shashbha14 opened a new pull request, #49254:
URL: https://github.com/apache/arrow/pull/49254
Fixes #49241
The current Security documentation mentions that users should “use the
appropriate
APIs to validate the Arrow data” when reading IPC streams from untrusted
sources,
but it doesn’t say which APIs those are.
This PR adds a short “Security considerations for untrusted IPC data”
section to
the Python IPC docs. It:
- Explains that you should explicitly validate RecordBatches/Tables when
reading
IPC data from untrusted or semi‑trusted sources.
- Points to `RecordBatch.validate()` and `Table.validate()` as the relevant
validation helpers.
- Shows small code snippets using these methods with `pa.ipc.open_stream` and
`pa.ipc.open_file`.
This makes the recommended validation APIs discoverable for PyArrow users and
matches what was requested in #49241.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
