Python-ideas] Please consider adding context manager versions of setUp/tearDown to unittest.TestCase

On 23 August 2017 at 08:20, rym...@gmail.com wrote: > TBH you're completely right. Every time I see someone using unittest > andItsHorriblyUnpythonicNames, I want to kill a camel. > > Sometimes, though, I feel like part of the struggle is the alternative. If > you dislike unittest, but pytest is t

Re: [Python-ideas] PEP 550 v2

On 21 August 2017 at 07:01, Barry wrote: > I'm not clear why there is a new_context_key which seems not to be a key. > It seems that the object is a container for a single value. > > Key.set( value ) does not feel right. It's basically borrowed from procedural thread local APIs, which tend to use

Re: [Python-ideas] PEP 550 v2

On Wed, Aug 23, 2017 at 2:00 AM, Nick Coghlan wrote: > On 21 August 2017 at 07:01, Barry wrote: > > I'm not clear why there is a new_context_key which seems not to be a key. > > It seems that the object is a container for a single value. > > > > Key.set( value ) does not feel right. > > It's bas

Re: [Python-ideas] PEP 550 v2

On 08/23/2017 08:41 AM, Guido van Rossum wrote: If we're extending the analogy with thread-locals we should at least consider making each instantiation return a namespace rather than something holding a single value. +1 -- ~Ethan~ ___ Python-ideas

[Python-ideas] Remote package/module imports through HTTP/S

Hello all! Today I opened an issue in bugs.python.org (http://bugs.python.org/issue31264) proposing a module I created for remote package/module imports through standard HTTP/S. The concept is that, if a directory is served through HTTP/S (the way SimpleHTTPServer module serves directories), a Fi

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Thu, Aug 24, 2017 at 2:55 AM, John Torakis wrote: > Hello all! > > Today I opened an issue in bugs.python.org > (http://bugs.python.org/issue31264) proposing a module I created for > remote package/module imports through standard HTTP/S. > > The concept is that, if a directory is served through

Re: [Python-ideas] Remote package/module imports through HTTP/S

Hi! On Wed, Aug 23, 2017 at 07:55:00PM +0300, John Torakis wrote: > Hello all! > > Today I opened an issue in bugs.python.org > (http://bugs.python.org/issue31264) proposing a module I created for > remote package/module imports through standard HTTP/S. The issue is so big IMO it requires a

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 20:36, John Torakis wrote: > Yeah, I am a security researcher, I am keen on backdoor programming and > staging and all that! It is my official job and research topic! I go to > the office and code such stuff! I am not a blackhat, nor a security > enthusiast, it is my job. > > > Firs

Re: [Python-ideas] Remote package/module imports through HTTP/S

Bounced back on list Forwarded Message Θέμα: Re: [Python-ideas] Remote package/module imports through HTTP/S Ημερομηνία: Wed, 23 Aug 2017 20:36:19 +0300 Από:John Torakis Προς: Chris Angelico Yeah, I am a security researcher, I am keen on backdoor programming an

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Thu, Aug 24, 2017 at 3:37 AM, John Torakis wrote: > > > On 23/08/2017 20:36, John Torakis wrote: >> Yeah, I am a security researcher, I am keen on backdoor programming and >> staging and all that! It is my official job and research topic! I go to >> the office and code such stuff! I am not a bl

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Wed, Aug 23, 2017 at 10:37 AM, John Torakis wrote: > > Github can be trusted 100% percent for example. This isn't even remotely close to true. While I'd agree with the statement that the SSL cert on github is reasonably trustworthy, the *content* on github is NOT trustworthy and that's where

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Thu, Aug 24, 2017 at 4:04 AM, Bruce Leban wrote: > > On Wed, Aug 23, 2017 at 10:37 AM, John Torakis > wrote: >> >> >> Github can be trusted 100% percent for example. > > > This isn't even remotely close to true. While I'd agree with the statement > that the SSL cert on github is reasonably tru

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 21:04, Bruce Leban wrote: > > On Wed, Aug 23, 2017 at 10:37 AM, John Torakis > wrote: > > > Github can be trusted 100% percent for example. > > > This isn't even remotely close to true. While I'd agree with the > statement that the SSL cert on git

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 20:49, Chris Angelico wrote: > On Thu, Aug 24, 2017 at 3:37 AM, John Torakis wrote: >> >> On 23/08/2017 20:36, John Torakis wrote: >>> Yeah, I am a security researcher, I am keen on backdoor programming and >>> staging and all that! It is my official job and research topic! I go to

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 21:11, Chris Angelico wrote: > On Thu, Aug 24, 2017 at 4:04 AM, Bruce Leban wrote: >> On Wed, Aug 23, 2017 at 10:37 AM, John Torakis >> wrote: >>> >>> Github can be trusted 100% percent for example. >> >> This isn't even remotely close to true. While I'd agree with the statement >

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23 August 2017 at 18:49, Chris Angelico wrote: > Still -1 on this becoming a stdlib package, as there's nothing I've > yet seen that can't be done as a third-party package. But it's less > scary than I thought it was :) IMO, this would make a great 3rd party package (I note that it's not yet p

Re: [Python-ideas] Remote package/module imports through HTTP/S

This isn't ever going to be a standard feature. It's available as a third-party package and that's fine. I'd like to add a historic note -- this was first proposed around 1995 by Michael McLay. (Sorry, I don't have an email sitting around, but I'm sure he brought this up at or around the first Py

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 21:24, Paul Moore wrote: > On 23 August 2017 at 18:49, Chris Angelico wrote: >> Still -1 on this becoming a stdlib package, as there's nothing I've >> yet seen that can't be done as a third-party package. But it's less >> scary than I thought it was :) > IMO, this would make a grea

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 21:41, Guido van Rossum wrote: > This isn't ever going to be a standard feature. It's available as a > third-party package and that's fine. > > I'd like to add a historic note -- this was first proposed around 1995 > by Michael McLay. (Sorry, I don't have an email sitting around, bu

Re: [Python-ideas] Remote package/module imports through HTTP/S

For security reasons. AFAIK HTTPS wasn't even invented at the time. On Wed, Aug 23, 2017 at 11:44 AM, John Torakis wrote: > > > On 23/08/2017 21:41, Guido van Rossum wrote: > > This isn't ever going to be a standard feature. It's available as a > third-party package and that's fine. > > I'd like

Re: [Python-ideas] Remote package/module imports through HTTP/S

Dark times... So is it a "case closed", or is there any improvement that will make it worth it to be an stdlib module? I mean, times have changed from 1995, and I am not referring to HTTPS invention. This is the reason that makes httpimport just tolerable security-wise. I'm talking about the nee

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Thu, Aug 24, 2017 at 5:04 AM, John Torakis wrote: > Dark times... > > So is it a "case closed", or is there any improvement that will make it > worth it to be an stdlib module? > > I mean, times have changed from 1995, and I am not referring to HTTPS > invention. This is the reason that makes h

Re: [Python-ideas] Remote package/module imports through HTTP/S

On 23/08/2017 22:06, Chris Angelico wrote: > On Thu, Aug 24, 2017 at 5:04 AM, John Torakis wrote: >> Dark times... >> >> So is it a "case closed", or is there any improvement that will make it >> worth it to be an stdlib module? >> >> I mean, times have changed from 1995, and I am not referring

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Wed, Aug 23, 2017 at 11:11 AM, Chris Angelico wrote: > > > If you read his README, it's pretty explicit about URLs; the risk is > that "https://github.com/someuser/somelib"; can be intercepted, not > that "someuser" is malicious. If you're worried about the latter, > don't use httpimport. I

Re: [Python-ideas] Please consider adding context manager versions of setUp/tearDown to unittest.TestCase

On Wed, Aug 23, 2017 at 3:31 AM Nick Coghlan wrote: > On 23 August 2017 at 08:20, rym...@gmail.com wrote: > > TBH you're completely right. Every time I see someone using unittest > > andItsHorriblyUnpythonicNames, I want to kill a camel. > > > > Sometimes, though, I feel like part of the struggl

Re: [Python-ideas] Please consider adding context manager versions of setUp/tearDown to unittest.TestCase

On Tue, Aug 22, 2017 at 7:05 PM, Neil Girdhar wrote: > Like you, I used nose and then switched to pytest. The reason I proposed > this for unittest is because pytest and nose and (I think) most of the > other testing frameworks inherit from unittest, > not really -- they extend unittest -- in t

Re: [Python-ideas] PEP 550 v2

On Wed, Aug 23, 2017 at 8:41 AM, Guido van Rossum wrote: > If we're extending the analogy with thread-locals we should at least > consider making each instantiation return a namespace rather than something > holding a single value. We have > > log_state = threading.local() > log_state.verbose = Fa

Re: [Python-ideas] PEP 550 v2

There's another "major" problem with theading.local()-like API for PEP 550: C API. threading.local() in C right now is PyThreadState_GetDict(), which returns a dictionary for the current thread, that can be queried/modified with PyDict_* functions. For PEP 550 this would not work. The advantage

Re: [Python-ideas] Remote package/module imports through HTTP/S

Chris Angelico writes: > If you're worried about the latter, don't use httpimport. I guarantee you that in my (university) environment, if httpimport is in the stdlib, its use will be rampant (and not just by students, but by security-oblivious faculty). I want to be able to walk up to a studen

Re: [Python-ideas] Remote package/module imports through HTTP/S

On Thu, Aug 24, 2017 at 12:13 PM, Stephen J. Turnbull wrote: > Chris Angelico writes: > > > If you're worried about the latter, don't use httpimport. > > I guarantee you that in my (university) environment, if httpimport is > in the stdlib, its use will be rampant (and not just by students, but >

Re: [Python-ideas] Remote package/module imports through HTTP/S

John Torakis writes: > But, as it seems like it is a very big feature (to me at least), And "pip install httpimport" seems like it is a very small burden (to me at least). I agree with Paul Moore. Putting this in the stdlib seems both unnecessary, given pip, and an attractive nuisance for naiv

Re: [Python-ideas] PEP 550 v2

OK, I get it now. I really liked the analysis of existing uses in Django. So no worries about this. On Wed, Aug 23, 2017 at 5:36 PM, Yury Selivanov wrote: > There's another "major" problem with theading.local()-like API for PEP > 550: C API. > > threading.local() in C right now is PyThreadState_