[Python-ideas] Add a cryptographic hash (e.g SHA1) of source toPython Compiled objects?

rocky at gnu.org rocky at gnu.org
Wed Feb 4 05:16:55 CET 2009

Brett Cannon writes:
 > On Tue, Feb 3, 2009 at 11:44, Raymond Hettinger <python at rcn.com> wrote:
 > > [Brett]
 > >>
 > >> The only thing you need to compile bytecode is the same Python version
 > >> (and thus the same magic number) and whether it is a .pyc or .pyo (and
 > >> thus if -O/-OO was used). Your platform has nothing to do with
 > >> bytecode compilation.
 > >
 > > Well said.  The best validation of a pyc is to compile the source.
 > Actually, recompilation is so cheap and easy (see py_compile or
 > compileall with the --force flag) that bothering with the hash is
 > probably not worth it. 

Ok. I'm now enlightened as to a viable approach. Thanks.

Without a doubt you all are much more familiar at this stuff that I
am. (In fact I'm a rank novice.) So I'd be grateful if someone would
post code for a function say:

  compare_src_obj(python_src, python_obj)

that takes two strings -- a Python source filename and a Python object
-- does what's outlined above, and returns a status which indicates
the same or if not and if not whether the difference is because of the
wrong version of Python was used.

(The use case given was little more involved than this because one
needs to make sure Python is found for the same version as the given
compiled object; but to start out I'd be happy to skip that
complexity, if it's too much trouble to do.)

More information about the Python-ideas mailing list