Changes in html.parser may cause breakage in client code
Following recent changes in html.parser, the Python 3 port of Django I'm working on has started failing while parsing HTML. The reason appears to be that Django uses some module-level data in html.parser, for example tagfind, which is a regular expression pattern. This has changed recently (Ezio changed it in ba4baaddac8d). Now tagfind (and other such patterns) are not marked as private (though not documented), but should they be? The following script (tagfind.py): import html.parser as Parser data = '<select name="stuff">' m = Parser.tagfind.match(data, 1) print('%r -> %r' % (Parser.tagfind.pattern, data[1:m.end()])) gives different results on 3.2 and 3.3: $ python3.2 tagfind.py '[a-zA-Z][-.a-zA-Z0-9:_]*' -> 'select' $ python3.3 tagfind.py '([a-zA-Z][-.a-zA-Z0-9:_]*)(?:\\s|/(?!>))*' -> 'select ' The trailing space later causes a mismatch with the end tag, and leads to the errors. Django's use of the tagfind pattern is in a subclass of HTMLParser, in an overridden parse_startag method. Do we need to indicate more strongly that data like tagfind are private? Or has the change introduced inadvertent breakage, requiring a fix in Python? Regards, Vinay Sajip
On Thu, Apr 26, 2012 at 12:10 PM, Vinay Sajip <vinay_sajip@yahoo.co.uk> wrote:
I think both. Looks like it wasn't meant to be exported. But it should have been marked as such. And I think it would behoove us to reduce random failures in important 3rd party libraries by keeping the old version around (but mark it as deprecated with an explaining comment, and submit a Django fix to stop using it). Also the module should be updated to use _tagfind internally (and likewise for other accidental exports). Traditionally we've been really lax about this stuff. We should strive to improve and clarify the exact boundaries of our APIs better. -- --Guido van Rossum (python.org/~guido)
On Fri, Apr 27, 2012 at 5:21 AM, Guido van Rossum <guido@python.org> wrote:
Traditionally we've been really lax about this stuff. We should strive to improve and clarify the exact boundaries of our APIs better.
Yeah, I must admit in my own projects these days I habitually mark all module level and class level names with a leading underscore until I make a conscious decision to make them part of the relevant public API. I also do this for any new helper attributes and functions/methods I add to the stdlib. One key catalyst for this was when PJE pointed out a bug years ago in the behaviour of the -m switch that meant I had to introduce a *new* helper function to runpy, because runpy.run_module was public, and I needed to change the signature in a backwards incompatible way to fix the bug (and thus the current runpy._run_module_as_main hook was born). When I use dir() and help() as much as I do to explore unfamiliar APIs, I feel obliged to make sure that introspecting my own code accurately reflects which names are part of the public API and which are just implementation details. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On 26.04.2012 21:10, Vinay Sajip wrote:
Since it's a module level constant without a leading underscore, IMO it was okay for Django to use it, even if not documented. In this case, especially since we actually have evidence of someone using the constant, I would keep it as-is and use a new (underscored, this time) name for the new pattern. And yes, I think that we do need to indicate private-ness of module-level data. Georg
Hi, On 26/04/2012 22.10, Vinay Sajip wrote:
html.parser doesn't use any private _name, so I was considering part of the public API only the documented names. Several methods are marked with an "# internal" comment, but that's not visible unless you go read the source code.
Django shouldn't override parse_starttag (internal and undocumented), but just use handle_starttag (public and documented). I see two possible reasons why it's overriding parse_starttag: 1) Django is working around an HTMLParser bug. In this case the bug could have been fixed (leading to the breakage of the now-useless workaround), and now you could be able to use the original parse_starttag and have the correct result. If it is indeed working around a bug and the bug is still present, you should report it upstream. 2) Django is implementing an additional feature. Depending on what exactly the code is doing you might want to open a new feature request on the bug tracker. For example the original parse_starttag sets a self.lasttag attribute with the correct name of the last tag parsed. Note however that both parse_starttag and self.lasttag are internal and shouldn't be used directly (but lasttag could be exposed and documented if people really think that it's useful).
Do we need to indicate more strongly that data like tagfind are private? Or has the change introduced inadvertent breakage, requiring a fix in Python?
I'm not sure that reverting the regex, deprecate all the exposed internal names, and add/use internal _names instead is a good idea at this point. This will cause more breakage, and it would require an extensive renaming. I can add notes to the documentation/docstrings and specify what's private and what's not though. OTOH, if this specific fix is not released yet I can still do something to limit/avoid the breakage. Best Regards, Ezio Melotti
Regards,
Vinay Sajip
On 04/27/2012 08:36 AM, Guido van Rossum wrote:
Someone should contact the Django folks. Alex Gaynor?
I committed the relevant code to Django (though I didn't write the patch), and I've been following this thread. I have it on my todo list to review this code again with Ezio's suggestions in mind. So you can consider "the Django folks" contacted. Carl
On Thu, Apr 26, 2012 at 12:10 PM, Vinay Sajip <vinay_sajip@yahoo.co.uk> wrote:
I think both. Looks like it wasn't meant to be exported. But it should have been marked as such. And I think it would behoove us to reduce random failures in important 3rd party libraries by keeping the old version around (but mark it as deprecated with an explaining comment, and submit a Django fix to stop using it). Also the module should be updated to use _tagfind internally (and likewise for other accidental exports). Traditionally we've been really lax about this stuff. We should strive to improve and clarify the exact boundaries of our APIs better. -- --Guido van Rossum (python.org/~guido)
On Fri, Apr 27, 2012 at 5:21 AM, Guido van Rossum <guido@python.org> wrote:
Traditionally we've been really lax about this stuff. We should strive to improve and clarify the exact boundaries of our APIs better.
Yeah, I must admit in my own projects these days I habitually mark all module level and class level names with a leading underscore until I make a conscious decision to make them part of the relevant public API. I also do this for any new helper attributes and functions/methods I add to the stdlib. One key catalyst for this was when PJE pointed out a bug years ago in the behaviour of the -m switch that meant I had to introduce a *new* helper function to runpy, because runpy.run_module was public, and I needed to change the signature in a backwards incompatible way to fix the bug (and thus the current runpy._run_module_as_main hook was born). When I use dir() and help() as much as I do to explore unfamiliar APIs, I feel obliged to make sure that introspecting my own code accurately reflects which names are part of the public API and which are just implementation details. Cheers, Nick. -- Nick Coghlan | ncoghlan@gmail.com | Brisbane, Australia
On 26.04.2012 21:10, Vinay Sajip wrote:
Since it's a module level constant without a leading underscore, IMO it was okay for Django to use it, even if not documented. In this case, especially since we actually have evidence of someone using the constant, I would keep it as-is and use a new (underscored, this time) name for the new pattern. And yes, I think that we do need to indicate private-ness of module-level data. Georg
Hi, On 26/04/2012 22.10, Vinay Sajip wrote:
html.parser doesn't use any private _name, so I was considering part of the public API only the documented names. Several methods are marked with an "# internal" comment, but that's not visible unless you go read the source code.
Django shouldn't override parse_starttag (internal and undocumented), but just use handle_starttag (public and documented). I see two possible reasons why it's overriding parse_starttag: 1) Django is working around an HTMLParser bug. In this case the bug could have been fixed (leading to the breakage of the now-useless workaround), and now you could be able to use the original parse_starttag and have the correct result. If it is indeed working around a bug and the bug is still present, you should report it upstream. 2) Django is implementing an additional feature. Depending on what exactly the code is doing you might want to open a new feature request on the bug tracker. For example the original parse_starttag sets a self.lasttag attribute with the correct name of the last tag parsed. Note however that both parse_starttag and self.lasttag are internal and shouldn't be used directly (but lasttag could be exposed and documented if people really think that it's useful).
Do we need to indicate more strongly that data like tagfind are private? Or has the change introduced inadvertent breakage, requiring a fix in Python?
I'm not sure that reverting the regex, deprecate all the exposed internal names, and add/use internal _names instead is a good idea at this point. This will cause more breakage, and it would require an extensive renaming. I can add notes to the documentation/docstrings and specify what's private and what's not though. OTOH, if this specific fix is not released yet I can still do something to limit/avoid the breakage. Best Regards, Ezio Melotti
Regards,
Vinay Sajip
On 04/27/2012 08:36 AM, Guido van Rossum wrote:
Someone should contact the Django folks. Alex Gaynor?
I committed the relevant code to Django (though I didn't write the patch), and I've been following this thread. I have it on my todo list to review this code again with Ezio's suggestions in mind. So you can consider "the Django folks" contacted. Carl
participants (7)
-
Carl Meyer -
Ezio Melotti -
Georg Brandl -
Guido van Rossum -
Nick Coghlan -
Terry Reedy -
Vinay Sajip