Re: [python-uk] Discount code for PyCon PL to Python community in UK

2017-07-27 Thread Nicholas H.Tollervey
I'd also like to back up Peter here: PyCon PL is a fun conference in a *HUGE* spa hotel in the Polish countryside just south of Warsaw (I've been twice). The tracks are all in English and this year, our very own Lord Mauve (Dan Pope) will be giving a keynote. Best wishes, N. On 26/07/17 22:58, P

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread S Walker
I suspect malicious phone-home (and other deliberately malicious security) stuff would be very difficult to automatically test for, as you're then in a Volkswagen situation and you'll be entering into an arms race with anyone who is taking such malicious actions. For other aspects, I'm afraid I

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread Andy Robinson
On 27 July 2017 at 15:33, S Walker wrote: > I suspect malicious phone-home (and other deliberately malicious security) > stuff would be very difficult to automatically test for Presumably you want to spy on outbound network activity from your test machine, rather than analysing code? - Andy

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread Mike Eriksson
On Thu, Jul 27, 2017 at 2:39 PM Andy Robinson wrote: > On 27 July 2017 at 15:33, S Walker wrote: > > I suspect malicious phone-home (and other deliberately malicious > security) > > stuff would be very difficult to automatically test for > > Presumably you want to spy on outbound network activit

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread S Walker
Exactly my point, yes- especially if one were to make a framework designed to easily analyse such things (when it becomes much easier for the malware because it for instance could just check whether the framework is in the current env (as a super-trivial example- but any framework that is easy t

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread PyUK
S, (Andy and Mike) Yes, you've hit a couple of pertinent points; and it might make for an interesting project. However, I was looking for a check-list or similar which I can give to the pertinent dev.teams to ensure that they are 'covering all the bases' - whereas the question: "have you che

Re: [python-uk] Reviewing third-party packages

2017-07-27 Thread Steve - Gadget Barnes
On 28/07/2017 00:27, [email protected] wrote: > S, (Andy and Mike) > > Yes, you've hit a couple of pertinent points; and it might make for an > interesting project. > > However, I was looking for a check-list or similar which I can give to > the pertinent dev.teams to ensure that they