Does Python really follow its philosophy of "Readability counts"?
Paul Rubin
http
Wed Jan 21 22:04:11 EST 2009
Luis Zarrabeitia <kyrie at uh.cu> writes:
> Even better. Realize that you are trying to use a tool made for
> debugging, documenting, and catching some obvious errors
> (private/public) for "security". Go fix Bastion, that would be your
> best bet. It was yanked out of python because it was insecure, but
> if someone were to fix it, I'm sure the changes would be welcomed.
Bastion appears to be fundamentally unfixable, at least in CPython.
It might be possible to revive it in PyPy.
> Btw, when I was programming in .Net (long time ago), I found a
> little library that I wanted to use. The catch: it wasn't
> opensource,
Well, THAT's the problem with it. The issues that flowed
from that problem are simply consequences.
> But I don't think it is _fully_ irrelevant. See, a thread that begun
> with saying that a piece of code was hard to read has evolved to
> changing the language so we could have tools to statically proving
> "certain things" with the code.
Yes, being able to tell without studying 1000's of lines of code what
the code does is a readability issue. If a function says at the top
"this function returns an integer" and that assertion is verified by
the compiler (or an external tool), you now know something about the
function's return value by reading only one line. If the assertion is
not verified by a program, then you have to actually examine all the
code in the function to check that particular fact.
Of course, the very presence of such assertions and the implementation
methods necessary to make them verifiable can in some situations
complicate the code, making it less readable in other regards.
There's not a magic bullet, it's always a trade-off.
> And each time a "suggestion" appears (from people that, at least at
> Have pylint check if someone uses getattr in your code, at all. If pylint
> doesn't do it, just grep for it and don't run that code. Simple.
It would be nice to be able to use getattr on instances of class X
while being able to verify that it is not used on instances of class Y.
That's somewhat beyond the reach of Pylint at the moment, I think.
More information about the Python-list
mailing list