“Stat calls in the import system were optimized in importlib a while back”
Yes, I’m aware of that, which is why I don’t have any specific suggestions
off-hand. But given the differences in file systems between Windows and other
OSs, it wouldn’t surprise me if there were a more optimal approach f
I consider that it is a security vulneraibility and so should be fixed in
all supported branches including 3.3 and 3.4.
If someone is blocked for a legit usecase, an old Python version can be
used until we decide how to handle it.
I concur with you, I don't think that anyone uses filenames contai
On Sat, Jul 22, 2017 at 7:10 PM, Giampaolo Rodola'
wrote:
>
>
> On Sat, Jul 22, 2017 at 6:38 PM, Victor Stinner
> wrote:
>
>> Le 22 juil. 2017 8:04 AM, "Serhiy Storchaka" a
>> écrit :
>>
>> I think the only reliable way of fixing the vulnerability is rejecting or
>> escaping (as specified in RF
On Sat, Jul 22, 2017, 07:22 Steve Dower, wrote:
> I believe the trend is due to language like Python and Node.js, most of
> which aggressively discourage threading (more from the broader community
> than the core languages, but I see a lot of apps using these now), and also
> the higher reliabili
On Sat, Jul 22, 2017 at 6:38 PM, Victor Stinner
wrote:
> Le 22 juil. 2017 8:04 AM, "Serhiy Storchaka" a
> écrit :
>
> I think the only reliable way of fixing the vulnerability is rejecting or
> escaping (as specified in RFC 2640) CR and LF inside sent lines. Adding the
> support of RFC 2640 is a
Le 22 juil. 2017 8:04 AM, "Serhiy Storchaka" a écrit :
I think the only reliable way of fixing the vulnerability is rejecting or
escaping (as specified in RFC 2640) CR and LF inside sent lines. Adding the
support of RFC 2640 is a new feature and can be added only in 3.7. And this
feature should b
I believe the trend is due to language like Python and Node.js, most of which
aggressively discourage threading (more from the broader community than the
core languages, but I see a lot of apps using these now), and also the higher
reliability afforded by out-of-process tasks (that is, one crash
> -Original Message-
> From: Python-Dev [mailto:python-dev-bounces+tritium-
> list=sdamon@python.org] On Behalf Of Paul Moore
> Sent: Saturday, July 22, 2017 4:14 AM
> To: David Mertz
> Cc: Barry Warsaw ; Python-Dev d...@python.org>
> Subject: Re: [Python-Dev] Python startup time
>
On 21 July 2017 at 23:53, David Mertz wrote:
> I would guess that Windows users don't tend to run lots of command line
> tools where startup time dominates, as *nix users do.
Well, in the sense that many Windows users don't use the command line
at all, this is true. However, startup time is a def
