qix- <i.am....@gmail.com> added the comment:
-1 This would make `better_exceptions` irreparably un-ergonomic. https://github.com/qix-/better-exceptions .PTH files are commonly used to install development middleware in order to enhance the development and debugging experience. I recognize the need for security, but could we instead focus on improving the security of the existing .PTH system instead of throwing out the baby with the bathwater? The search "pth files python virus|malicious" on Google returns this issue. Is .PTH a previously exploited vector? This is like saying NPM's `install` scripts are a vector. I'm not going to be running code that I don't at least trust a little. This issue reads like someone had a bad time with some poorly written Python code that was stuck inside a .PTH file, had to debug why it was causing a problem, and came here to cry about it (no offense, Barry). Instead of improving it, the first inclination was to remove it altogether without any regard to its use-cases or the effects it would have on some packages that rely on it. Let's improve it, not kill it. ---------- nosy: +qix- _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue33944> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
