Alex Gaynor added the comment:
Sounds good to me!
--
___
Python tracker
<http://bugs.python.org/issue29810>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
Just discussed with Christian, and we're both in favor of adding AIA chasing
support to the stdlib ssl.
--
nosy: +alex, janssen
___
Python tracker
<http://bugs.python.org/is
Changes by Alex Gaynor :
--
pull_requests: +1781
___
Python tracker
<http://bugs.python.org/issue30420>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alex Gaynor:
Currently shutil.make_archive uses os.chdir, however there's no need for that.
Everything that's done could be equally accomplished with path manipulation:
https://github.com/python/cpython/blob/master/Lib/shutil.py#L773-L779
We should switch to
Alex Gaynor added the comment:
None of those functions are a public API, so changing them shouldn't be a
problem IMO.
--
___
Python tracker
<http://bugs.python.org/is
Alex Gaynor added the comment:
Ugh, except via |register_archive_format|. |register_archive_format| could wrap
callables passed to it to maintain the current behavior.
--
___
Python tracker
<http://bugs.python.org/issue30
New submission from Alex Gaynor:
CT (https://www.certificate-transparency.org/) is starting to become a thing!
It'd be great if we exposed SCTs (whether from TLS extensions, OCSP, or
embedded in the certificate) for TLS connections. This would allow higher level
protocols to begin acti
Alex Gaynor added the comment:
Can confirm, no browsers do partial (or multiple) wildcards and the CABF rules
don't allow public CAs to issue them.
--
status: pending -> open
___
Python tracker
<https://bugs.python.org
Alex Gaynor added the comment:
(Didn't mean to update status)
--
status: open -> pending
___
Python tracker
<https://bugs.python.org/issue32819>
___
_
Change by Alex Gaynor :
--
keywords: +patch
pull_requests: +6118
___
Python tracker
<https://bugs.python.org/issue29613>
___
___
Python-bugs-list mailin
Alex Gaynor added the comment:
New changeset c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3 by Alex Gaynor in branch
'master':
bpo-29613: Added support for SameSite cookies (GH-6413)
https://github.com/python/cpython/commit/c87eb09d2e3783b0b5dc0d7cb304050cbcc86ad3
--
n
Change by Alex Gaynor :
--
resolution: -> fixed
stage: patch review -> resolved
status: open -> closed
___
Python tracker
<https://bugs.python.or
Alex Gaynor added the comment:
Good catch.
--
versions: +Python 3.8 -Python 3.7
___
Python tracker
<https://bugs.python.org/issue29613>
___
___
Python-bugs-list m
Alex Gaynor added the comment:
Berker your patch looks good to me.
Convert it to a PR and then merge?
--
nosy: +alex
___
Python tracker
<https://bugs.python.org/issue991
Alex Gaynor added the comment:
None of the above :-) I'd expect the last one, but with quoting.
You should not be able to set fields in a cookie by injection.
--
___
Python tracker
<https://bugs.python.org/iss
Alex Gaynor added the comment:
I'd be in favor of backporting this to the 2.x - encouraging reliance on the
nonsense behaviour of putting IPAddresses in DNS Names or relying on CN over
SAN is bad, and we shouldn't encourage it.
--
nosy: +A
Alex Gaynor added the comment:
If anyone has needed a workaround in the past 9 years and hasn't yet found one:
https://github.com/pyca/cryptography/pull/3968/commits/3b585f803891e750d0ca5861b5a29e16b779bc16
--
nosy: +alex
___
Python tracker
&
Change by Alex Gaynor :
--
nosy: +orsenthil
___
Python tracker
<https://bugs.python.org/issue33661>
___
___
Python-bugs-list mailing list
Unsubscribe:
Change by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<https://bugs.python.org/issue35214>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
All libraries that are linked against, including libc, need to be compiled with
MSAN. MSAN is not for the faint of heart.
--
___
Python tracker
<https://bugs.python.org/issue35
Alex Gaynor added the comment:
Attached patch should fix this issue.
--
keywords: +patch
nosy: +alex
Added file: http://bugs.python.org/file30442/issue18116.diff
___
Python tracker
<http://bugs.python.org/issue18
Alex Gaynor added the comment:
Are you sure you applied it correctly? With and without:
Alexanders-MacBook-Pro:cpython alex_gaynor$ ./python.exe x.py
What's up?
Alexanders-MacBook-Pro:cpython alex_gaynor$ hg revert --all --no-backup
reverting Lib/getpass.py
Alexanders-MacBook-Pro:cp
Alex Gaynor added the comment:
+1 on this, but it's worth noting that that fix is not 100% correct (though
it's obviously better than most existing equivilants), it's potentially wrong
with custom __getattr__, __getattribute__, descriptors.
---
New submission from Alex Gaynor:
There's a myriad of reasons it's a bad idea:
* Makes code harder to read
* Doesn't play nicely with multiple projects using gettext
* Defeats any attempt at static analysis
* etc...
--
messages: 191152
nosy: alex
priority: normal
severity
Alex Gaynor added the comment:
I'm not sure I understand the question. What `install()` does is set
`__builtins__._` to be gettext. I think people should import the gettext
function they need.
--
___
Python tracker
<http://bugs.py
Alex Gaynor added the comment:
I think the code makes what this does much clearer:
http://hg.python.org/cpython/file/01da7bf11ca1/Lib/gettext.py#l209
There's no reason you can't make your own translation object, and expose it's
gettext method as as your API, and then you
Alex Gaynor added the comment:
This is how padding works in the C ABI, not a bug.
--
nosy: +alex
resolution: -> invalid
status: open -> closed
___
Python tracker
<http://bugs.python.org/i
New submission from Alex Gaynor:
Right now it calls islink(), which does an lstat, and then does its own lstat
on the same path. This can be optimized by inlining the body of islink and
reusing the stat result.
(This has been identified as an actual issue in openstack-swift
https
Alex Gaynor added the comment:
Attached is a simple first pass at a diff against 2.7, shoudl be easy to port
it to default.
--
keywords: +patch
Added file: http://bugs.python.org/file31010/ismount.diff
___
Python tracker
<http://bugs.python.
Alex Gaynor added the comment:
Addresses the review comments: returns to catching all oserrors
--
Added file: http://bugs.python.org/file31011/ismount.diff
___
Python tracker
<http://bugs.python.org/issue18
Alex Gaynor added the comment:
Attached patch is against default. I don't have my ssh keys set up for this
machine, so if someone else could land I'd be appreciative :)
(Not sure if this qualifies for a backport)
--
Added file: http://bugs.python.org/file31012/ismou
Alex Gaynor added the comment:
I'll confirm that PyPy raises a KeyError on the format() code.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/is
Alex Gaynor added the comment:
does this show demonstrable results (in either direction) on stringbench or the
benchmarks repo?
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue18
Alex Gaynor added the comment:
The statistic that htis is *never* hit across a large python program is great
evidence that this isn't useful. +1 on removing from me.
--
___
Python tracker
<http://bugs.python.org/is
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue18756>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Alex Gaynor added the comment:
I suppose I'm one of the more qualified people to comment on how Ruby does it:
a mess of hacks in the lexer/parser. Ruby's case is complicated by the fact
that a bare `foo` can either be a local variable or a method call on self.
Consider the case `a +
Alex Gaynor added the comment:
If you could supply the source that'd be great.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue14903>
___
___
Alex Gaynor added the comment:
Your __getitem__ never returns the result of OrderedDict.__getitem__
--
nosy: +alex
resolution: -> invalid
status: open -> closed
___
Python tracker
<http://bugs.python.org/i
Alex Gaynor added the comment:
I'm perfectly happy to write a patch for this, the only reason I didn't was
Martin and others expressed opposition to committing it. If there's a
philosophicaly opposition to the patch I
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue14965>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue14972>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15001>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15061>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Alex Gaynor added the comment:
I think what you're looking for already exists:
http://docs.python.org/dev/library/stdtypes.html#int.bit_length
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/is
Alex Gaynor added the comment:
Actually, I would argue that it's concatentation of a local variable which has
unexpected performance. Logically it should be O(n**2), however due to hacks in
CPython it isn't.
--
nosy: +alex
___
Python trac
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue8847>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15540>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15551>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15568>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Alex Gaynor added the comment:
Additional detail, if and only if Foo defines an __str__ method, this raises an
exception.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15
Alex Gaynor added the comment:
Sounds like a special case of a small part of mock. Not sure that this
observation is significant though.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15806>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Alex Gaynor added the comment:
Why not just: issubclass(exctype, self.exception_types)?
--
___
Python tracker
<http://bugs.python.org/issue15806>
___
___
Pytho
Alex Gaynor added the comment:
list.count() uses == to compare items, 1 and True compare equal, so this
behavior is correct.
--
nosy: +alex
resolution: -> invalid
status: open -> closed
___
Python tracker
<http://bugs.python.org/i
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue15996>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
New submission from Alex Gaynor:
The attached patch implements PEP 424. The implementation of this demonstrated
a need for a few small modifications to the PEP, they will follow shortly.
--
components: Interpreter Core
files: length_hint.diff
keywords: patch
messages: 172176
nosy: alex
Alex Gaynor added the comment:
patch updated fully with respect to the updates georg pushed to the PEP
--
Added file: http://bugs.python.org/file27448/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16
Changes by Alex Gaynor :
Removed file: http://bugs.python.org/file27447/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16148>
___
___
Python-bugs-list m
Alex Gaynor added the comment:
Updated version of the patch with fewer memory leaks.
--
Added file: http://bugs.python.org/file27449/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16
Changes by Alex Gaynor :
Removed file: http://bugs.python.org/file27448/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16148>
___
___
Python-bugs-list m
Alex Gaynor added the comment:
All memory leaks resolved, yay!
--
Added file: http://bugs.python.org/file27450/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16
Changes by Alex Gaynor :
Removed file: http://bugs.python.org/file27449/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16148>
___
___
Python-bugs-list m
Alex Gaynor added the comment:
Added documentation.
--
Added file: http://bugs.python.org/file27451/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16
Changes by Alex Gaynor :
Removed file: http://bugs.python.org/file27450/length_hint.diff
___
Python tracker
<http://bugs.python.org/issue16148>
___
___
Python-bugs-list m
Alex Gaynor added the comment:
Ah, thank you very much, sorry about that.
--
___
Python tracker
<http://bugs.python.org/issue16148>
___
___
Python-bugs-list mailin
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue16345>
___
___
Python-bugs-list mailing list
Unsubscribe:
http://mail.pyth
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue20994>
___
___
Python-bugs-list mailing list
Unsubscribe:
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue20995>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
That's because of the set of ciphersuites offered by the server (see
https://www.ssllabs.com/ssltest/analyze.html?d=linuxfr.org), it's not an
inevitable property of TLS. For example jenkins.cryptography.io (see
https://www.ssllabs.com/ssltest/anal
Alex Gaynor added the comment:
It's also worth noting that users appear to be FAR more likely to have an up to
date Python than they are an up to date OpenSSL, meaning that if a change needs
to be made, we're much better situated to get that disseminated to actual users
than
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21015>
___
___
Python-bugs-list mailing list
Unsubscribe:
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21013>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
Unfortunately most TLS implementations (particularly those in browser stacks)
are vulnerable to downgrade attacks, whereby an attacker can send some
malicious packets to simulate a connection failure and cause a lower version of
the protocol to be negotiated
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue20421>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alex Gaynor:
CACert is not in the root trust store on *any* platform that I'm aware of, and
has not passed any audits. See
http://lwn.net/SubscriberLink/590879/ce23ed7bab68e489/ for more background.
In it's place I've added StartSSL, which is included in m
Changes by Alex Gaynor :
--
versions: +Python 2.7, Python 3.4, Python 3.5
___
Python tracker
<http://bugs.python.org/issue21043>
___
___
Python-bugs-list mailin
Alex Gaynor added the comment:
I've attempted to modernize the paragraph.
--
Added file: http://bugs.python.org/file34599/cacert.diff
___
Python tracker
<http://bugs.python.org/is
Alex Gaynor added the comment:
Removed 2.7 since there's no API for getting the platform certs.
--
versions: -Python 2.7
___
Python tracker
<http://bugs.python.org/is
Changes by Alex Gaynor :
Added file: http://bugs.python.org/file34600/cacert.diff
___
Python tracker
<http://bugs.python.org/issue21043>
___
___
Python-bugs-list mailin
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21074>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
Would it be reasonable to develop a Python API for this? If C functions have a
need to do this, surely Python code does as well.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21
New submission from Alex Gaynor:
Specifically the example at:
https://docs.python.org/3/library/functools.html?highlight=functools#functools.partialmethod
``_alive`` isn't actually assigned before the example tries to read it. Running
this code at a for-real REPL results in:
>>&
Alex Gaynor added the comment:
d[key] += 1 still does two dict lookups, and invokes the hash function twice:
>>> class X(object):
... def __hash__(self):
... print "hashed"
... return 0
... def __eq__(self, other):
... return True
...
>>> d = {X(): 0
Alex Gaynor added the comment:
It looks like https://docs.python.org/3/download.html (and I suppose the 2.x
variant) are the right URLs to use this.
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21
New submission from Alex Gaynor:
This will assist in porting applications from Python2 to Python3.
--
files: old-style-classes.diff
keywords: patch
messages: 216273
nosy: alex
priority: normal
severity: normal
status: open
title: Issue a python 3 warning when old style classes are
New submission from Alex Gaynor:
It would be nice if these said something useful.
(http://hg.python.org/cpython/file/default/Lib/asyncio/events.py)
--
components: Library (Lib)
messages: 216478
nosy: alex
priority: normal
severity: normal
status: open
title: Lib/asyncio/events.py has
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21288>
___
___
Python-bugs-list mailing list
Unsubscribe:
New submission from Alex Gaynor:
Pursuant to PEP466, this is a backport of Python 3.4's hashlib.pbkdf2_hmac.
Of note in this patch:
* None of the utilities for testing both a python and a C implementation
simultaneously were present, so this only tests whichever implementation is
avai
Changes by Alex Gaynor :
--
nosy: +christian.heimes, dstufft, ncoghlan
___
Python tracker
<http://bugs.python.org/issue21304>
___
___
Python-bugs-list mailin
Alex Gaynor added the comment:
issue21304 has the implementation of the PBKDF2 work.
--
___
Python tracker
<http://bugs.python.org/issue21307>
___
___
Python-bug
Changes by Alex Gaynor :
--
nosy: +benjamin.peterson, pitrou
___
Python tracker
<http://bugs.python.org/issue21304>
___
___
Python-bugs-list mailing list
Unsub
Alex Gaynor added the comment:
Yup, I've got my eyes on it, if anything lands there I'll include it in this in
the 2.7 code, whether it's before or after this patch lands :-)
--
___
Python tracker
<http://bugs.pyt
Alex Gaynor added the comment:
It's not a security issue per-se, but if you're doing many small reads, there's
such an enormous performance and scalability difference that if users run into
an issue, they're likely to work around it by using a non-CS PRNG, and
compromisi
Changes by Alex Gaynor :
--
nosy: +alex
___
Python tracker
<http://bugs.python.org/issue21207>
___
___
Python-bugs-list mailing list
Unsubscribe:
Alex Gaynor added the comment:
The infra team is looking into this, and I believe it should be fixed by now.
(None of the infra people really are on this issue tracker, so I'm closing
this, sorry :-/)
--
nosy: +alex
resolution: -> fixed
status: open -
Alex Gaynor added the comment:
Design question here: compare_digest on Python 3 supports comparing str (text)
objects, if they're both ascii-only. This feature is provided, primarily, so
you can compare hexdigests or similar.
Should the Python 2 version support comparing unicodes? Argu
Alex Gaynor added the comment:
encode("ascii") has data dependent branches, so it's to be avoided.
--
___
Python tracker
<http://bugs.pyt
Alex Gaynor added the comment:
Thanks Nick. I'll get a patch up for str (bytes) only this afternoon.
--
___
Python tracker
<http://bugs.python.org/is
Alex Gaynor added the comment:
Attached patch implements compare_digest. Code is mostly a 1-1 from 3.x, except
the Unicode paths are changed, and the tests are a tiny bit different.
* Still needs to backport the docs.
* Compares all unicode objects, not just ascii ones.
If the patch looks
Alex Gaynor added the comment:
It would be great if we could rely on OpenSSL's ordering. It would be seriously
fantastic. OpenSSL is best positioned to be able to do the right things, it's
updated at the right times. It should be where we do this.
Unfortunately the OpenSSL mainta
101 - 200 of 465 matches
Mail list logo
