Use secure builtins standard module, instead of the __builtins__ #109
Conversation
Codecov Report
@@ Coverage Diff @@
## main #109 +/- ##
=========================================
Coverage 100.00% 100.00%
=========================================
Files 7 7
Lines 522 522
Branches 86 86
=========================================
Hits 522 522 Continue to review full report at Codecov.
|
devtools/__main__.py
Outdated
| try: | ||
| from devtools import debug | ||
| except ImportError: | ||
| pass | ||
| else: | ||
| __builtins__['debug'] = debug | ||
| setattr(builtins, "debug", debug) |
|
I'm still not sure that the link you sent means we should change this, and although the cli is new the docs example had been around for a long time and no one has complained it doesn't work. Definitely it's always worked for me. Is there a more contemporary, clearer definition of which which we should use? |
|
Thank You for the reply. The main point that encourages me to use As I understand, using |
There was a problem hiding this comment.
You were right from here:
CPython implementation detail: Users should not touch builtins; it is strictly an implementation detail. Users wanting to override values in the builtins namespace should import the builtins module and modify its attributes appropriately.
With these small changes I think this is ready.
|
Thanks, I will make these changes right now. |
|
Thanks so much for the contribution 🎉 . I'll probably wait a bit now to see if anyone reports errors with the new release, then make a new release (or forget until I'm reminded, cos that's life). |
Due to documentation, it seems that using
__builtins__directly is not reliable. Instead they were using the__builtin__module which was renamed tobuiltins.[Python-Dev]
__builtin__vs__builtins__I hope this helps, as I am just starting with open source contributions.