(Riffing off some discussion in another thread, I had another idea I wanted to throw out there.)
Given that Eval Really Is Dangerous[1], has something like this ever been considered?:
int(str(42))
42
float(str(42.0))
42.0
bool(str(False)) # :(
True
eval_literal('42')
42
eval_literal('42.0')
42.0
eval_literal('False') # :)
False
eval_literal('', default=False) # shout out to PEP 463 / Michael Selik
False
i.e. An extremely limited version of eval, possibly just for literals or even literal atoms, that would make it safe?
[1] http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html
That exact same thing exists mate :-)
See ast.literal_eval
On Tue, Jun 14, 2016 at 1:14 AM jab@math.brown.edu wrote:
(Riffing off some discussion in another thread, I had another idea I wanted to throw out there.)
Given that Eval Really Is Dangerous[1], has something like this ever been considered?:
int(str(42))
42
float(str(42.0))
42.0
bool(str(False)) # :(
True
eval_literal('42')
42
eval_literal('42.0')
42.0
eval_literal('False') # :)
False
eval_literal('', default=False) # shout out to PEP 463 / Michael Selik
False
i.e. An extremely limited version of eval, possibly just for literals or even literal atoms, that would make it safe?
[1] http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
On Mon, Jun 13, 2016 at 6:16 PM, Bar Harel bzvi7919@gmail.com wrote:
That exact same thing exists mate :-)
See ast.literal_eval
Cool! Perhaps I can consider it validating that I just reinvented it? :)
And to deal with the empty string case (in the absence of PEP 463), to make it a possible substitute for some bool.from_str() method, I guess you could do:
ast.literal_eval(os.getenv('FOO', 'False'))
Yes, it's called ast.literal_eval. https://docs.python.org/3/library/ast.html#ast.literal_eval
2016-06-13 15:13 GMT-07:00 jab@math.brown.edu:
(Riffing off some discussion in another thread, I had another idea I wanted to throw out there.)
Given that Eval Really Is Dangerous[1], has something like this ever been considered?:
int(str(42))
42
float(str(42.0))
42.0
bool(str(False)) # :(
True
eval_literal('42')
42
eval_literal('42.0')
42.0
eval_literal('False') # :)
False
eval_literal('', default=False) # shout out to PEP 463 / Michael Selik
False
i.e. An extremely limited version of eval, possibly just for literals or even literal atoms, that would make it safe?
[1] http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
On Tue, Jun 14, 2016 at 8:13 AM, jab@math.brown.edu wrote:
(Riffing off some discussion in another thread, I had another idea I wanted to throw out there.)
Given that Eval Really Is Dangerous[1], has something like this ever been considered?:
int(str(42))
42
float(str(42.0))
42.0
bool(str(False)) # :(
True
eval_literal('42')
42
eval_literal('42.0')
42.0
eval_literal('False') # :)
False
eval_literal('', default=False) # shout out to PEP 463 / Michael Selik
False
i.e. An extremely limited version of eval, possibly just for literals or even literal atoms, that would make it safe?
Check out ast.literal_eval:
https://docs.python.org/3/library/ast.html#ast.literal_eval
It's capable of evaluating all forms of literal, plus a variety of things that people kinda expect to be literals but aren't, plus some larger constructs that definitely aren't literals but are still very useful and safe (eg list display).
ChrisA
You mean ast.literal_eval? https://docs.python.org/2/library/ast.html#ast.literal_eval
Mahmoud https://github.com/mahmoud http://sedimental.org
On Mon, Jun 13, 2016 at 3:13 PM, jab@math.brown.edu wrote:
(Riffing off some discussion in another thread, I had another idea I wanted to throw out there.)
Given that Eval Really Is Dangerous[1], has something like this ever been considered?:
int(str(42))
42
float(str(42.0))
42.0
bool(str(False)) # :(
True
eval_literal('42')
42
eval_literal('42.0')
42.0
eval_literal('False') # :)
False
eval_literal('', default=False) # shout out to PEP 463 / Michael Selik
False
i.e. An extremely limited version of eval, possibly just for literals or even literal atoms, that would make it safe?
[1] http://nedbatchelder.com/blog/201206/eval_really_is_dangerous.html _______________________________________________ Python-ideas mailing list Python-ideas@python.org https://mail.python.org/mailman/listinfo/python-ideas Code of Conduct: http://python.org/psf/codeofconduct/
-
Bar Harel -
Chris Angelico -
jab@math.brown.edu -
Jelle Zijlstra -
Mahmoud Hashemi