Hi Adam!
On Sunday, August 26, 2018 at 4:33:31 PM UTC+2, Adam Johnson wrote:
>
> My suggestion would be to add the new keyword argument which enable the
>> new behavior and keep the attr-thing as is.
>> I could add a warning if someone uses the "old" style. It is a bit
>> suggestive though.
>
>
Le dimanche 26 août 2018 13:36:41 UTC+2, James Bennett a écrit :
>
> The only use case for pickle that I'm aware of is "I need a way to add a
> security hole to my site". So let's just get rid of it.
>
Out of memory, I think they were cases when some types were not
JSON-serializable.
Claude
-
🔥🔥🔥
On Sun, 26 Aug 2018 at 20:10, Florian Apolloner
wrote:
> Yes, lets deprecate and remove it. No 3rd party package from Django
> itself, if someone wants it, they should write one.
>
> On Sunday, August 26, 2018 at 3:57:20 PM UTC+2, Adam Johnson wrote:
>>
>> +1 to deprecate. Maybe we deprecate
Yes, lets deprecate and remove it. No 3rd party package from Django itself,
if someone wants it, they should write one.
On Sunday, August 26, 2018 at 3:57:20 PM UTC+2, Adam Johnson wrote:
>
> +1 to deprecate. Maybe we deprecate and remove it, and some user makes a
> third party package if they s
>
> My suggestion would be to add the new keyword argument which enable the
> new behavior and keep the attr-thing as is.
> I could add a warning if someone uses the "old" style. It is a bit
> suggestive though.
Whilst it's not the normal way of deprecating things in Django, I'm not
against it. W
>
> Members who are known to the security team to be maintaining codebases
>
on unsupported versions of Django will also be asked to provide
> details of how they plan to migrate to a supported version, and to
> assess whether they still require full notifiations once that
> migration is complete.
+1 to deprecate. Maybe we deprecate and remove it, and some user makes a
third party package if they so wish?
On Sun, 26 Aug 2018 at 13:36, James Bennett wrote:
> The only use case for pickle that I'm aware of is "I need a way to add a
> security hole to my site". So let's just get rid of it.
>
The only use case for pickle that I'm aware of is "I need a way to add a
security hole to my site". So let's just get rid of it.
--
You received this message because you are subscribed to the Google Groups
"Django developers (Contributions to Django itself)" group.
To unsubscribe from this grou
There's been some discussion recently amongst the Django security team
regarding the way we handle advance notifications of security isues,
and whether we ought to change that. But since the security team is a
pretty small group, we'd like to take the discussion public and get
broader input before
