Python-Dev March 2019

python-dev@python.org

83 participants
79 discussions

Best way to specify docstrings for member objects
by Raymond Hettinger 21 Mar '19

21 Mar '19

I'm working on ways to make improve help() by giving docstrings to member objects. One way to do it is to wait until after the class definition and then make individual, direct assignments to __doc__ attributes.This way widely the separates docstrings from their initial __slots__ definition. Working downstream from the class definition feels awkward and doesn't look pretty. There's another way I would like to propose¹. The __slots__ definition already works with any iterable including a dictionary (the dict values are ignored), so we could use the values for the docstrings. This keeps all the relevant information in one place (much like we already do with property() objects). This way already works, we just need a few lines in pydoc to check to see if a dict if present. This way also looks pretty and doesn't feel awkward. I've included worked out examples below. What do you all think about the proposal? Raymond ¹ https://bugs.python.org/issue36326 ====== Desired help() output ====== >>> help(NormalDist) Help on class NormalDist in module __main__: class NormalDist(builtins.object) | NormalDist(mu=0.0, sigma=1.0) | | Normal distribution of a random variable | | Methods defined here: | | __init__(self, mu=0.0, sigma=1.0) | NormalDist where mu is the mean and sigma is the standard deviation. | | cdf(self, x) | Cumulative distribution function. P(X <= x) | | pdf(self, x) | Probability density function. P(x <= X < x+dx) / dx | | ---------------------------------------------------------------------- | Data descriptors defined here: | | mu | Arithmetic mean. | | sigma | Standard deviation. | | variance | Square of the standard deviation. ====== Example of assigning docstrings after the class definition ====== class NormalDist: 'Normal distribution of a random variable' __slots__ = ('mu', 'sigma') def __init__(self, mu=0.0, sigma=1.0): 'NormalDist where mu is the mean and sigma is the standard deviation.' self.mu = mu self.sigma = sigma @property def variance(self): 'Square of the standard deviation.' return self.sigma ** 2. def pdf(self, x): 'Probability density function. P(x <= X < x+dx) / dx' variance = self.variance return exp((x - self.mu)**2.0 / (-2.0*variance)) / sqrt(tau * variance) def cdf(self, x): 'Cumulative distribution function. P(X <= x)' return 0.5 * (1.0 + erf((x - self.mu) / (self.sigma * sqrt(2.0)))) NormalDist.mu.__doc__ = 'Arithmetic mean' NormalDist.sigma.__doc__ = 'Standard deviation' ====== Example of assigning docstrings with a dict ===== class NormalDist: 'Normal distribution of a random variable' __slots__ = {'mu' : 'Arithmetic mean.', 'sigma': 'Standard deviation.'} def __init__(self, mu=0.0, sigma=1.0): 'NormalDist where mu is the mean and sigma is the standard deviation.' self.mu = mu self.sigma = sigma @property def variance(self): 'Square of the standard deviation.' return self.sigma ** 2. def pdf(self, x): 'Probability density function. P(x <= X < x+dx) / dx' variance = self.variance return exp((x - self.mu)**2.0 / (-2.0*variance)) / sqrt(tau * variance) def cdf(self, x): 'Cumulative distribution function. P(X <= x)' return 0.5 * (1.0 + erf((x - self.mu) / (self.sigma * sqrt(2.0))))

7 11

Re: [Python-Dev] Remove tempfile.mktemp()
by Anders Munch 20 Mar '19

20 Mar '19

Victor Stinner: > To be clear: mktemp() is vulnerable by design No: mktemp() is vulnerable by implementation. Specifically, returning a file name in a world-accessible location, /tmp. regards, Anders

1 0

Re: [Python-Dev] Remove tempfile.mktemp()
by Anders Munch 20 Mar '19

20 Mar '19

Steven D'Aprano: >> 128 bits seems like overkill: There's no birthday attack because >> no-one keeps 2^(ENTROPY_BITS/2) files around > You haven't seen my Downloads folder... :-) I put it to you that those files are not temporary :-) > Why be so miserly with entropy? I don't necessarily disagree. > Using 128 bits is just 22 characters using secrets.token_urlsafe(). A little more when you take into account case-insensitive file systems. regards, Anders

1 0

Re: [Python-Dev] Remove tempfile.mktemp()
by Anders Munch 20 Mar '19

20 Mar '19

Anders Munch: >>> So use NamedTemporaryFile(delete = False) and close it before passing it to the other program. >> That's effectively the same as calling tempfile.mktemp. While it does waste time opening and closing an unused file, that doesn't help with security Sebastian Rittau: > That is not actually true. The important difference is that with NamedTemporaryFile the file exists with appropriate access right (0600). You are right, I must have mentally reversed the polarity of the delete argument. And I didn't realise that the access right on a file had the power to prevent itself from being removed from the folder that it's in. I thought the access flags were a property of the file itself and not the directory entry. Not sure how that works. But if NamedTemporaryFile(delete=False) is secure then why not use that to implement mktemp? def mktemp(suffix="", prefix=template, dir=None): with NamedTemporaryFile(delete=False, suffix=suffix, prefix=prefix, dir=dir) as f: return f.name Yes, it does leave an empty file if the name is not used, but the name is usually created with the intent to use it, so that is rarely going to be a problem. Just document that that's how it is. It does mean that where there's an explicit file-exists check before writing the file, that code will break. But it will break a lot less code than removing mktemp entirely. regards, Anders

2 1

Re: [Python-Dev] Remove tempfile.mktemp()
by Anders Munch 20 Mar '19

20 Mar '19

Greg Ewing: > So use NamedTemporaryFile(delete = False) and close it before passing it to the other program. That's effectively the same as calling tempfile.mktemp. While it does waste time opening and closing an unused file, that doesn't help with security. If anything, it might worsen security. If a secure implementation of mktemp is truly impossible, then the same could be said for NamedTemperatoryFile(delete=False). Should that be deprecated as well? regards, Anders

2 1

Can I submit more support of standard library for VxWorks after 3.8.0 beta1?
by Xin, Peixing 20 Mar '19

20 Mar '19

Hi, Experts: Seeing from the Python 3.8.0 schedule(https://www.python.org/dev/peps/pep-0569/#schedule), new features will not be allowed to submit after 3.8.0 beta1. For VxWorks RTOS platform supporting CPython, we are using bpo-31904(https://bugs.python.org/issue31904) for PRs to submit our codes. Now I want to know whether we can add more standard library support for VxWorks AFTER 3.8.0 beta1? [cid:image001.png@01D4DE3B.DF628700] Thanks, Peixing

5 5

What is the workflow for announcing tier 2 platform support?
by Xin, Peixing 19 Mar '19

19 Mar '19

Hi, Experts: VxWorks RTOS will release a new version at the end of June. For this new version, we(Wind River) plan to announce the Python support officially here (https://www.python.org/download/other/) for VxWorks as tier 2 platform. Now my 2 questions come: 1. To be qualified as tier 2 platform here https://www.python.org/download/other/, do I need to get all test cases pass on VxWorks RTOS? Now we have the following PRs for VxWorks. With these PRs merged, we can get around 70% test cases PASS. [cid:image003.png@01D4DE3F.A336F1E0] 2. If we reach the announcement level, what is the workflow to update the website statements here https://www.python.org/download/other/. The following picture shows what we want to show. [cid:image002.png@01D4DE42.1EB0FB70] Thanks, Peixing

2 1

Re: [Python-Dev] Remove tempfile.mktemp()
by Anders Munch 19 Mar '19

19 Mar '19

Antoine Pitrou: > And if there is an easy replacement, then how about re-implementing > mktemp() using that replacement, instead of removing it? Indeed. The principal security issue with mktemp is the difficulty in creating a user-specific thing under a shared /tmp folder in a multi-user setup. But if it hurts when you use /tmp, why use /tmp? Use a path with no world-accessible ancestor, or at least no world-writable ancestor. On Windows, that means creating it somewhere under the CSIDL_LOCAL_APPDATA folder. Which is already the default for %TEMP% and %TMP%. On Unix, it's a $HOME subfolder with access 700 or 600. How about switching mktemp over to use that? regards, Anders

1 0

Testing cross-compiled python (windows arm32) from build bot
by Paul Monson 19 Mar '19

19 Mar '19

Hello, For windows arm32 I would like to be able run tests in the buildbot. Windows arm32 programs built with MSVC are always cross-compiled. This means I need to build cpython on x86/x64 and then deploy the build artifacts and run the tests on an ARM32 device. Is there any documentation or examples of how to do this? If not, are there any recommendations for how to achieve this? Thanks, Paul Monson

3 2

Reject PEP 472: Support for indexing with keyword arguments
by Brett Cannon 18 Mar '19

18 Mar '19

The idea never seemed to gain any traction over its near 5 years in existence as a PEP.

2 2

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

Python-Dev March 2019