On 6/24/07, Paul Moore <[EMAIL PROTECTED]> wrote:
> Count me as +0 on allowing a.b, and -1 on allowing a.b
> unless b contains leading underscores.
FWIW, I do want to allow a.b, because it means I can more easily pass
locals(), instead of creating a one-use near-boilerplate dictionary,
such as
{"
Georg Brandl wrote:
> Another question w.r.t. new string formatting:
>
> Assuming the %-operator for strings goes away as you said in the recent blog
> post, how are we going to convert string formatting (which I daresay is a very
> common operation in Python modules) in the 2to3 tool?
>
> Of cou
On 24/06/07, Paul Moore <[EMAIL PROTECTED]> wrote:
> Count me as +0 on allowing a.b, and -1 on allowing a.b unless b
> contains leading underscores.
Rereading that, the second part didn't make sense. Assuming a.b is
allowed, I'm -1 on putting restrictions on b, specifically on not
allowing it to s
On 24/06/07, Brett Cannon <[EMAIL PROTECTED]> wrote:
> On 6/20/07, Greg Falcon <[EMAIL PROTECTED]> wrote:
> > This sounds exactly right to me. I don't have strong feelings either
> > way about attribute lookups in formatting strings, or the security
> > problems they raise. But while it seems a r
On 6/20/07, Greg Falcon <[EMAIL PROTECTED]> wrote:
> On 6/19/07, Chris McDonough <[EMAIL PROTECTED]> wrote:
> > Given that security is a concern at all, the only truly reasonable
> > way to "limit security issues" is to disallow item and attribute
> > access completely within the string templating
I haven't responded to this thread because I was hoping some of the
original proponents of the feature would come out to defend it.
(Remember, 3101 is a synthesis of a lot of people's ideas gleaned from
many forum postings - In some cases I am willing to defend particular
aspects of the PEP, an
On 6/19/07, Chris McDonough <[EMAIL PROTECTED]> wrote:
> Given that security is a concern at all, the only truly reasonable
> way to "limit security issues" is to disallow item and attribute
> access completely within the string templating expression syntax. It
> seems gratuituous to me to encoura
On Tue, Jun 19, 2007 at 08:20:25AM -0700, Guido van Rossum wrote:
> Those are valid concerns. I'm cross-posting this to the python-3000
> list in the hope that the PEP's author and defendents can respond. I'm
> sure we can work something out.
Thanks to raise this. It is horrible enough that I feel
Those are valid concerns. I'm cross-posting this to the python-3000
list in the hope that the PEP's author and defendents can respond. I'm
sure we can work something out.
Please keep further discussion on the python-3000@python.org list.
--Guido
On 6/19/07, Chris McDonough <[EMAIL PROTECTED]> wr
