On 27 Jun 07:36, LAG Robin Baumgartner wrote: > On 27.06.2014 01:18, Cédric Krier wrote: > > Hi, > > > > I would like to remove «safe_eval» for many reasons: > > > > - doesn't work on Python3 > > - never be sure it was really safe > > - in the past there was issue between minor version of Python > > > > So in some place it could be replaced by plain «eval» because there are > > any security concern. In other place, it could be replaced by JSON or > > PYSON strings. But there are one place where it can not, it is in the > > module price_list. So I'm thinking about using «simpleeval» [1] which > > looks like the right tool. I still need to find if it is possible to > > make it use Decimal instead of float. > > > > Is someone has a better idea? > > > > [1] https://pypi.python.org/pypi/simpleeval > > > > Sounds good to me. I guess simpleeval would become a new dependency of > just the product_price_list module and not trytond then?
Of course such need for now only exist in this module. > The author states that it does not currently work with python3 either. I > did not see any compatibility issues yet though. I have some experience > on supporting both python 2 and 3 with the same codebase, guess I'll > look into submitting a pull request so this dependency does not become a > hindrance on the move to python3. It will be great. -- Cédric Krier - B2CK SPRL Email/Jabber: [email protected] Tel: +32 472 54 46 59 Website: http://www.b2ck.com/
pgpPljhlOKaR6.pgp
Description: PGP signature
