Nov. 27, 2015
11:38 a.m.
On 27 November 2015 at 18:47, Cory Benfield <cory@lukasa.co.uk> wrote:
Perhaps I missed this, Nick, but what happens if multiple third party libraries apply updates to call this function in incompatible ways? For example, if you depend on libfoo which calls ssl._verify_https_certificates(False) and libbar which calls ssl._verify_https_certificates(True)? Is it…last import wins?
Last import wins, but libaries shouldn't be mutating process global state as a side effect of import - like the sys module, the ssl module configuration should only be modified (directly or indirectly) from __main__. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia