[issue39498] Signpost security considerations in library

Change by Łukasz Langa : -- resolution: -> fixed stage: patch review -> resolved status: open -> closed ___ Python tracker ___ ___

[issue39498] Signpost security considerations in library

Łukasz Langa added the comment: New changeset fcbe8c63d78b5dd59470b5808d898b87d8ba0350 by Miss Islington (bot) in branch '3.9': bpo-39498 Start linking the security warnings in the stdlib modules (GH-18272) (GH-27699)

[issue39498] Signpost security considerations in library

miss-islington added the comment: New changeset d657da8155cc9611b901ea052f3eac28f99122b4 by Miss Islington (bot) in branch '3.10': bpo-39498 Start linking the security warnings in the stdlib modules (GH-18272) https://github.com/python/cpython/commit/d657da8155cc9611b901ea052f3eac28f99122b4

[issue39498] Signpost security considerations in library

Change by miss-islington : -- pull_requests: +26185 pull_request: https://github.com/python/cpython/pull/27699 ___ Python tracker ___

[issue39498] Signpost security considerations in library

Change by miss-islington : -- nosy: +miss-islington nosy_count: 7.0 -> 8.0 pull_requests: +26182 pull_request: https://github.com/python/cpython/pull/27696 ___ Python tracker

[issue39498] Signpost security considerations in library

Łukasz Langa added the comment: New changeset c5c5326d4799fe4ae566aff32ed3461af95859cc by Anthony Shaw in branch 'main': bpo-39498 Start linking the security warnings in the stdlib modules (GH-18272) https://github.com/python/cpython/commit/c5c5326d4799fe4ae566aff32ed3461af95859cc

[issue39498] Signpost security considerations in library

Christian Heimes added the comment: There are more features that should have security considerations, e.g. builtin functions like eval and exec. -- ___ Python tracker ___

[issue39498] Signpost security considerations in library

Christian Heimes added the comment: +1 -- nosy: +christian.heimes ___ Python tracker ___ ___ Python-bugs-list mailing list

[issue39498] Signpost security considerations in library

Éric Araujo added the comment: I think that we could make this easier with a custom directive that’s rendered into the appropriate markup during build and auto-generates the index page with links to all links. No error-prone manual update needed! -- nosy: +eric.araujo

[issue39498] Signpost security considerations in library

Carol Willing added the comment: I agree that a helpful entry in the index would be a nice addition. Christian would be the person to start with since he probably has ideas what would be useful too. -- nosy: +willingc ___ Python tracker

[issue39498] Signpost security considerations in library

Julien Palard added the comment: Asked on gh: > this is a "security guidance for standard library modules" index? (I'm not sure to understand the question exactly) I think it could be usefull from a reviewer point of view to have such index so he can iterate over it and check point by

[issue39498] Signpost security considerations in library

Change by anthony shaw : -- keywords: +patch pull_requests: +17647 stage: -> patch review pull_request: https://github.com/python/cpython/pull/18272 ___ Python tracker ___

[issue39498] Signpost security considerations in library

New submission from anthony shaw : Within the documentation, there are some really important security considerations for standard library modules. e.g. subprocess, ssl, pickle, xml. There is currently no "index" of these, so you have to go hunting for them. They're easter eggs within the