[Python-Dev] Re: Python grammar test cases
10.05.22 08:10, Venkat Ramakrishnan пише: I'm wondering if there's a repository of test cases that test the Python grammar. Any help would be appreciated. See test_grammar and test_syntax. And there are some test files for specific grammar features, like test_string_literals, test_unpack_ex, test_genexps, test_fstring, etc. ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/NW2D3WMQOOFVF5WHJDEG5B4TCIY7UR5U/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Python grammar test cases
Greetings! I'm wondering if there's a repository of test cases that test the Python grammar. Any help would be appreciated. Thanks & Best Regards, Venkat. ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/RZUBXSU2VVLI42S4WOSIXWYMEL2OYW4D/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Re: Test Python 3.11 beta1 with PYTHONSAFEPATH=1
On 5/9/2022 5:24 PM, Victor Stinner wrote: If PYTHONSAFEPATH=1 only breaks a minority of use cases, maybe we can consider to make it the default, as Perl did in Perl 5.26 (2017) to increase its security: https://perldoc.perl.org/perl5260delta#Removal-of-the-current-directory-(%22.%22)-from-@INC Perl has an environment variable to get the old (Perl 5.24) behavior: PERL_USE_UNSAFE_INC=1. If enough people consider that it would be a good idea to change the default, I can maybe write a full PEP (I already have some notes). Even if the PEP is rejected, it might be a good thing to write down everything about this topic since it's a common issue hit by users learning Python and a common question of people auditing the Python security. I was asked a few months ago about changing the default to increase Python security. It's possibly worth writing it down, but I'm pretty sure it would impact more people than it's worth. I quite often see people who are relying on both empty sys.path[0] and implicit namespace packages for all of their imports, often without realising it. If we are able to add an warning on import via an empty sys.path entry, that might be useful enough, but it could also serve as a deprecation warning without necessarily putting a timeline on it (and also as advertising for the new option). Cheers, Steve ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/FBDN23BFF24OZPZAXAFXQE3KMFFXHTTC/ Code of Conduct: http://python.org/psf/codeofconduct/
[Python-Dev] Test Python 3.11 beta1 with PYTHONSAFEPATH=1
Hi, I added the -P command line option and the PYTHONSAFEPATH=1 environment variable to Python 3.11 beta 1 to not prepend an "unsafe path" to sys.path such as the script's directory or the current directory: https://docs.python.org/dev/using/cmdline.html#cmdoption-P Example: -- $ echo 'Nope!' >random.py # broken module $ echo 'import random; print(random.randint(1, 6))' >dice.py $ python3.11 dice.py # default behavior (...) File "/home/vstinner/random.py", line 1 (...) SyntaxError: invalid syntax $ python3.11 -P dice.py # ignore local random.py 4 -- Please test Python 3.11 beta1 with the PYTHONSAFEPATH=1 environment variable set, or at least run python with the -P option. I'm curious which use cases are not affected and which use cases are affected. The PYTHONSAFEPATH=1 environment variable is inherited and so affect child processes. It can break applications relying on Python 3.10 sys.path behavior. I proposed adding -p option which does the opposite of the -P option: opt-in for Python 3.10 "unsafe" sys.path behavior, ignore the PYTHONSAFEPATH environment variable: https://github.com/python/cpython/pull/92361 If PYTHONSAFEPATH=1 only breaks a minority of use cases, maybe we can consider to make it the default, as Perl did in Perl 5.26 (2017) to increase its security: https://perldoc.perl.org/perl5260delta#Removal-of-the-current-directory-(%22.%22)-from-@INC Perl has an environment variable to get the old (Perl 5.24) behavior: PERL_USE_UNSAFE_INC=1. If enough people consider that it would be a good idea to change the default, I can maybe write a full PEP (I already have some notes). Even if the PEP is rejected, it might be a good thing to write down everything about this topic since it's a common issue hit by users learning Python and a common question of people auditing the Python security. I was asked a few months ago about changing the default to increase Python security. Victor -- Night gathers, and now my watch begins. It shall not end until my death. ___ Python-Dev mailing list -- python-dev@python.org To unsubscribe send an email to python-dev-le...@python.org https://mail.python.org/mailman3/lists/python-dev.python.org/ Message archived at https://mail.python.org/archives/list/python-dev@python.org/message/VO5A6K5O5HB563PNYZZ3SN57LIXRJTPC/ Code of Conduct: http://python.org/psf/codeofconduct/
