Another problem with the assignment API is that the order the attributes are assigned is important: Eg check_hostname needs to be assigned before verify_mode or a warning is raised: https://github.com/encode/httpx/pull/1687/commits/ed9aabfeff6c18652db918bd06... On Mon, 28 Jun 2021, 19:45 Brendan Barnwell, <brenbarn@brenbarn.net> wrote:
On 2021-06-28 07:03, Thomas Grainger wrote:
but in this case the object is security sensitive, and security should be much more rigorous in ensuring correctness. It looks like there's a consensus being reached, should I create a bpo?
If we're going to make backwards-incompatible changes to SSLContext, might it be a good idea to make a cleaner, more Pythonic API while we're at it so that people are discouraged from doing attribute-setting at all? Why not have the class accept only valid options at creation time and raise an error if any unexpected arguments are passed? Is there even any reason to allow changing the SSLContext parameters after creation, or could we just freeze them on instance creation and make people create a separate context if they want a different configuration? I think any of these would be better than the current setup that expects people to adjust the options by manually setting attributes one by one after instance creation.
-- Brendan Barnwell "Do not follow where the path may lead. Go, instead, where there is no path, and leave a trail." --author unknown _______________________________________________ Python-ideas mailing list -- python-ideas@python.org To unsubscribe send an email to python-ideas-leave@python.org https://mail.python.org/mailman3/lists/python-ideas.python.org/ Message archived at https://mail.python.org/archives/list/python-ideas@python.org/message/K5ZBPH... Code of Conduct: http://python.org/psf/codeofconduct/