Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 12.0 -> 13.0
pull_requests: +24335
pull_request: https://github.com/python/cpython/pull/25642
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
pull_requests: +24318
pull_request: https://github.com/python/cpython/pull/25602
___
Python tracker
<https://bugs.python.org/issue38
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 10.0 -> 11.0
pull_requests: +24233
pull_request: https://github.com/python/cpython/pull/25515
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 7.0 -> 8.0
pull_requests: +24232
pull_request: https://github.com/python/cpython/pull/22608
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
pull_requests: +24229
pull_request: https://github.com/python/cpython/pull/25511
___
Python tracker
<https://bugs.python.org/issue42
Saiyang Gou added the comment:
I think it might be a good idea to just strip leading spaces and tabs for
`compile(x, ..., 'eval')` if we want consistent behavior. `compile` might be
used in more locations in the whole Python source tree apart from
`typing.get_type_hints`. Techn
Saiyang Gou added the comment:
I think we can just skip evaluating annotations for complex targets when in
module or class scope (they are not stored anyway). The point of PEP 563 is to
suppress any evaluation of annotations (regardless of position) at definition
time, while type checkers
Change by Saiyang Gou :
--
pull_requests: +23996
pull_request: https://github.com/python/cpython/pull/25260
___
Python tracker
<https://bugs.python.org/issue36
Change by Saiyang Gou :
--
pull_requests: +23995
pull_request: https://github.com/python/cpython/pull/25259
___
Python tracker
<https://bugs.python.org/issue36
Saiyang Gou added the comment:
And one more question, should we ever remove an old version of event when we
add a new version of it? A function whose signature got repeatedly changed may
result in several versions of audit event raised together on a single
operation, which is probably not
Change by Saiyang Gou :
--
keywords: +patch
pull_requests: +23977
stage: -> patch review
pull_request: https://github.com/python/cpython/pull/25239
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 11.0 -> 12.0
pull_requests: +23974
pull_request: https://github.com/python/cpython/pull/25236
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 6.0 -> 7.0
pull_requests: +23973
pull_request: https://github.com/python/cpython/pull/25235
___
Python tracker
<https://bugs.python.org/issu
Saiyang Gou added the comment:
One problem is the naming of audit events. Actually I didn't even notice that
`_xxsubinterpreters` was already there since Python 3.8, because PEP 554 is
still in draft status as for now. Looks like `_xxsubinterpreters` is an
internal low-level interfa
New submission from Saiyang Gou :
I'm not sure what to do when a function already being audited gains new
arguments which are also worth auditing. For example, issue 38144 brings new
`root_dir` and `dir_fd` arguments to `glob.glob`. Currently `glob.glob` is
already audited, with `(pat
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 3.0 -> 4.0
pull_requests: +23971
pull_request: https://github.com/python/cpython/pull/25234
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
keywords: +patch
pull_requests: +23968
stage: -> patch review
pull_request: https://github.com/python/cpython/pull/25231
___
Python tracker
<https://bugs.python.org/issu
Saiyang Gou added the comment:
I'll work on it soon.
--
___
Python tracker
<https://bugs.python.org/issue43755>
___
___
Python-bugs-list mailing list
Saiyang Gou added the comment:
OK I didn't find this duplicate issue. After reading that, I think we should
update the documentation
(https://docs.python.org/3/reference/expressions.html). `comp_if ::=
"if" expression_nocond [comp_iter]` can become `comp_if ::
New submission from Saiyang Gou :
According to the documentation, a lambda expression at the `comp_if` position
of a comprehension is allowed (can be parsed as `lambda_expr_nocond`). But this
seems broken in Python 3.9 PEG parser. Example:
user@host:/$ python3.8
Python 3.8.9 (default, Apr 3
Saiyang Gou added the comment:
In addition to the consistency with existing audit hook signatures, there may
also be another benefit of wrapping it with a tuple of length 1. If
gc.get_referrers or gc.get_referents happens to gain a new keyword-only
argument in the future, we may need to add
Saiyang Gou added the comment:
There is a minor issue here. For gc.get_referrers and gc.get_referents,
probably the format code for PySys_Audit should be "(O)" instead of "O".
Typically the tuple `args` passed to the hook functions are fixed-length as
described in th
Saiyang Gou added the comment:
> Please also keep in mind that sys.addaudithook() does **not** add a global
> hook. The function adds a per-interpreter hook.
Yes, I'm aware of this. And this should be better documented. When I was
playing around with audit hooks and reading the
Saiyang Gou added the comment:
We understand that audit hooks should not be used to build a sandbox with
Python. It is natural for audit hooks to appear in CTF challenges though, as
many CTF challenges intentionally try to use a wrong way to secure a system
(and let players prove it wrong
New submission from Saiyang Gou :
# test
PEP 572 disallows walrus use cases such as `[(i := 1) for i in [1]]`, because
`for i` implies that `i` is local to the comprehension but `(i := 1)` implies
that `i` is "exported", which is a contradiction. However, I noticed the
followin
Saiyang Gou added the comment:
Also the current behavior allows `(*x), y = 1` assignment. If `(*x)` is to be
totally disallowed, `(*x), y = 1` should also be rejected.
--
___
Python tracker
<https://bugs.python.org/issue40
Saiyang Gou added the comment:
Well, there is actually a bug:
root@f1b4a742d8fc:/# python3.9
Python 3.9.1 (default, Dec 8 2020, 03:24:52)
[GCC 7.5.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> x =
Saiyang Gou added the comment:
Should we backport this to 3.8? I believe that we should either backport this
to 3.8 or document that these audit events are new in 3.9.
--
nosy: +gousaiyang
___
Python tracker
<https://bugs.python.org/issue39
Change by Saiyang Gou :
--
pull_requests: +21604
pull_request: https://github.com/python/cpython/pull/22624
___
Python tracker
<https://bugs.python.org/issue39
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 6.0 -> 7.0
pull_requests: +21599
pull_request: https://github.com/python/cpython/pull/22619
___
Python tracker
<https://bugs.python.org/issu
Saiyang Gou added the comment:
Hi Steve. If you had time could you review PR 21308, PR 21310 and PR 21322?
Thanks!
--
___
Python tracker
<https://bugs.python.org/issue41
New submission from Saiyang Gou :
ast.parse in Python 3.9 does not produce SyntaxError for assignment to
__debug__:
```
>>> import ast
>>> ast.dump(ast.parse('__debug__ = 0'))
"Module(body=[Assign(targets=[Name(id='__debug__', ctx=Store())
New submission from Saiyang Gou :
`ast.literal_eval` does not accept code with leading whitespaces, while `eval`
accepts them, which is an inconsistency.
```
>>> import ast
>>> eval(' 1')
1
>>> ast.literal_eval(' 1')
Traceback (most recent call l
Saiyang Gou added the comment:
Since the original problem (command execution functions missing audit events)
is already solved, we can close this issue now. Further discussions on
additional audit hooks (e.g. for the networking modules) could go to issue
37363
Change by Saiyang Gou :
--
pull_requests: +20473
pull_request: https://github.com/python/cpython/pull/21322
___
Python tracker
<https://bugs.python.org/issue39
Change by Saiyang Gou :
--
nosy: +gousaiyang
nosy_count: 4.0 -> 5.0
pull_requests: +20472
pull_request: https://github.com/python/cpython/pull/21321
___
Python tracker
<https://bugs.python.org/issu
Change by Saiyang Gou :
--
pull_requests: +20462
pull_request: https://github.com/python/cpython/pull/21310
___
Python tracker
<https://bugs.python.org/issue41
Saiyang Gou added the comment:
I've created PR 21308 for this. BTW, is issue 39567 (`os.walk`, `os.fwalk`,
`pathlib.Path.glob` and `pathlib.Path.rglob`) intentionally not backported to
3.8?
--
___
Python tracker
<https://bugs.py
Change by Saiyang Gou :
--
keywords: +patch
pull_requests: +20460
stage: -> patch review
pull_request: https://github.com/python/cpython/pull/21308
___
Python tracker
<https://bugs.python.org/issu
Saiyang Gou added the comment:
Update: `os.walk`, `os.fwalk`, `pathlib.Path.glob` and `pathlib.Path.rglob` are
added and documented in 3.9.
--
___
Python tracker
<https://bugs.python.org/issue41
New submission from Saiyang Gou :
Currently the following audit events are not documented on docs.python.org:
- _winapi.CreateFile
- _winapi.CreateJunction
- _winapi.CreateNamedPipe
- _winapi.CreatePipe
- _winapi.CreateProcess
- _winapi.OpenProcess
- _winapi.TerminateProcess
Saiyang Gou added the comment:
> The primary function of the Namespace class is to hold valid attributes and
> to allow the dot operator to access those attributes.
I acknowledge this. Invalid attribute names are not useful in production.
However, some crazy people like me would
New submission from Saiyang Gou :
It is generally a convention to design the repr string such that
`eval(repr(obj))` can reproduce the object. Issue 24360 handles the special
situation when arg name passed to `argparse.Namespace` is not a valid
identifier:
>>> from argparse import
Saiyang Gou added the comment:
Thanks for your review! PR 18407 is for the second list. For now I haven't
added audit hooks for the http, socketserver and xmlrpc modules because they
look a bit complex. There seems to be so many classes and methods to hook, we
may need to find good p
Change by Saiyang Gou :
--
pull_requests: +17782
pull_request: https://github.com/python/cpython/pull/18407
___
Python tracker
<https://bugs.python.org/issue39
Saiyang Gou added the comment:
I have made PR 17824 to add auditing events for the command execution functions
mentioned above.
After a review on other related Python modules, I think maybe the following
functions can also be audited, but a discussion may be required to determine
whether
Change by Saiyang Gou :
--
keywords: +patch
pull_requests: +17252
stage: -> patch review
pull_request: https://github.com/python/cpython/pull/17824
___
Python tracker
<https://bugs.python.org/issu
New submission from Saiyang Gou :
Similar to `os.system` (which is already raising auditing event), the following
functions are also capable of command execution, so they also need auditing:
- os.execl
- os.execle
- os.execlp
- os.execlpe
- os.execv
- os.execve
- os.execvp
- os.execvpe
48 matches
Mail list logo
