Thank you Victor. XML support in Python is critical and desired for many sectors like banking or telecoms, and code base based on XML is still on rise in such world.
That's why keeping such bugs open is important, as it is not impossible that someone (banks, telecoms, google camps, government grants) would simply fund small project aiming at fixing those bugs in XML. We never know. -------- Beginning of forwarded message -------- 07.09.2018, 09:03, "Victor Stinner" <vstin...@redhat.com>: Le jeu. 6 sept. 2018 à 21:10, Steve Dower <steve.do...@python.org> a écrit : > If Christian is not able to keep maintaining the defused* packages, then > I may take a look at this next week at the sprints. The built-in XML > packages actually don't meet Microsoft's internal security requirements, > so I have some business motivation to do it. Great! The best would be to be able to merge defuse* features into the stdlib. Maybe not change the default, but add an option to enable security counter-measures. Victor _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/pms.coder%40yandex.ru -------- End of forwarded message -------- _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
