Re: [gettext] How to change language at run-time

2017-06-15 Thread dieter 
pozz  writes:
> I know I can load multiple gettext.translation:
>
>   it = gettext.translation('test', localedir="locale", languages=["it"])
>   es = gettext.translation('test', localedir="locale", languages=["es"])
>
> and install one translation at run-time when I want at a later time
> (when the user selects a new language):
>
>   it.install()
> or
>   es.install()
>
>
> However the problem is that strings already translated are not
> translated again when a new translation is installed.  So they stay at
> the language selected during start-up and don't change after a new
> install().

I know the internationalization/localisation of the web application framework
"Zope". There, it is completely natural, that the individual request
determines the target language.

This is handled as follows: things to be localized are represented
by so called "message_id"s. They behave somehow as unicode objects, but,
of course, they are more complex; especially, they may encapsulate parameters
to be incorparated in the translation.
When a "message_id" is localized, the target language is taken from
the context (i.e. the current request). It returns a unicode string
but does not change the "message_id".

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Ben Finney 
alister  writes:

> Json is designed to be legal Javascript code & therefore directly
> executable so no parser is posible.

JSON is designed to be *a strictly limited subset* of legal JavaScript
that only defines data structures. The explicit goal is that it is
statically parseable as non-executable data.

-- 
 \ “The power of accurate observation is frequently called |
  `\cynicism by those who don't have it.” —George Bernard Shaw |
_o__)  |
Ben Finney

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Customise the virtualenv `activate` script

2017-06-15 Thread Ben Finney 
Cameron Simpson  writes:

> I must admit my initial preference would be the differently named
> wrapper. Surely users of the codebase will be invoking stuff via
> something opaque which sources the requisite things?

That “something opaque” is the ‘$VENV/bin/activate’ script; many people
who join the team will already know that, and I'm trying to make use of
that existing convention.

> Actually, on trying to write something simple and flexible, since once
> made the venv is basicly state WRT the activate script, I'm leaning
> towards hacking the activate script, probably by keeping a distinct
> file off the the side and modifying activate to source it.

Yeah, I'd much prefer to be told there's a hook to use, so that someone
who creates a standard Python virtualenv the conventional way will not
need to then hack that virtualenv.

-- 
 \   “I distrust those people who know so well what God wants them |
  `\to do to their fellows, because it always coincides with their |
_o__)  own desires.” —Susan Brownell Anthony, 1896 |
Ben Finney

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Developers Who Use Spaces Make More Money!

2017-06-15 Thread Ian Kelly 
On Thu, Jun 15, 2017 at 8:51 PM, Larry Martell  wrote:
> On Thu, Jun 15, 2017 at 6:35 PM, Christopher Reimer
>  wrote:
>> One commentator on a tech website admonished programmers for wasting time by 
>> pressing the space bar four times instead of using tab. O_o
>
> Not in vi with
>
> set autoindent
> set expandtab

Or in any halfway-decent editor with reasonable indentation settings.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Developers Who Use Spaces Make More Money!

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 6:35 PM, Christopher Reimer
 wrote:
>> On Jun 15, 2017, at 3:24 PM, jlada...@itu.edu wrote:
>>
>> This is hilarious, I have to share:
>>
>> https://stackoverflow.blog/2017/06/15/developers-use-spaces-make-money-use-tabs/
>>
>> Thanks to Guido for making us all richer!
>
> One commentator on a tech website admonished programmers for wasting time by 
> pressing the space bar four times instead of using tab. O_o

Not in vi with

set autoindent
set expandtab
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Developers Who Use Spaces Make More Money!

2017-06-15 Thread Steve D'Aprano 
On Fri, 16 Jun 2017 08:42 am, Chris Angelico wrote:

> On Fri, Jun 16, 2017 at 8:24 AM,   wrote:
>> This is hilarious, I have to share:
>>
>>
https://stackoverflow.blog/2017/06/15/developers-use-spaces-make-money-use-tabs/
>>
>> Thanks to Guido for making us all richer!
> 
> Bah, that's just noise. There may appear to be a small difference
> between those who use tabs and those who use spaces, but look at the
> numbers: whichever one you use, you're going to make FAR more money
> than people who don't use any whitespace in their code.

Oh man... can you imagine how much money there is to be made by eliminating all
non-whitespace from your code?

http://progopedia.com/language/whitespace/




-- 
Steve
“Cheer up,” they said, “things could be worse.” So I cheered up, and sure
enough, things got worse.

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Developers Who Use Spaces Make More Money!

2017-06-15 Thread Christopher Reimer 
> On Jun 15, 2017, at 3:24 PM, jlada...@itu.edu wrote:
> 
> This is hilarious, I have to share:
> 
> https://stackoverflow.blog/2017/06/15/developers-use-spaces-make-money-use-tabs/
> 
> Thanks to Guido for making us all richer!

One commentator on a tech website admonished programmers for wasting time by 
pressing the space bar four times instead of using tab. O_o

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Developers Who Use Spaces Make More Money!

2017-06-15 Thread Chris Angelico 
On Fri, Jun 16, 2017 at 8:24 AM,   wrote:
> This is hilarious, I have to share:
>
> https://stackoverflow.blog/2017/06/15/developers-use-spaces-make-money-use-tabs/
>
> Thanks to Guido for making us all richer!

Bah, that's just noise. There may appear to be a small difference
between those who use tabs and those who use spaces, but look at the
numbers: whichever one you use, you're going to make FAR more money
than people who don't use any whitespace in their code.

Search your feelings, you know this to be true...

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Developers Who Use Spaces Make More Money!

2017-06-15 Thread jladasky 
This is hilarious, I have to share:

https://stackoverflow.blog/2017/06/15/developers-use-spaces-make-money-use-tabs/

Thanks to Guido for making us all richer!
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Chris Angelico 
On Fri, Jun 16, 2017 at 6:58 AM, Grant Edwards
 wrote:
> On 2017-06-15, Erik  wrote:
>> On 15/06/17 15:10, Chris Angelico wrote:
>>> On Fri, Jun 16, 2017 at 12:00 AM, alister  wrote:
 Json is designed to be legal Javascript code & therefore directly
 executable so no parser is posible.

>>>
>>> "no parser is possible"???
>>
>> I *think* alister meant "so it is possible to not use a parser
>> [library]" (i.e., parse the stream using JavaScript's parser via eval()
>> - though I agree with everyone else who has said this should never be done).
>
> The old operator order/precedence issue strikes again...
>
>   (no parser) is possible
>
> vs.
>
>   no (parser is possible)

Rewording:

JSON is a subset of JavaScript syntax, and therefore can potentially
be evaluated without a parser.

So, yeah, sure. You can create an HTML page like this:

"""
var data = %s;
do_stuff_with(data);

""" % json.dumps(some_object)

Sure, nice. But if you then say "JSON is vulnerable because you can
evaluate it as JS", you're completely missing the point. Any time you
get untrusted data, you're going to get it as either a string or an
array of bytes, and either way, it's just as easy  to JSON.parse() it
as to eval() it.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Chris Angelico 
On Fri, Jun 16, 2017 at 6:17 AM, Erik  wrote:
> On 15/06/17 15:10, Chris Angelico wrote:
>>
>> On Fri, Jun 16, 2017 at 12:00 AM, alister 
>> wrote:
>>>
>>> Json is designed to be legal Javascript code & therefore directly
>>> executable so no parser is posible.
>>>
>>
>> "no parser is possible"???
>
>
> I *think* alister meant "so it is possible to not use a parser [library]"
> (i.e., parse the stream using JavaScript's parser via eval() - though I
> agree with everyone else who has said this should never be done).
>
> I may be wrong about what alister meant, but the language reminds me of a
> German colleague of mine from a few years back who wrote in some API update
> documentation "Specifying parameter X is no longer an option". What he meant
> was "is now mandatory" or "is no longer optional". To a native English
> speaker, it reads as "can no longer be used" which is the opposite of what
> he meant ...

Ohhh, got it. Well, that's technically true, but it's still not a
fault of JSON. A proper parser exists in most web languages' standard
libraries, and can probably be picked up for any language you like. So
I still stand by my declaration

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 1:44 PM, Kushal Kumaran  wrote:
> Your python was built without sqlite3 support.  If your yum repo
> provider is unable to rebuild with sqlite3, you can do so yourself.
> Make sure the sqlite-devel package is installed so your python build
> will use it.

Decided to do this in a docker container running an OS where 2.7 is
the default and has sqlite. Thanks everyone for their advice and help.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Grant Edwards 
On 2017-06-15, Erik  wrote:
> On 15/06/17 15:10, Chris Angelico wrote:
>> On Fri, Jun 16, 2017 at 12:00 AM, alister  wrote:
>>> Json is designed to be legal Javascript code & therefore directly
>>> executable so no parser is posible.
>>>
>> 
>> "no parser is possible"???
>
> I *think* alister meant "so it is possible to not use a parser 
> [library]" (i.e., parse the stream using JavaScript's parser via eval() 
> - though I agree with everyone else who has said this should never be done).

The old operator order/precedence issue strikes again...

  (no parser) is possible

vs.

  no (parser is possible)

-- 
Grant Edwards   grant.b.edwardsYow! I'm definitely not
  at   in Omaha!
  gmail.com

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Erik 

On 15/06/17 15:10, Chris Angelico wrote:

On Fri, Jun 16, 2017 at 12:00 AM, alister  wrote:

Json is designed to be legal Javascript code & therefore directly
executable so no parser is posible.



"no parser is possible"???


I *think* alister meant "so it is possible to not use a parser 
[library]" (i.e., parse the stream using JavaScript's parser via eval() 
- though I agree with everyone else who has said this should never be done).


I may be wrong about what alister meant, but the language reminds me of 
a German colleague of mine from a few years back who wrote in some API 
update documentation "Specifying parameter X is no longer an option". 
What he meant was "is now mandatory" or "is no longer optional". To a 
native English speaker, it reads as "can no longer be used" which is the 
opposite of what he meant ...


E.
--
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Kushal Kumaran 
Larry Martell  writes:

> On Thu, Jun 15, 2017 at 12:20 PM, Kushal Kumaran  wrote:
>> Larry Martell  writes:
>>
>>> On Thu, Jun 15, 2017 at 10:35 AM, Peter Otten <__pete...@web.de> wrote:
 Larry Martell wrote:

>> On linux the system sqlite3 is used.
>
> I tried building and installing sqlite from source and that did not
> solve the problem.

 You misunderstood: the problem is not sqlite3 it's that python needs
 sqlite3's header files.

>> Is that a Python version that you compiled yourself?
>
> No I installed it with pip install python2.7

 I'd never have thought of trying that -- but still: did that download 
 binary
 blobs or did it invoke the C compiler?
>>>
>>> Sorry I mistyped - it wasn't pip it was yum.
>>>
>>
>> Are you sure that is the python you are running?  The python provided by
>> the OS repositories would have installed python at /usr/bin/python
>> (possibly with additional names such as /usr/bin/python2.7).  The
>> exception you posted earlier is looking at files in /usr/local and
>> /opt/rh, neither of which would be searched by the system-installed
>> python by default.
>>
>> It is possible (likely?) that /usr/local/bin is earlier in your $PATH
>> than /usr/bin, which is resulting in some /usr/local/bin/python
>> shadowing the system python.  If so, run the system python with an
>> absolute path like /usr/bin/python and see if you are able to import
>> sqlite3.
>
> /usr/bin/python2.7 is a symlink to /usr/local/bin/python2.7:
>
> $ ls -l /usr/bin/python2.7
>
> lrwxrwxrwx. 1 root root 24 Apr 22  2016 /usr/bin/python2.7 ->
> /usr/local/bin/python2.7
>
> On Redhat 6 the system python is 2.6. You cannot change that as it breaks yum.
>

Then the question is again, how did you install python2.7.  Which yum
repository provided you this kind of python2.7 package?  You should
contact them to check how they've built this python, and whether they
can include sqlite3 in their build.

> /usr/local/bin/ is earlier in my path then /usr/bin. But I used
> python2.7 all the time here and other packages work fine.
>
> What led me down this rabbit hole was that I am trying to use
> pypolibox and that is failing with this traceback:
>
> Traceback (most recent call last):
>   File "/usr/local/bin/pypolibox", line 9, in 
> load_entry_point('pypolibox==1.0.2', 'console_scripts', 'pypolibox')()
>   File 
> "/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
> line 343, in load_entry_point
> return get_distribution(dist).load_entry_point(group, name)
>   File 
> "/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
> line 2309, in load_entry_point
> return ep.load()
>   File 
> "/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
> line 2015, in load
> entry = __import__(self.module_name, globals(),globals(), ['__name__'])
>   File "/usr/local/lib/python2.7/site-packages/pypolibox/pypolibox.py",
> line 13, in 
> from nltk.featstruct import Feature
>   File "/usr/local/lib/python2.7/site-packages/nltk/__init__.py", line
> 137, in 
> from nltk.stem import *
>   File "/usr/local/lib/python2.7/site-packages/nltk/stem/__init__.py",
> line 29, in 
> from nltk.stem.snowball import SnowballStemmer
>   File "/usr/local/lib/python2.7/site-packages/nltk/stem/snowball.py",
> line 26, in 
> from nltk.corpus import stopwords
>   File "/usr/local/lib/python2.7/site-packages/nltk/corpus/__init__.py",
> line 66, in 
> from nltk.corpus.reader import *
>   File 
> "/usr/local/lib/python2.7/site-packages/nltk/corpus/reader/__init__.py",
> line 105, in 
> from nltk.corpus.reader.panlex_lite import *
>   File 
> "/usr/local/lib/python2.7/site-packages/nltk/corpus/reader/panlex_lite.py",
> line 15, in 
> import sqlite3
>   File "/usr/local/lib/python2.7/sqlite3/__init__.py", line 24, in 
> from dbapi2 import *
>   File "/usr/local/lib/python2.7/sqlite3/dbapi2.py", line 28, in 
> from _sqlite3 import *
> ImportError: No module named _sqlite3

Your python was built without sqlite3 support.  If your yum repo
provider is unable to rebuild with sqlite3, you can do so yourself.
Make sure the sqlite-devel package is installed so your python build
will use it.

-- 
regards,
kushal
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 12:20 PM, Kushal Kumaran  wrote:
> Larry Martell  writes:
>
>> On Thu, Jun 15, 2017 at 10:35 AM, Peter Otten <__pete...@web.de> wrote:
>>> Larry Martell wrote:
>>>
> On linux the system sqlite3 is used.

 I tried building and installing sqlite from source and that did not
 solve the problem.
>>>
>>> You misunderstood: the problem is not sqlite3 it's that python needs
>>> sqlite3's header files.
>>>
> Is that a Python version that you compiled yourself?

 No I installed it with pip install python2.7
>>>
>>> I'd never have thought of trying that -- but still: did that download binary
>>> blobs or did it invoke the C compiler?
>>
>> Sorry I mistyped - it wasn't pip it was yum.
>>
>
> Are you sure that is the python you are running?  The python provided by
> the OS repositories would have installed python at /usr/bin/python
> (possibly with additional names such as /usr/bin/python2.7).  The
> exception you posted earlier is looking at files in /usr/local and
> /opt/rh, neither of which would be searched by the system-installed
> python by default.
>
> It is possible (likely?) that /usr/local/bin is earlier in your $PATH
> than /usr/bin, which is resulting in some /usr/local/bin/python
> shadowing the system python.  If so, run the system python with an
> absolute path like /usr/bin/python and see if you are able to import
> sqlite3.

/usr/bin/python2.7 is a symlink to /usr/local/bin/python2.7:

$ ls -l /usr/bin/python2.7

lrwxrwxrwx. 1 root root 24 Apr 22  2016 /usr/bin/python2.7 ->
/usr/local/bin/python2.7

On Redhat 6 the system python is 2.6. You cannot change that as it breaks yum.

/usr/local/bin/ is earlier in my path then /usr/bin. But I used
python2.7 all the time here and other packages work fine.

What led me down this rabbit hole was that I am trying to use
pypolibox and that is failing with this traceback:

Traceback (most recent call last):
  File "/usr/local/bin/pypolibox", line 9, in 
load_entry_point('pypolibox==1.0.2', 'console_scripts', 'pypolibox')()
  File 
"/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
line 343, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
  File 
"/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
line 2309, in load_entry_point
return ep.load()
  File 
"/usr/local/lib/python2.7/site-packages/distribute-0.6.35-py2.7.egg/pkg_resources.py",
line 2015, in load
entry = __import__(self.module_name, globals(),globals(), ['__name__'])
  File "/usr/local/lib/python2.7/site-packages/pypolibox/pypolibox.py",
line 13, in 
from nltk.featstruct import Feature
  File "/usr/local/lib/python2.7/site-packages/nltk/__init__.py", line
137, in 
from nltk.stem import *
  File "/usr/local/lib/python2.7/site-packages/nltk/stem/__init__.py",
line 29, in 
from nltk.stem.snowball import SnowballStemmer
  File "/usr/local/lib/python2.7/site-packages/nltk/stem/snowball.py",
line 26, in 
from nltk.corpus import stopwords
  File "/usr/local/lib/python2.7/site-packages/nltk/corpus/__init__.py",
line 66, in 
from nltk.corpus.reader import *
  File "/usr/local/lib/python2.7/site-packages/nltk/corpus/reader/__init__.py",
line 105, in 
from nltk.corpus.reader.panlex_lite import *
  File 
"/usr/local/lib/python2.7/site-packages/nltk/corpus/reader/panlex_lite.py",
line 15, in 
import sqlite3
  File "/usr/local/lib/python2.7/sqlite3/__init__.py", line 24, in 
from dbapi2 import *
  File "/usr/local/lib/python2.7/sqlite3/dbapi2.py", line 28, in 
from _sqlite3 import *
ImportError: No module named _sqlite3
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [gettext] How to change language at run-time

2017-06-15 Thread Peter Otten 
pozz wrote:

> Il 15/06/2017 15:22, Peter Otten ha scritto:
>> pozz wrote:
>> 
>>> I know I can load multiple gettext.translation:
>>>
>>> it = gettext.translation('test', localedir="locale",
>>> languages=["it"]) es = gettext.translation('test',
>>> localedir="locale", languages=["es"])
>>>
>>> and install one translation at run-time when I want at a later time
>>> (when the user selects a new language):
>>>
>>> it.install()
>>> or
>>> es.install()
>>>
>>>
>>> However the problem is that strings already translated are not
>>> translated again when a new translation is installed.  So they stay at
>>> the language selected during start-up and don't change after a new
>>> install().
>>>
>>> One solution is to restart the application, but I think there's a better
>>> and more elegant solution.
>> 
>> You need a way to defer the translation until the string is actually
>> used. The documentation has a few ideas
>> 
>> https://docs.python.org/dev/library/gettext.html#deferred-translations
>> 
>> and here's another one -- perform the translation in the __str__ method
>> of a custom class:
>  > [...]
> 
> 
> It's a nice trick. However you will have a string that isn't a string,
> but a class.  I think you can't use the class everywhere you can use a
> string.  For example, len() can't be called.

len() could be implemented as

class DeferredTranslation:
...
def __len__(self):
return len(str(self))

and usually I would expect that you only need a small subset of the str 
methods for localized text. However, when you switch languages between the 
len() and str() calls you will certainly make a mess...

-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Kushal Kumaran 
Larry Martell  writes:

> On Thu, Jun 15, 2017 at 10:35 AM, Peter Otten <__pete...@web.de> wrote:
>> Larry Martell wrote:
>>
 On linux the system sqlite3 is used.
>>>
>>> I tried building and installing sqlite from source and that did not
>>> solve the problem.
>>
>> You misunderstood: the problem is not sqlite3 it's that python needs
>> sqlite3's header files.
>>
 Is that a Python version that you compiled yourself?
>>>
>>> No I installed it with pip install python2.7
>>
>> I'd never have thought of trying that -- but still: did that download binary
>> blobs or did it invoke the C compiler?
>
> Sorry I mistyped - it wasn't pip it was yum.
>

Are you sure that is the python you are running?  The python provided by
the OS repositories would have installed python at /usr/bin/python
(possibly with additional names such as /usr/bin/python2.7).  The
exception you posted earlier is looking at files in /usr/local and
/opt/rh, neither of which would be searched by the system-installed
python by default.

It is possible (likely?) that /usr/local/bin is earlier in your $PATH
than /usr/bin, which is resulting in some /usr/local/bin/python
shadowing the system python.  If so, run the system python with an
absolute path like /usr/bin/python and see if you are able to import
sqlite3.

>> If the latter, and pip isn't smart
>> enough to get the sqlite3 headers you need to install them by hand before
>> letting pip do its magic.

-- 
regards,
kushal
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [gettext] How to change language at run-time

2017-06-15 Thread pozz 

Il 15/06/2017 15:22, Peter Otten ha scritto:

pozz wrote:


I know I can load multiple gettext.translation:

it = gettext.translation('test', localedir="locale", languages=["it"])
es = gettext.translation('test', localedir="locale", languages=["es"])

and install one translation at run-time when I want at a later time
(when the user selects a new language):

it.install()
or
es.install()


However the problem is that strings already translated are not
translated again when a new translation is installed.  So they stay at
the language selected during start-up and don't change after a new
install().

One solution is to restart the application, but I think there's a better
and more elegant solution.


You need a way to defer the translation until the string is actually used.
The documentation has a few ideas

https://docs.python.org/dev/library/gettext.html#deferred-translations

and here's another one -- perform the translation in the __str__ method of
a custom class:

> [...]


It's a nice trick. However you will have a string that isn't a string, 
but a class.  I think you can't use the class everywhere you can use a 
string.  For example, len() can't be called.


--
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Gene Heskett 
On Thursday 15 June 2017 01:10:26 Marko Rauhamaa wrote:

> Chris Angelico :
> > XML is thus poorly suited to *most* forms of data,
>
> Correct.
>
> > 
> > 
> >   aa
> >   qq
> >   qw
> >   qe
> >   as
> > 
> >
> > What does this represent? A generic XML parser has to cope with it.
> > I gave this to a few XML-to-JSON converters, and they all
> > interpreted it as some variant of
> > {"asdf":["aa","as"],"qwer":["qq","qw","qe"]}
>
> It's worse than that. For a *generic* parser, it should be something
> like:
>
>{
>"spam" : [
>"  \n",
>{ "asdf" : [ "aa" ] },
>"  \n",
>{ "qwer" : [ "qq" ] },
>"  \n",
>{ "qwer" : [ "qw" ] },
>"  \n",
>{ "qwer" : [ "qe" ] },
>"  \n",
>{ "asdf" : [ "as" ] },
>"\n"
>]
>}
>
> > XML just needs to die.
>
> Thankfully, that seems to be happening.

Slowly please, it is still being heavily used in the custom gui creation 
field.  We would love to have gladevcp back in a usable state, but it 
was dropped by gtk3 and has never been given any TLC since, so those of 
us creating industrial gui's are stuck doing it in pyvcp and xml.  If 
you intend to kill off xml, then we had better have another, even 
prettier replacement already available. We don't today, have anything 
that can replace pyvcp translating a .xml in its broad utility.


> Marko


Cheers, Gene Heskett
-- 
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author)
Genes Web page 
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Peter Otten 
Larry Martell wrote:

> Sorry I mistyped - it wasn't pip it was yum.

OK, I'm out then. Looks like what works for Debian derivatives is not easily 
transferable to Redhead...


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Ned Batchelder 
On Thursday, June 15, 2017 at 5:55:07 AM UTC-4, Gregory Ewing wrote:
> Chris Angelico wrote:
> > There've been a number of attempts, over the years, to make a
> > sandboxed Python interpreter, where you can run untrusted code. But if
> > Python came with a JS interpreter, it would be possible to run
> > untrusted JS code, with Python functioning as a gatekeeper.
> 
> If that would provide sufficient sandboxing, then how about
> writing a Python interpreter in Python to get a sandboxed
> Python?

PyPy has a sandboxed mode, where every system call is routed through
a controller process than can decide what to do with it.

--Ned.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 10:35 AM, Peter Otten <__pete...@web.de> wrote:
> Larry Martell wrote:
>
>>> On linux the system sqlite3 is used.
>>
>> I tried building and installing sqlite from source and that did not
>> solve the problem.
>
> You misunderstood: the problem is not sqlite3 it's that python needs
> sqlite3's header files.
>
>>> Is that a Python version that you compiled yourself?
>>
>> No I installed it with pip install python2.7
>
> I'd never have thought of trying that -- but still: did that download binary
> blobs or did it invoke the C compiler?

Sorry I mistyped - it wasn't pip it was yum.

> If the latter, and pip isn't smart
> enough to get the sqlite3 headers you need to install them by hand before
> letting pip do its magic.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Peter Otten 
Larry Martell wrote:

>> On linux the system sqlite3 is used.
> 
> I tried building and installing sqlite from source and that did not
> solve the problem.

You misunderstood: the problem is not sqlite3 it's that python needs 
sqlite3's header files.

>> Is that a Python version that you compiled yourself?
> 
> No I installed it with pip install python2.7

I'd never have thought of trying that -- but still: did that download binary 
blobs or did it invoke the C compiler? If the latter, and pip isn't smart 
enough to get the sqlite3 headers you need to install them by hand before 
letting pip do its magic. 


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 9:55 AM, Peter Otten <__pete...@web.de> wrote:
> Larry Martell wrote:
>
>> On Thu, Jun 15, 2017 at 8:56 AM, Mark Summerfield via Python-list
>>  wrote:
>>> On Thursday, June 15, 2017 at 1:47:00 PM UTC+1, larry@gmail.com
>>> wrote:
 I am trying to use sqlite

 $ python2.7
 Python 2.7.10 (default, Feb 22 2016, 12:13:36)
 [GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
 Type "help", "copyright", "credits" or "license" for more information.
 >>> import _sqlite3
 Traceback (most recent call last):
   File "", line 1, in 
 ImportError: No module named _sqlite3

 It's there at:
 /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/_sqlite3.so but
 that is not in my path.

 I tried adding /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/
 to my path and then it fails with:

 ImportError: libpython2.7.so.1.0: cannot open shared object file: No
 such file or directory

 Isn't sqlite part of the standard lib? Shouldn't this just work?
>
> On linux the system sqlite3 is used.

I tried building and installing sqlite from source and that did not
solve the problem.

>
>>>
>>> Try:
>>>
>> import sqlite3 # no leading underscore
>>
>> import sqlite3
>> Traceback (most recent call last):
>>   File "", line 1, in 
>>   File "/usr/local/lib/python2.7/sqlite3/__init__.py", line 24, in
>>   
>> from dbapi2 import *
>>   File "/usr/local/lib/python2.7/sqlite3/dbapi2.py", line 28, in 
>> from _sqlite3 import *
>> ImportError: No module named _sqlite3
>
> Is that a Python version that you compiled yourself?

No I installed it with pip install python2.7

> When the compilation
> finishes you get a list of missing modules. Usually the problem are missing
> header files. On Debian you can install the corressponding xxx-dev packages,
> e. g.
>
> $ sudo apt-get install libsqlite3-dev
>
> for libsqlite3. I don't know what the Redhat equivalent is.
>
> PS: There may also be a command like
>
> $ sudo apt-get build-dep python2.7
>
> to install all build dependencies for the system Python which tend to be the
> same as that for a custom Python version.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Chris Angelico 
On Fri, Jun 16, 2017 at 12:00 AM, alister  wrote:
> On Thu, 15 Jun 2017 22:27:40 +1000, Chris Angelico wrote:
>
>> On Thu, Jun 15, 2017 at 9:47 PM, Rhodri James 
>> wrote:
 1) It is not secure. Check this out:
 https://stackoverflow.com/questions/1906927/xml-
> vulnerabilities#1907500
>>> XML and JSON share the vulnerabilities that come from having to parse
>>> untrusted external input.  XML then has some extra since it has extra
>>> flexibility, like being able to specify external resources (potential
>>> attack vectors) or entity substitution.  If you don't need the extra
>>> flexibility, feel free to use JSON, but don't for one moment think that
>>> makes you inherently safe.
>>
>> Not sure what you mean about parsing untrusted external input. Suppose
>> you build a web server that receives POST data formatted either JSON or
>> XML. You take a puddle of bytes, and then proceed to decode them.
>
> Where it "Could" be a security issue is in Javascript.
>
> Json is designed to be legal Javascript code & therefore directly
> executable so no parser is posible.
>

"no parser is possible"???

https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse

If you're stupid enough to eval JSON instead of using JSON.parse(),
you deserve all you get. That's not a fault with JSON.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread alister 
On Thu, 15 Jun 2017 22:27:40 +1000, Chris Angelico wrote:

> On Thu, Jun 15, 2017 at 9:47 PM, Rhodri James 
> wrote:
>>> 1) It is not secure. Check this out:
>>> https://stackoverflow.com/questions/1906927/xml-
vulnerabilities#1907500
>> XML and JSON share the vulnerabilities that come from having to parse
>> untrusted external input.  XML then has some extra since it has extra
>> flexibility, like being able to specify external resources (potential
>> attack vectors) or entity substitution.  If you don't need the extra
>> flexibility, feel free to use JSON, but don't for one moment think that
>> makes you inherently safe.
> 
> Not sure what you mean about parsing untrusted external input. Suppose
> you build a web server that receives POST data formatted either JSON or
> XML. You take a puddle of bytes, and then proceed to decode them.

Where it "Could" be a security issue is in Javascript.

Json is designed to be legal Javascript code & therefore directly 
executable so no parser is posible.

if a malicious site presented JavaScript code as a Json response it could 
expose the user.

hopefully no python programmer is stupid enough to simply "exec" and data 
they received (whether json XML or JBCCF* )

*JBCC: Joe Blogs Custom Crap Format


-- 
 dunham: You know how real numbers are constructed from rational
 numbers by equivalence classes of convergent sequences?
 marcus: yes.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Bug or intended behavior?

2017-06-15 Thread Chris Angelico 
On Thu, Jun 15, 2017 at 11:37 PM, bob gailer  wrote:
> Slight OT digression: The language that is best for me is APL in which there
> is no operator precedence to worry about. Execution is strictly
> right-to-left. () are used when the order of evaluation needs to be altered.
> I recall one person telling me that "right-to-left" was not natural. He
> preferred "left-to-right" as in FORTRAN. So I considered the FORTRAN
> statement A = B + C * D. Turns out that A * B happens first, then C + then A
> =. Sure looks right-to-left to me!

Did you learn about the basic algebraic order of operations in grade
school? Multiplication happens before addition. Sane programming
languages respect this.

(Not counting those that don't use infix operators. Prefix or postfix
operators follow different rules.)

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Peter Otten 
Larry Martell wrote:

> On Thu, Jun 15, 2017 at 8:56 AM, Mark Summerfield via Python-list
>  wrote:
>> On Thursday, June 15, 2017 at 1:47:00 PM UTC+1, larry@gmail.com
>> wrote:
>>> I am trying to use sqlite
>>>
>>> $ python2.7
>>> Python 2.7.10 (default, Feb 22 2016, 12:13:36)
>>> [GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
>>> Type "help", "copyright", "credits" or "license" for more information.
>>> >>> import _sqlite3
>>> Traceback (most recent call last):
>>>   File "", line 1, in 
>>> ImportError: No module named _sqlite3
>>>
>>> It's there at:
>>> /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/_sqlite3.so but
>>> that is not in my path.
>>>
>>> I tried adding /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/
>>> to my path and then it fails with:
>>>
>>> ImportError: libpython2.7.so.1.0: cannot open shared object file: No
>>> such file or directory
>>>
>>> Isn't sqlite part of the standard lib? Shouldn't this just work?

On linux the system sqlite3 is used.

>>
>> Try:
>>
> import sqlite3 # no leading underscore
> 
> import sqlite3
> Traceback (most recent call last):
>   File "", line 1, in 
>   File "/usr/local/lib/python2.7/sqlite3/__init__.py", line 24, in
>   
> from dbapi2 import *
>   File "/usr/local/lib/python2.7/sqlite3/dbapi2.py", line 28, in 
> from _sqlite3 import *
> ImportError: No module named _sqlite3

Is that a Python version that you compiled yourself? When the compilation 
finishes you get a list of missing modules. Usually the problem are missing 
header files. On Debian you can install the corressponding xxx-dev packages, 
e. g.

$ sudo apt-get install libsqlite3-dev

for libsqlite3. I don't know what the Redhat equivalent is. 

PS: There may also be a command like 

$ sudo apt-get build-dep python2.7

to install all build dependencies for the system Python which tend to be the 
same as that for a custom Python version.


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Bug or intended behavior?

2017-06-15 Thread bob gailer 
Sending this to docs in hopes of improving documentation of % formatting 
and operator precedence. Perhaps add "see 6:16 Operator precedence."


On 6/3/2017 5:59 PM, Sean DiZazzo wrote:

On Friday, June 2, 2017 at 10:46:03 AM UTC-7, bob gailer wrote:

On 6/2/2017 1:28 PM, Jussi Piitulainen wrote:

sean.diza...@gmail.com writes:


Can someone please explain this to me?  Thanks in advance!

~Sean


Python 2.7.13 (v2.7.13:a06454b1afa1, Dec 17 2016, 12:39:47)
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)] on darwin
Type "help", "copyright", "credits" or "license" for more information.

print "foo %s" % 1-2

Traceback (most recent call last):
File "", line 1, in 
TypeError: unsupported operand type(s) for -: 'str' and 'int'

The per cent operator has precedence over minus. Spacing is not
relevant. Use parentheses.


In other words "foo %s" % 1 is executed, giving "1". Then "1"-2 is
attempted giving the error.
Also: If there is more than one conversion specifier the right argument
to % must be a tuple.
I usually write a tuple even if there is only one conversion specifier -
that avoids the problem
you encountered and makes it easy to add more values when you add more
conversion specifiers.

print "foo %s" % (1-2,)

Bob Gailer

I get what it's doing, it just doesn't make much sense to me.  Looking at 
operator precedence, I only see the % operator in regards to modulus.  Nothing 
in regards to string formatting.  Is it just a side effect of the % being 
overloaded in strings?   Or is it intentional that it's higher precedence...and 
why?
The documentation is unfortunately flawed. If you look at the .chm file 
in the docs folder under the python installation 
(c:\python35\docs\python351.chm as an example, and enter % in the index, 
you will see:

%
  operator
% formatting
% interpolation
note that modulo is missing!

double-click operator to see the numeric operator
double-click % formatting to see the string "unique built-in operation" 
aka interpolation.

See under section 6:16 Operator precedence:
  "[5] The % operator is also used for string formatting; the same 
precedence applies."


Maybe I'm making too big a deal of it.  It just doesn't 'feel' right to me.

Unfortunately "feel" is not a good guide to understanding programming 
languages.

COBOL and Assembler use MOVE when it is actually COPY!

Slight OT digression: The language that is best for me is APL in which 
there is no operator precedence to worry about. Execution is strictly 
right-to-left. () are used when the order of evaluation needs to be 
altered. I recall one person telling me that "right-to-left" was not 
natural. He preferred "left-to-right" as in FORTRAN. So I considered the 
FORTRAN statement A = B + C * D. Turns out that A * B happens first, 
then C + then A =. Sure looks right-to-left to me!

--
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
On Thu, Jun 15, 2017 at 8:56 AM, Mark Summerfield via Python-list
 wrote:
> On Thursday, June 15, 2017 at 1:47:00 PM UTC+1, larry@gmail.com wrote:
>> I am trying to use sqlite
>>
>> $ python2.7
>> Python 2.7.10 (default, Feb 22 2016, 12:13:36)
>> [GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
>> Type "help", "copyright", "credits" or "license" for more information.
>> >>> import _sqlite3
>> Traceback (most recent call last):
>>   File "", line 1, in 
>> ImportError: No module named _sqlite3
>>
>> It's there at: 
>> /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/_sqlite3.so
>> but that is not in my path.
>>
>> I tried adding /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/
>> to my path and then it fails with:
>>
>> ImportError: libpython2.7.so.1.0: cannot open shared object file: No
>> such file or directory
>>
>> Isn't sqlite part of the standard lib? Shouldn't this just work?
>
> Try:
>
 import sqlite3 # no leading underscore

import sqlite3
Traceback (most recent call last):
  File "", line 1, in 
  File "/usr/local/lib/python2.7/sqlite3/__init__.py", line 24, in 
from dbapi2 import *
  File "/usr/local/lib/python2.7/sqlite3/dbapi2.py", line 28, in 
from _sqlite3 import *
ImportError: No module named _sqlite3
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [gettext] How to change language at run-time

2017-06-15 Thread Peter Otten 
pozz wrote:

> I know I can load multiple gettext.translation:
> 
>it = gettext.translation('test', localedir="locale", languages=["it"])
>es = gettext.translation('test', localedir="locale", languages=["es"])
> 
> and install one translation at run-time when I want at a later time
> (when the user selects a new language):
> 
>it.install()
> or
>es.install()
> 
> 
> However the problem is that strings already translated are not
> translated again when a new translation is installed.  So they stay at
> the language selected during start-up and don't change after a new
> install().
> 
> One solution is to restart the application, but I think there's a better
> and more elegant solution.

You need a way to defer the translation until the string is actually used.
The documentation has a few ideas

https://docs.python.org/dev/library/gettext.html#deferred-translations

and here's another one -- perform the translation in the __str__ method of
a custom class:

import gettext

class DeferredTranslation:
def __init__(self, message):
self.message = message
def __str__(self):
translate = _
if translate is DeferredTranslation:
return self.message
return translate(self.message)
@classmethod
def install(class_):
import builtins
builtins._ = class_

DeferredTranslation.install()

message = _("Hello, world!")
print(message)

it = gettext.translation("test", localedir="locale", languages=["it"])
es = gettext.translation("test", localedir="locale", languages=["es"]) 

for language in [it, es]:
language.install()
print(message)


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite in 2.7 on redhat 6

2017-06-15 Thread Mark Summerfield via Python-list 
On Thursday, June 15, 2017 at 1:47:00 PM UTC+1, larry@gmail.com wrote:
> I am trying to use sqlite
> 
> $ python2.7
> Python 2.7.10 (default, Feb 22 2016, 12:13:36)
> [GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
> Type "help", "copyright", "credits" or "license" for more information.
> >>> import _sqlite3
> Traceback (most recent call last):
>   File "", line 1, in 
> ImportError: No module named _sqlite3
> 
> It's there at: 
> /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/_sqlite3.so
> but that is not in my path.
> 
> I tried adding /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/
> to my path and then it fails with:
> 
> ImportError: libpython2.7.so.1.0: cannot open shared object file: No
> such file or directory
> 
> Isn't sqlite part of the standard lib? Shouldn't this just work?

Try:

>>> import sqlite3 # no leading underscore
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: data structure

2017-06-15 Thread Andrew Zyman 
Paul
 Thank you. In my case all "members" of a data structure are classes
(except of the id). I showed the classes to highlight the requirement to
access their methods as vs simple data types.
I think dict of lists should work.
Ideally , I hoped to access by name ( vs index), but list will do for now.
Thank you.


On 15 Jun 2017 03:07, "Paul Barry"  wrote:

> Hi Andrew.
>
> You start by talking about a data structure, then show code that uses
> "class".  Not everything in Python needs to be in a class.
>
> I'd look at using a simple Dictionary of lists, indexed on your ID.  A
> list can contain anything, so you can add your objects in there dynamically
> as needed.  If you need to refer to the objects by name, use a dictionary
> of dictionaries.
>
> Examples:
>
> # Dict of lists.
>
> >>> my_objects = {}
> >>> my_objects['id1'] = []
> >>> my_objects
> {'id1': []}
> >>> my_objects['id2'] = []
> >>> my_objects
> {'id1': [], 'id2': []}
> >>> my_objects['id3'] = []
> >>> my_objects
> {'id1': [], 'id2': [], 'id3': []}
> >>> my_objects['id2'].append('some data, but could be anything')
> >>> my_objects
> {'id1': [], 'id2': ['some data, but could be anything'], 'id3': []}
> >>> my_objects['id2'][0]
> 'some data, but could be anything'
>
> # Dict of dicts.
>
> >>> my_objects2 = {}
> >>> my_objects2['id1'] = {}
> >>> my_objects2['id2'] = {}
> >>> my_objects2['id3'] = {}
> >>> my_objects2
> {'id1': {}, 'id2': {}, 'id3': {}}
> >>> my_objects2['id2']['new_key'] = 'some data, but could be anything'
> >>> my_objects2
> {'id1': {}, 'id2': {'new_key': 'some data, but could be anything'}, 'id3':
> {}}
> >>> my_objects2['id2']['new_key']
> 'some data, but could be anything'
>
> I think if you concentrate on manipulating your data as opposed to trying
> to write code which manipulates it, you might be better off.
>
> I hope this helps.
>
> Regards.
>
> Paul.
>
>
>
>
>
> On 15 June 2017 at 02:36, Andrew Zyman  wrote:
>
>> Hello,
>>  i wonder what would be a proper data structure for something with the
>> following characteristics:
>>
>> id - number,
>> obj[a..c] - objects of various classes
>>
>> the idea is to be able to update certain fields of these objects initially
>> getting access to the record by ID
>>
>> something like this ( not working )
>>
>> ### code start
>>
>> class ClassA(object):
>> a = ''
>> b = ''
>> def __init__(self):
>> a= 'aa'
>> b= 'ab'
>>
>> class ClassB(object):
>> def __init__(self):
>> self.c = 'ba'
>> self.d = 'bb'
>>
>> def main():
>> obja = ClassA
>> objb = ClassB
>>
>> sets = set(obja, objb)
>> contracts[1] = sets
>>
>> print('Sets ', contracts)
>>
>> # with the logic like ( not working too)
>> if obja.a = 'aa':
>> contracts[1].obja.a = 'ABC'
>>
>>
>>  if __name__ == '__main__':
>> main()
>>
>>
>> ### code end
>>
>> appreciate your guidance
>> --
>> https://mail.python.org/mailman/listinfo/python-list
>>
>
>
>
> --
> Paul Barry, t: @barrypj  - w:
> http://paulbarry.itcarlow.ie - e: paul.ba...@itcarlow.ie
> Lecturer, Computer Networking: Institute of Technology, Carlow, Ireland.
>
-- 
https://mail.python.org/mailman/listinfo/python-list

sqlite in 2.7 on redhat 6

2017-06-15 Thread Larry Martell 
I am trying to use sqlite

$ python2.7
Python 2.7.10 (default, Feb 22 2016, 12:13:36)
[GCC 4.4.7 20120313 (Red Hat 4.4.7-16)] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> import _sqlite3
Traceback (most recent call last):
  File "", line 1, in 
ImportError: No module named _sqlite3

It's there at: /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/_sqlite3.so
but that is not in my path.

I tried adding /opt/rh/python27/root/usr/lib64/python2.7/lib-dynload/
to my path and then it fails with:

ImportError: libpython2.7.so.1.0: cannot open shared object file: No
such file or directory

Isn't sqlite part of the standard lib? Shouldn't this just work?
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Chris Angelico 
On Thu, Jun 15, 2017 at 9:47 PM, Rhodri James  wrote:
>> 1) It is not secure. Check this out:
>> https://stackoverflow.com/questions/1906927/xml-vulnerabilities#1907500
> XML and JSON share the vulnerabilities that come from having to parse
> untrusted external input.  XML then has some extra since it has extra
> flexibility, like being able to specify external resources (potential attack
> vectors) or entity substitution.  If you don't need the extra flexibility,
> feel free to use JSON, but don't for one moment think that makes you
> inherently safe.

Not sure what you mean about parsing untrusted external input. Suppose
you build a web server that receives POST data formatted either JSON
or XML. You take a puddle of bytes, and then proceed to decode them.
Let's say you also decree that it can't be more than 1MB of content
(if it's more than that, you reject it without parsing). Okay. What
vulnerabilities are there in JSON? You could have half a million open
brackets followed by half a million close brackets, but that quickly
terminates Python's parser with a recursion trap. You can segfault
Python if you sys.setrecursionlimit() too high, but that's your fault,
not JSON's. Within the 1MB limit, this is the most memory I can
imagine using:

>>> data = b"[" + b"{}," * 349524 + b"{}]"

That expands to 349525 empty objects, represented in Python with
dictionaries, at 288 bytes apiece (using the Python 3.5 size, before
the new compact representation cut that to 240 bytes). Add in the
surrounding list, all 3012904 bytes of it, and the original 1MB input
has expanded to 103,676,104 bytes. That's a hundred-to-one expansion -
significant, but hardly the worst thing an attacker can do. In the SO
link above, a demo is given where a 200KB XML payload expands to >2GB,
for a more than 10K-to-one expansion. "Inherently safe"? At very
least, far FAR safer. Then there are two XML attacks involving
external resource access. JSON fundamentally cannot do that, ergo you
are inherently safe. And the final attack involves recursion. JSON
also fundamentally cannot represent any form of recursion.

Winner: JSON, with 3.5 points to XML's 0.5, and that's being generous
enough to give each of them half a point for the payload expansion
attack.

Got any other attacks against JSON? Bear in mind, you have to attack
the format itself, not a buggy parser implementation (which can be
corrected in a bugfix release without hassles).

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: API Help

2017-06-15 Thread Bradley Cooper 
On Wednesday, June 14, 2017 at 6:10:55 PM UTC-4, Andre Müller wrote:
> Am 14.06.2017 um 22:33 schrieb Bradley Cooper:
> > I am working with an API and I get a return response in this format.
> >
> >  
> > [{"itemNumber":"75-5044","inventory":[{"warehouseCode":"UT-1-US","quantityAvailable":0.0},{"warehouseCode":"KY-1-US","quantityAvailable":0.0},{"warehouseCode":"TX-1-US","quantityAvailable":14.0},{"warehouseCode":"CA-1-US","quantityAvailable":4.0},{"warehouseCode":"AB-1-CA","quantityAvailable":1.0},{"warehouseCode":"WA-1-US","quantityAvailable":0.0},{"warehouseCode":"PO-1-CA","quantityAvailable":0.0}]}]
> >
> > What is the best way to read through the data?
> >
> 
> Your data looks like Json.
> First use the _json_ module to convert the _string_ into a _Python data
> structure_.
> Then you can iterate over it. My example is a nested loop. Maybe
> you've more than one element inside the list.
> 
> 
> import json
> 
> # the string looks like json
> JSON_DATA = """[
> {"itemNumber":"75-5044","inventory": [
> {"warehouseCode":"UT-1-US","quantityAvailable":0.0},
> {"warehouseCode":"KY-1-US","quantityAvailable":0.0},
> {"warehouseCode":"TX-1-US","quantityAvailable":14.0},
> {"warehouseCode":"CA-1-US","quantityAvailable":4.0},
> {"warehouseCode":"AB-1-CA","quantityAvailable":1.0},
> {"warehouseCode":"WA-1-US","quantityAvailable":0.0},
> {"warehouseCode":"PO-1-CA","quantityAvailable":0.0}
> ]
> }
> ]"""
> 
> 
> # converting the json string to a Python data structure
> inventory = json.loads(JSON_DATA)
> 
> # representation in Python
> #[{'inventory': [{'quantityAvailable': 0.0, 'warehouseCode': 'UT-1-US'},
>#{'quantityAvailable': 0.0, 'warehouseCode': 'KY-1-US'},
>#{'quantityAvailable': 14.0, 'warehouseCode': 'TX-1-US'},
>#{'quantityAvailable': 4.0, 'warehouseCode': 'CA-1-US'},
>#{'quantityAvailable': 1.0, 'warehouseCode': 'AB-1-CA'},
>#{'quantityAvailable': 0.0, 'warehouseCode': 'WA-1-US'},
>#{'quantityAvailable': 0.0, 'warehouseCode': 'PO-1-CA'}],
>   #'itemNumber': '75-5044'}]
> 
> 
> # the interesting part
> for items in inventory:
> # get the elements in from the list
> # the elements are dicts, in this case exactly one dict
> print('itemNumber:', i['itemNumber'])
> # nested loop iterating over the values of the key 'inventory'
> for item in items['inventory']:
> # the value is dict
> code, qty = item['warehouseCode'],item['quantityAvailable']
> print('warehouseCode:', code, 'quantityAvailable', qty)
> 
> 
> # Output
> #itemNumber: 75-5044
> #warehouseCode: UT-1-US quantityAvailable 0.0
> #warehouseCode: KY-1-US quantityAvailable 0.0
> #warehouseCode: TX-1-US quantityAvailable 14.0
> #warehouseCode: CA-1-US quantityAvailable 4.0
> #warehouseCode: AB-1-CA quantityAvailable 1.0
> #warehouseCode: WA-1-US quantityAvailable 0.0
> #warehouseCode: PO-1-CA quantityAvailable 0.0
> 
> 
> Greetings
> Andre

Thanks Andre, that works I just needed to convert my return to a string 
str(DATA)
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: [OT] is JSON all that great? - was Re: API Help

2017-06-15 Thread Rhodri James 
People seem to be having fun bashing XML, so I thought I'd wade in on 
its behalf.


On 15/06/17 03:46, justin walters wrote:

There are 2 main issues with XML:

1) It is not secure. Check this out:
https://stackoverflow.com/questions/1906927/xml-vulnerabilities#1907500


XML and JSON share the vulnerabilities that come from having to parse 
untrusted external input.  XML then has some extra since it has extra 
flexibility, like being able to specify external resources (potential 
attack vectors) or entity substitution.  If you don't need the extra 
flexibility, feel free to use JSON, but don't for one moment think that 
makes you inherently safe.



2) It is large. JSON can express the same amount of information while
using much less memory. There are many reasons for this, but the simplest
is that JSON formatting requires less characters.


The simplest, but also the least true.  A better reason would be that 
JSON is a (fairly) simple representation while XML is complex.



Also, there are several formal schemas to follow. The most popular is
JSONAPI.


"The nice thing about standards is that you have so many to choose from."


JSON is also fundamentally much simpler than XML. There are strings,
numbers,
arrays, and objects. That's it. It is basically a dumbed down Python
dictionary.


In those terms, XML just has elements, attributes and character data, so 
you don't even have to worry about typing.  That's not a useful way of 
describing JSON's simplicity, though, so it's no wonder XML actually 
sounds simpler when you put it that way.


JSON is a text description of a general purpose data structure.  It's 
relatively simple, relatively easy to parse (which doesn't mean it's 
easy, I've had some stinkers of pieces of JSON to disentangle in the 
past), and maps straightforwardly to most people's data transfer needs.


XML is a text description of an annotated data structure, with 
declarative and procedural elements thrown in for extra fun.  It's 
complex, harder to parse, and doesn't have a single obvious mapping to 
most people's data transfer needs.  However when you need that extra 
flexibility, it's wonderful, and it doesn't *have* to be complex.


Of course, all this assumes you don't want the efficiency of a bespoke 
binary protocol.  Living in an embedded world, I usually do :-)


--
Rhodri James *-* Kynesim Ltd
--
https://mail.python.org/mailman/listinfo/python-list

[gettext] How to change language at run-time

2017-06-15 Thread pozz 

I know I can load multiple gettext.translation:

  it = gettext.translation('test', localedir="locale", languages=["it"])
  es = gettext.translation('test', localedir="locale", languages=["es"])

and install one translation at run-time when I want at a later time 
(when the user selects a new language):


  it.install()
or
  es.install()


However the problem is that strings already translated are not 
translated again when a new translation is installed.  So they stay at 
the language selected during start-up and don't change after a new 
install().


One solution is to restart the application, but I think there's a better 
and more elegant solution.

--
https://mail.python.org/mailman/listinfo/python-list

Ciphers in SSL Library

2017-06-15 Thread Kacy Night 
OS: Windows 7 Home Basic
Python: ver. 3.6.0

Hey, I need to use SSLv3 with RC4-SHA (0x05) (Yes I know those are
unsecured) but my client is using it and I'm writing a server from scratch
in Python. My problem is following, when I try to select cipher
 it doesn't raise any error, but when client tries to
connect with it the handshake fails because server raises error = No Shared
Cipher and when I skipped handshake and used at client  it said
that server had none, but I've selected the RC4-SHA cipher. I've tried to
modify the SSL library but it didn't change anything. I'm searching for
help with this problem for more than a week. Any help will be appreciated

PS. I'm not able to change clients Protocol or Cipher to different.

Kacper Z.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Gregory Ewing 

Chris Angelico wrote:

There've been a number of attempts, over the years, to make a
sandboxed Python interpreter, where you can run untrusted code. But if
Python came with a JS interpreter, it would be possible to run
untrusted JS code, with Python functioning as a gatekeeper.


If that would provide sufficient sandboxing, then how about
writing a Python interpreter in Python to get a sandboxed
Python?

--
Greg
--
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite3 is non-transactional??

2017-06-15 Thread Mark Summerfield via Python-list 
On Thursday, June 15, 2017 at 9:50:18 AM UTC+1, Michele Simionato wrote:
> Thanks. I suspected the culprit was executescript, but I did not see it 
> documented in 
> https://docs.python.org/3/library/sqlite3.html#connection-objects.

Although the standard library's sqlite3 module is useful, personally, I've 
switched to using APSW which I've found to be extremely reliable and gives much 
more access to SQLite functionality: https://rogerbinns.github.io/apsw/
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite3 is non-transactional??

2017-06-15 Thread Michele Simionato 
Thanks. I suspected the culprit was executescript, but I did not see it 
documented in https://docs.python.org/3/library/sqlite3.html#connection-objects.
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: sqlite3 is non-transactional??

2017-06-15 Thread Peter Otten 
Michele Simionato wrote:

> I know that CREATE queries are non-transactional in sqlite, as documented,
> but I finding something really strange in INSERT queries.
> 
> Consider this example:
> 
> $ cat example.py
> import os
> import shutil
> import sqlite3
> 
> script0 = '''\
> CREATE TABLE test (
>id SERIAL PRIMARY KEY,
>description TEXT NOT NULL);
> '''
> 
> script1 = '''\
> INSERT INTO test (id, description)
> VALUES (1, 'First');
> INSERT INTO test (id, description)
> VALUES (2, 'Second');
> '''
> 
> script2 = '''\
> INSERT INTO test (id, description)
> VALUES (1, 'Conflicting with the First');
> '''
> 
> 
> def main(test_dir):
> if os.path.exists(test_dir):
> shutil.rmtree(test_dir)
> os.mkdir(test_dir)
> path = os.path.join(test_dir, 'db.sqlite')
> conn = sqlite3.connect(path)
> conn.executescript(script0)  # this is committing implicitly
> try:
> conn.executescript(script1)  # this should not be committing
> conn.executescript(script2)  # this one has an error
> except:
> conn.rollback()
> curs = conn.execute('select * from test')
> for row in curs:  # no rows should have been inserted
> print(row)
> 
> 
> if __name__ == '__main__':
> main('/tmp/test')
> 
> I am creating the test table in script0, populating it in script1, then
> trying to insert another row with a primary key violation. I would have
> expected the rollback to remove the rows inserted in script1, since they
> are part of the same transaction. Instead they are not removed!
> 
> Can somebody share some light on this? I discover the issue while porting
> some code from PostgreSQL to sqlite3, with Postgres doing the right thing
> and sqlite failing.
> 
> I am puzzled,

executescript() is trying to be helpful...
"""
executescript(sql_script)
This is a nonstandard convenience method for executing multiple SQL 
statements at once. It issues a COMMIT statement first, then executes the 
SQL script it gets as a parameter.
"""

...and failing. When you use execute() things work as expected:

$ cat sqlite_trans_demo.py 
import os
import shutil
import sqlite3
import sys

script0 = '''\
CREATE TABLE test (
   id SERIAL PRIMARY KEY,
   description TEXT NOT NULL);
'''

script1 = '''\
INSERT INTO test (id, description)
VALUES (1, 'First');
INSERT INTO test (id, description)
VALUES (2, 'Second');
'''

script2 = '''\
INSERT INTO test (id, description)
VALUES (1, 'Conflicting with the First');
'''

def executescript(conn, script):
for sql in script.split(";"):
conn.execute(sql)

def main(test_dir):
if os.path.exists(test_dir):
shutil.rmtree(test_dir)
os.mkdir(test_dir)
path = os.path.join(test_dir, 'db.sqlite')
conn = sqlite3.connect(path)
conn.executescript(script0)  # this is committing implicitly
try:
executescript(conn, script1)  # this should not be committing
if "--conflict" in sys.argv:
executescript(conn, script2)  # this one has an error
except Exception as err:
print(err)
conn.rollback()
curs = conn.execute('select * from test')
for row in curs:  # no rows should have been inserted
print(row)


if __name__ == '__main__':
main('./tmp_sqlite')

$ python3 sqlite_trans_demo.py
(1, 'First')
(2, 'Second')
$ python3 sqlite_trans_demo.py --conflict
UNIQUE constraint failed: test.id
$ 


-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Steven D'Aprano 
On Thu, 15 Jun 2017 17:42:12 +1000, Chris Angelico wrote:


> Load up PyPyJS and run Python inside JavaScript inside Python.


I'm reminded of a demo I saw once, of a BeOS system running a classic Mac 
emulator (sheepshaver, I believe it was), then running a Windows emulator 
inside the Mac emulator.

I'd like to say it was still faster than native Windows, but that 
wouldn't be true. Nevertheless, performance was still reasonable: good 
enough to run MS Office.



-- 
Steve
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Chris Angelico 
On Thu, Jun 15, 2017 at 5:14 PM, Steven D'Aprano  wrote:
> Now that Java 8 includes a Javascript interpreter (Nashorn) as part of
> the JDK, and since Javascript is The Future™, does Python need a
> Javascript interpreter in the standard library?
>
> If Python came with a Javascript interpreter, what would you do with it?

Okay, now for a serious response.

There've been a number of attempts, over the years, to make a
sandboxed Python interpreter, where you can run untrusted code. But if
Python came with a JS interpreter, it would be possible to run
untrusted JS code, with Python functioning as a gatekeeper. You could
allow JS to require("fs"), but still govern which files it reads and
writes. You could allow JS to use the fetch() function, but still pick
and choose which servers it contacts.

It'd also make a great platform for experimenting with ECMAScript
itself. Imagine if JS-in-Python had some tweakable parameters that
technically violate backward compatibility, but which you can choose
to activate from the Python end. You could, for instance:

* Make strings truly Unicode, instead of UTF-16
* Introduce an arbitrary-precision integer type
* Eliminate the 'var' keyword (just use 'let')
* Add a dictionary type that uses non-string keys
* Etcetera

And possibly most importantly, you could have a high performance data
sharing system between the Python and JS sides. A "native code"
function could accept any JSON-safe object as a parameter, and
directly access its contents (without actually serializing and
deserializing). That would allow efficient bilingual code, where
anything written in Python can be called from JS and vice versa.
Obviously this would depend on the JS objects being internally
represented as Python objects, which may have some minor semantic
differences; my suspicion is that it'd end up being similar to the way
Jython and IronPython behave.

But really, I don't think it needs to be in the standard library. A
pip-installable third-party implementation would be just as effective.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: API Help

2017-06-15 Thread Erik 

On 15/06/17 01:30, Ray Cote wrote:
On Wed, Jun 14, 2017 at 6:14 PM, Erik > wrote:

If that makes it definitely JSON, then this makes it definitely
Python ;) :

 >>>

[{"itemNumber":"75-5044","inventory":[{"warehouseCode":"UT-1-US","quantityAvailable":0.0},{"warehouseCode":"KY-1-US","quantityAvailable":0.0},{"warehouseCode":"TX-1-US","quantityAvailable":14.0},{"warehouseCode":"CA-1-US","quantityAvailable":4.0},{"warehouseCode":"AB-1-CA","quantityAvailable":1.0},{"warehouseCode":"WA-1-US","quantityAvailable":0.0},{"warehouseCode":"PO-1-CA","quantityAvailable":0.0}]}]
[{'itemNumber': '75-5044', 'inventory': [{'quantityAvailable': 0.0,
'warehouseCode': 'UT-1-US'}, {'quantityAvailable': 0.0,
'warehouseCode': 'KY-1-US'}, {'quantityAvailable': 14.0,
'warehouseCode': 'TX-1-US'}, {'quantityAvailable': 4.0,
'warehouseCode': 'CA-1-US'}, {'quantityAvailable': 1.0,
'warehouseCode': 'AB-1-CA'}, {'quantityAvailable': 0.0,
'warehouseCode': 'WA-1-US'}, {'quantityAvailable': 0.0,
'warehouseCode': 'PO-1-CA'}]}]



So, I think we're agreed that it's definitely one or the other.


Well, that is the Python output from the json.loads() call; so yes…


No, it is not. It is the output from the Python REPL when the text from 
the OP is pasted into it (*).


My point, if I really have to make it again, is that while the example 
_could_ be JSON it _could_ equally also be a Python expression. Until 
the OP says what format it is defined to be or posts an example with 
something in it that is different between JSON and Python (a boolean, 
for example) then you can't say it's *definitely* one or the other.


E.

(*) And to the various people who have responded "I don't eval() random 
strings from the internet": firstly I eyeballed it to check there was 
nothing nefarious in it before I pasted it into my interpreter; 
secondly, I don't think anyone has suggested that is how the OP should 
actually handle the data. We don't even know if what he posted was the 
content of a received string or the result of already parsing his data 
into a structure and printing it out somehow.

--
https://mail.python.org/mailman/listinfo/python-list

sqlite3 is non-transactional??

2017-06-15 Thread Michele Simionato 
I know that CREATE queries are non-transactional in sqlite, as documented, but 
I finding something really strange in INSERT queries.

Consider this example:

$ cat example.py
import os
import shutil
import sqlite3

script0 = '''\
CREATE TABLE test (
   id SERIAL PRIMARY KEY,
   description TEXT NOT NULL);
'''

script1 = '''\
INSERT INTO test (id, description)
VALUES (1, 'First');
INSERT INTO test (id, description)
VALUES (2, 'Second');
'''

script2 = '''\
INSERT INTO test (id, description)
VALUES (1, 'Conflicting with the First');
'''


def main(test_dir):
if os.path.exists(test_dir):
shutil.rmtree(test_dir)
os.mkdir(test_dir)
path = os.path.join(test_dir, 'db.sqlite')
conn = sqlite3.connect(path)
conn.executescript(script0)  # this is committing implicitly
try:
conn.executescript(script1)  # this should not be committing
conn.executescript(script2)  # this one has an error
except:
conn.rollback()
curs = conn.execute('select * from test')
for row in curs:  # no rows should have been inserted
print(row)


if __name__ == '__main__':
main('/tmp/test')

I am creating the test table in script0, populating it in script1, then trying 
to insert another row with a primary key violation. I would have expected the 
rollback to remove the rows inserted in script1, since they are part of the 
same transaction. Instead they are not removed!

Can somebody share some light on this? I discover the issue while porting some 
code from PostgreSQL to sqlite3, with Postgres doing the right thing and sqlite
failing.

I am puzzled,

 Michele Simionato
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Paul Barry 
Life is too short... 😉

On 15 Jun 2017 08:17, "Steven D'Aprano"  wrote:

Now that Java 8 includes a Javascript interpreter (Nashorn) as part of
the JDK, and since Javascript is The Future™, does Python need a
Javascript interpreter in the standard library?

If Python came with a Javascript interpreter, what would you do with it?



(Serious question, but humorous answers accepted too.)




--
Steve
--
https://mail.python.org/mailman/listinfo/python-list
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: Does Python need Javascript?

2017-06-15 Thread Chris Angelico 
On Thu, Jun 15, 2017 at 5:14 PM, Steven D'Aprano  wrote:
> Now that Java 8 includes a Javascript interpreter (Nashorn) as part of
> the JDK, and since Javascript is The Future™, does Python need a
> Javascript interpreter in the standard library?
>
> If Python came with a Javascript interpreter, what would you do with it?
>
>
>
> (Serious question, but humorous answers accepted too.)

Load up PyPyJS and run Python inside JavaScript inside Python.

Just because.

ChrisA
-- 
https://mail.python.org/mailman/listinfo/python-list

Does Python need Javascript?

2017-06-15 Thread Steven D'Aprano 
Now that Java 8 includes a Javascript interpreter (Nashorn) as part of 
the JDK, and since Javascript is The Future™, does Python need a 
Javascript interpreter in the standard library?

If Python came with a Javascript interpreter, what would you do with it?



(Serious question, but humorous answers accepted too.)




-- 
Steve
-- 
https://mail.python.org/mailman/listinfo/python-list

Re: data structure

2017-06-15 Thread Paul Barry 
Hi Andrew.

You start by talking about a data structure, then show code that uses
"class".  Not everything in Python needs to be in a class.

I'd look at using a simple Dictionary of lists, indexed on your ID.  A list
can contain anything, so you can add your objects in there dynamically as
needed.  If you need to refer to the objects by name, use a dictionary of
dictionaries.

Examples:

# Dict of lists.

>>> my_objects = {}
>>> my_objects['id1'] = []
>>> my_objects
{'id1': []}
>>> my_objects['id2'] = []
>>> my_objects
{'id1': [], 'id2': []}
>>> my_objects['id3'] = []
>>> my_objects
{'id1': [], 'id2': [], 'id3': []}
>>> my_objects['id2'].append('some data, but could be anything')
>>> my_objects
{'id1': [], 'id2': ['some data, but could be anything'], 'id3': []}
>>> my_objects['id2'][0]
'some data, but could be anything'

# Dict of dicts.

>>> my_objects2 = {}
>>> my_objects2['id1'] = {}
>>> my_objects2['id2'] = {}
>>> my_objects2['id3'] = {}
>>> my_objects2
{'id1': {}, 'id2': {}, 'id3': {}}
>>> my_objects2['id2']['new_key'] = 'some data, but could be anything'
>>> my_objects2
{'id1': {}, 'id2': {'new_key': 'some data, but could be anything'}, 'id3':
{}}
>>> my_objects2['id2']['new_key']
'some data, but could be anything'

I think if you concentrate on manipulating your data as opposed to trying
to write code which manipulates it, you might be better off.

I hope this helps.

Regards.

Paul.





On 15 June 2017 at 02:36, Andrew Zyman  wrote:

> Hello,
>  i wonder what would be a proper data structure for something with the
> following characteristics:
>
> id - number,
> obj[a..c] - objects of various classes
>
> the idea is to be able to update certain fields of these objects initially
> getting access to the record by ID
>
> something like this ( not working )
>
> ### code start
>
> class ClassA(object):
> a = ''
> b = ''
> def __init__(self):
> a= 'aa'
> b= 'ab'
>
> class ClassB(object):
> def __init__(self):
> self.c = 'ba'
> self.d = 'bb'
>
> def main():
> obja = ClassA
> objb = ClassB
>
> sets = set(obja, objb)
> contracts[1] = sets
>
> print('Sets ', contracts)
>
> # with the logic like ( not working too)
> if obja.a = 'aa':
> contracts[1].obja.a = 'ABC'
>
>
>  if __name__ == '__main__':
> main()
>
>
> ### code end
>
> appreciate your guidance
> --
> https://mail.python.org/mailman/listinfo/python-list
>



-- 
Paul Barry, t: @barrypj  - w:
http://paulbarry.itcarlow.ie - e: paul.ba...@itcarlow.ie
Lecturer, Computer Networking: Institute of Technology, Carlow, Ireland.
-- 
https://mail.python.org/mailman/listinfo/python-list