[Python-ideas] Add a cryptographic hash (e.g SHA1) of source toPython Compiled objects?
Terry Reedy
tjreedy at udel.edu
Thu Feb 5 22:57:19 CET 2009
rocky at gnu.org wrote:
> Brett Cannon writes:
> > marshal.dumps(compile(open('file.py').read(), 'file.py', 'exec')) ==
> > open('file.pyc').read()[8:]
>
> Thanks.
>
> Alas, I can't see how in practice this will be generally useful.
>
> Again, here is the problem: I have a some sort of compiled python file
> and something which I think is the source code for it. I want to
> verify that it is.
>
> (In a debugger it means we can warn that what you are seeing is not
> what's being run. However I do not believe this is the only situation
> where getting the answer to this question is helpful/important.)
>
> The solution above is very sensitive to knowing the name of the file
> (files?) used in compilation because those are stored in the
> co_filename portion of the code object.
Instead of comparing marshal strings, custom compare the code objects,
ignoring .co_filename.
tjr
More information about the Python-ideas
mailing list