It has been a while since I posted a copy of PEP 1 to the mailing
lists and newsgroups. I've recently done some updating of a few
sections, so in the interest of gaining wider community participation
in the Python development process, I'm posting the latest revision of
PEP 1 here. A version of the PEP is always available on-line at
http://www.python.org/peps/pep-0001.html
Enjoy,
-Barry
-------------------- snip snip --------------------
PEP: 1
Title: PEP Purpose and Guidelines
Version: $Revision: 1.36 $
Last-Modified: $Date: 2002/07/29 18:34:59 $
Author: Barry A. Warsaw, Jeremy Hylton
Status: Active
Type: Informational
Created: 13-Jun-2000
Post-History: 21-Mar-2001, 29-Jul-2002
What is a PEP?
PEP stands for Python Enhancement Proposal. A PEP is a design
document providing information to the Python community, or
describing a new feature for Python. The PEP should provide a
concise technical specification of the feature and a rationale for
the feature.
We intend PEPs to be the primary mechanisms for proposing new
features, for collecting community input on an issue, and for
documenting the design decisions that have gone into Python. The
PEP author is responsible for building consensus within the
community and documenting dissenting opinions.
Because the PEPs are maintained as plain text files under CVS
control, their revision history is the historical record of the
feature proposal[1].
Kinds of PEPs
There are two kinds of PEPs. A standards track PEP describes a
new feature or implementation for Python. An informational PEP
describes a Python design issue, or provides general guidelines or
information to the Python community, but does not propose a new
feature. Informational PEPs do not necessarily represent a Python
community consensus or recommendation, so users and implementors
are free to ignore informational PEPs or follow their advice.
PEP Work Flow
The PEP editor, Barry Warsaw <peps(a)python.org>, assigns numbers
for each PEP and changes its status.
The PEP process begins with a new idea for Python. It is highly
recommended that a single PEP contain a single key proposal or new
idea. The more focussed the PEP, the more successfully it tends
to be. The PEP editor reserves the right to reject PEP proposals
if they appear too unfocussed or too broad. If in doubt, split
your PEP into several well-focussed ones.
Each PEP must have a champion -- someone who writes the PEP using
the style and format described below, shepherds the discussions in
the appropriate forums, and attempts to build community consensus
around the idea. The PEP champion (a.k.a. Author) should first
attempt to ascertain whether the idea is PEP-able. Small
enhancements or patches often don't need a PEP and can be injected
into the Python development work flow with a patch submission to
the SourceForge patch manager[2] or feature request tracker[3].
The PEP champion then emails the PEP editor <peps(a)python.org> with
a proposed title and a rough, but fleshed out, draft of the PEP.
This draft must be written in PEP style as described below.
If the PEP editor approves, he will assign the PEP a number, label
it as standards track or informational, give it status 'draft',
and create and check-in the initial draft of the PEP. The PEP
editor will not unreasonably deny a PEP. Reasons for denying PEP
status include duplication of effort, being technically unsound,
not providing proper motivation or addressing backwards
compatibility, or not in keeping with the Python philosophy. The
BDFL (Benevolent Dictator for Life, Guido van Rossum) can be
consulted during the approval phase, and is the final arbitrator
of the draft's PEP-ability.
If a pre-PEP is rejected, the author may elect to take the pre-PEP
to the comp.lang.python newsgroup (a.k.a. python-list(a)python.org
mailing list) to help flesh it out, gain feedback and consensus
from the community at large, and improve the PEP for
re-submission.
The author of the PEP is then responsible for posting the PEP to
the community forums, and marshaling community support for it. As
updates are necessary, the PEP author can check in new versions if
they have CVS commit permissions, or can email new PEP versions to
the PEP editor for committing.
Standards track PEPs consists of two parts, a design document and
a reference implementation. The PEP should be reviewed and
accepted before a reference implementation is begun, unless a
reference implementation will aid people in studying the PEP.
Standards Track PEPs must include an implementation - in the form
of code, patch, or URL to same - before it can be considered
Final.
PEP authors are responsible for collecting community feedback on a
PEP before submitting it for review. A PEP that has not been
discussed on python-list(a)python.org and/or python-dev(a)python.org
will not be accepted. However, wherever possible, long open-ended
discussions on public mailing lists should be avoided. Strategies
to keep the discussions efficient include, setting up a separate
SIG mailing list for the topic, having the PEP author accept
private comments in the early design phases, etc. PEP authors
should use their discretion here.
Once the authors have completed a PEP, they must inform the PEP
editor that it is ready for review. PEPs are reviewed by the BDFL
and his chosen consultants, who may accept or reject a PEP or send
it back to the author(s) for revision.
Once a PEP has been accepted, the reference implementation must be
completed. When the reference implementation is complete and
accepted by the BDFL, the status will be changed to `Final.'
A PEP can also be assigned status `Deferred.' The PEP author or
editor can assign the PEP this status when no progress is being
made on the PEP. Once a PEP is deferred, the PEP editor can
re-assign it to draft status.
A PEP can also be `Rejected'. Perhaps after all is said and done
it was not a good idea. It is still important to have a record of
this fact.
PEPs can also be replaced by a different PEP, rendering the
original obsolete. This is intended for Informational PEPs, where
version 2 of an API can replace version 1.
PEP work flow is as follows:
Draft -> Accepted -> Final -> Replaced
^
+----> Rejected
v
Deferred
Some informational PEPs may also have a status of `Active' if they
are never meant to be completed. E.g. PEP 1.
What belongs in a successful PEP?
Each PEP should have the following parts:
1. Preamble -- RFC822 style headers containing meta-data about the
PEP, including the PEP number, a short descriptive title
(limited to a maximum of 44 characters), the names, and
optionally the contact info for each author, etc.
2. Abstract -- a short (~200 word) description of the technical
issue being addressed.
3. Copyright/public domain -- Each PEP must either be explicitly
labelled as placed in the public domain (see this PEP as an
example) or licensed under the Open Publication License[4].
4. Specification -- The technical specification should describe
the syntax and semantics of any new language feature. The
specification should be detailed enough to allow competing,
interoperable implementations for any of the current Python
platforms (CPython, JPython, Python .NET).
5. Motivation -- The motivation is critical for PEPs that want to
change the Python language. It should clearly explain why the
existing language specification is inadequate to address the
problem that the PEP solves. PEP submissions without
sufficient motivation may be rejected outright.
6. Rationale -- The rationale fleshes out the specification by
describing what motivated the design and why particular design
decisions were made. It should describe alternate designs that
were considered and related work, e.g. how the feature is
supported in other languages.
The rationale should provide evidence of consensus within the
community and discuss important objections or concerns raised
during discussion.
7. Backwards Compatibility -- All PEPs that introduce backwards
incompatibilities must include a section describing these
incompatibilities and their severity. The PEP must explain how
the author proposes to deal with these incompatibilities. PEP
submissions without a sufficient backwards compatibility
treatise may be rejected outright.
8. Reference Implementation -- The reference implementation must
be completed before any PEP is given status 'Final,' but it
need not be completed before the PEP is accepted. It is better
to finish the specification and rationale first and reach
consensus on it before writing code.
The final implementation must include test code and
documentation appropriate for either the Python language
reference or the standard library reference.
PEP Template
PEPs are written in plain ASCII text, and should adhere to a
rigid style. There is a Python script that parses this style and
converts the plain text PEP to HTML for viewing on the web[5].
PEP 9 contains a boilerplate[7] template you can use to get
started writing your PEP.
Each PEP must begin with an RFC822 style header preamble. The
headers must appear in the following order. Headers marked with
`*' are optional and are described below. All other headers are
required.
PEP: <pep number>
Title: <pep title>
Version: <cvs version string>
Last-Modified: <cvs date string>
Author: <list of authors' real names and optionally, email addrs>
* Discussions-To: <email address>
Status: <Draft | Active | Accepted | Deferred | Final | Replaced>
Type: <Informational | Standards Track>
* Requires: <pep numbers>
Created: <date created on, in dd-mmm-yyyy format>
* Python-Version: <version number>
Post-History: <dates of postings to python-list and python-dev>
* Replaces: <pep number>
* Replaced-By: <pep number>
The Author: header lists the names and optionally, the email
addresses of all the authors/owners of the PEP. The format of the
author entry should be
address(a)dom.ain (Random J. User)
if the email address is included, and just
Random J. User
if the address is not given. If there are multiple authors, each
should be on a separate line following RFC 822 continuation line
conventions. Note that personal email addresses in PEPs will be
obscured as a defense against spam harvesters.
Standards track PEPs must have a Python-Version: header which
indicates the version of Python that the feature will be released
with. Informational PEPs do not need a Python-Version: header.
While a PEP is in private discussions (usually during the initial
Draft phase), a Discussions-To: header will indicate the mailing
list or URL where the PEP is being discussed. No Discussions-To:
header is necessary if the PEP is being discussed privately with
the author, or on the python-list or python-dev email mailing
lists. Note that email addresses in the Discussions-To: header
will not be obscured.
Created: records the date that the PEP was assigned a number,
while Post-History: is used to record the dates of when new
versions of the PEP are posted to python-list and/or python-dev.
Both headers should be in dd-mmm-yyyy format, e.g. 14-Aug-2001.
PEPs may have a Requires: header, indicating the PEP numbers that
this PEP depends on.
PEPs may also have a Replaced-By: header indicating that a PEP has
been rendered obsolete by a later document; the value is the
number of the PEP that replaces the current document. The newer
PEP must have a Replaces: header containing the number of the PEP
that it rendered obsolete.
PEP Formatting Requirements
PEP headings must begin in column zero and the initial letter of
each word must be capitalized as in book titles. Acronyms should
be in all capitals. The body of each section must be indented 4
spaces. Code samples inside body sections should be indented a
further 4 spaces, and other indentation can be used as required to
make the text readable. You must use two blank lines between the
last line of a section's body and the next section heading.
You must adhere to the Emacs convention of adding two spaces at
the end of every sentence. You should fill your paragraphs to
column 70, but under no circumstances should your lines extend
past column 79. If your code samples spill over column 79, you
should rewrite them.
Tab characters must never appear in the document at all. A PEP
should include the standard Emacs stanza included by example at
the bottom of this PEP.
A PEP must contain a Copyright section, and it is strongly
recommended to put the PEP in the public domain.
When referencing an external web page in the body of a PEP, you
should include the title of the page in the text, with a
footnote reference to the URL. Do not include the URL in the body
text of the PEP. E.g.
Refer to the Python Language web site [1] for more details.
...
[1] http://www.python.org
When referring to another PEP, include the PEP number in the body
text, such as "PEP 1". The title may optionally appear. Add a
footnote reference that includes the PEP's title and author. It
may optionally include the explicit URL on a separate line, but
only in the References section. Note that the pep2html.py script
will calculate URLs automatically, e.g.:
...
Refer to PEP 1 [7] for more information about PEP style
...
References
[7] PEP 1, PEP Purpose and Guidelines, Warsaw, Hylton
http://www.python.org/peps/pep-0001.html
If you decide to provide an explicit URL for a PEP, please use
this as the URL template:
http://www.python.org/peps/pep-xxxx.html
PEP numbers in URLs must be padded with zeros from the left, so as
to be exactly 4 characters wide, however PEP numbers in text are
never padded.
Reporting PEP Bugs, or Submitting PEP Updates
How you report a bug, or submit a PEP update depends on several
factors, such as the maturity of the PEP, the preferences of the
PEP author, and the nature of your comments. For the early draft
stages of the PEP, it's probably best to send your comments and
changes directly to the PEP author. For more mature, or finished
PEPs you may want to submit corrections to the SourceForge bug
manager[6] or better yet, the SourceForge patch manager[2] so that
your changes don't get lost. If the PEP author is a SF developer,
assign the bug/patch to him, otherwise assign it to the PEP
editor.
When in doubt about where to send your changes, please check first
with the PEP author and/or PEP editor.
PEP authors who are also SF committers, can update the PEPs
themselves by using "cvs commit" to commit their changes.
Remember to also push the formatted PEP text out to the web by
doing the following:
% python pep2html.py -i NUM
where NUM is the number of the PEP you want to push out. See
% python pep2html.py --help
for details.
Transferring PEP Ownership
It occasionally becomes necessary to transfer ownership of PEPs to
a new champion. In general, we'd like to retain the original
author as a co-author of the transferred PEP, but that's really up
to the original author. A good reason to transfer ownership is
because the original author no longer has the time or interest in
updating it or following through with the PEP process, or has
fallen off the face of the 'net (i.e. is unreachable or not
responding to email). A bad reason to transfer ownership is
because you don't agree with the direction of the PEP. We try to
build consensus around a PEP, but if that's not possible, you can
always submit a competing PEP.
If you are interested assuming ownership of a PEP, send a message
asking to take over, addressed to both the original author and the
PEP editor <peps(a)python.org>. If the original author doesn't
respond to email in a timely manner, the PEP editor will make a
unilateral decision (it's not like such decisions can be
reversed. :).
References and Footnotes
[1] This historical record is available by the normal CVS commands
for retrieving older revisions. For those without direct access
to the CVS tree, you can browse the current and past PEP revisions
via the SourceForge web site at
http://cvs.sourceforge.net/cgi-bin/cvsweb.cgi/python/nondist/peps/?cvsroot=…
[2] http://sourceforge.net/tracker/?group_id=5470&atid=305470
[3] http://sourceforge.net/tracker/?atid=355470&group_id=5470&func=browse
[4] http://www.opencontent.org/openpub/
[5] The script referred to here is pep2html.py, which lives in
the same directory in the CVS tree as the PEPs themselves.
Try "pep2html.py --help" for details.
The URL for viewing PEPs on the web is
http://www.python.org/peps/
[6] http://sourceforge.net/tracker/?group_id=5470&atid=305470
[7] PEP 9, Sample PEP Template
http://www.python.org/peps/pep-0009.html
Copyright
This document has been placed in the public domain.
Local Variables:
mode: indented-text
indent-tabs-mode: nil
sentence-end-double-space: t
fill-column: 70
End:
Argument Clinic "converters" specify how to convert an individual
argument to the function you're defining. Although a converter could
theoretically represent any sort of conversion, most of the time they
directly represent types like "int" or "double" or "str".
Because there's such variety in argument parsing, the converters are
customizable with parameters. Many of these are common enough that
Argument Clinic suggests some standard names. Examples: "zeroes=True"
for strings and buffers means "permit internal \0 characters", and
"bitwise=True" for unsigned integers means "copy the bits over, even if
there's overflow/underflow, and even if the original is negative".
A third example is "nullable=True", which means "also accept None for
this parameter". This was originally intended for use with strings
(compare the "s" and "z" format units for PyArg_ParseTuple), however it
looks like we'll have a use for "nullable ints" in the ongoing Argument
Clinic conversion work.
Several people have said they found the name "nullable" surprising,
suggesting I use another name like "allow_none" or "noneable". I, in
turn, find their surprise surprising; "nullable" is a term long
associated with exactly this concept. It's used in C# and SQL, and the
term even has its own Wikipedia page:
http://en.wikipedia.org/wiki/Nullable_type
Most amusingly, Vala *used* to have an annotation called "(allow-none)",
but they've broken it out into two annotations, "(nullable)" and
"(optional)".
http://blogs.gnome.org/desrt/2014/05/27/allow-none-is-dead-long-live-nullab…
Before you say "the term 'nullable' will confuse end users", let me
remind you: this is not user-facing. This is a parameter for an
Argument Clinic converter, and will only ever be seen by CPython core
developers. A group which I hope is not so easily confused.
It's my contention that "nullable" is the correct name. But I've been
asked to bring up the topic for discussion, to see if a consensus forms
around this or around some other name.
Let the bike-shedding begin,
//arry/
Here is some proposed wording. Since it is more of a clarification of what
it takes to garner support -- which is just a new section -- rather than a
complete rewrite I'm including just the diff to make it easier to read the
changes.
*diff -r 49d18bb47ebc pep-0011.txt*
*--- a/pep-0011.txt Wed May 14 11:18:22 2014 -0400*
*+++ b/pep-0011.txt Fri May 16 13:48:30 2014 -0400*
@@ -2,22 +2,21 @@
Title: Removing support for little used platforms
Version: $Revision$
Last-Modified: $Date$
-Author: martin(a)v.loewis.de (Martin von Löwis)
+Author: Martin von Löwis <martin(a)v.loewis.de>,
+ Brett Cannon <brett(a)python.org>
Status: Active
Type: Process
Content-Type: text/x-rst
Created: 07-Jul-2002
Post-History: 18-Aug-2007
+ 16-May-2014
Abstract
--------
-This PEP documents operating systems (platforms) which are not
-supported in Python anymore. For some of these systems,
-supporting code might be still part of Python, but will be removed
-in a future release - unless somebody steps forward as a volunteer
-to maintain this code.
+This PEP documents how an operating system (platform) garners
+support in Python as well as documenting past support.
Rationale
@@ -37,16 +36,53 @@
change to the Python source code will work on all supported
platforms.
-To reduce this risk, this PEP proposes a procedure to remove code
-for platforms with no Python users.
+To reduce this risk, this PEP specifies what is required for a
+platform to be considered supported by Python as well as providing a
+procedure to remove code for platforms with little or no Python
+users.
+Supporting platforms
+--------------------
+
+Gaining official platform support requires two things. First, a core
+developer needs to volunteer to maintain platform-specific code. This
+core developer can either already be a member of the Python
+development team or be given contributor rights on the basis of
+maintaining platform support (it is at the discretion of the Python
+development team to decide if a person is ready to have such rights
+even if it is just for supporting a specific platform).
+
+Second, a stable buildbot must be provided [2]_. This guarantees that
+platform support will not be accidentally broken by a Python core
+developer who does not have personal access to the platform. For a
+buildbot to be considered stable it requires that the machine be
+reliably up and functioning (but it is up to the Python core
+developers to decide whether to promote a buildbot to being
+considered stable).
+
+This policy does not disqualify supporting other platforms
+indirectly. Patches which are not platform-specific but still done to
+add platform support will be considered for inclusion. For example,
+if platform-independent changes were necessary in the configure
+script which was motivated to support a specific platform that would
+be accepted. Patches which add platform-specific code such as the
+name of a specific platform to the configure script will generally
+not be accepted without the platform having official support.
+
+CPU architecture and compiler support are viewed in a similar manner
+as platforms. For example, to consider the ARM architecture supported
+a buildbot running on ARM would be required along with support from
+the Python development team. In general it is not required to have
+a CPU architecture run under every possible platform in order to be
+considered supported.
Unsupporting platforms
----------------------
-If a certain platform that currently has special code in it is
-deemed to be without Python users, a note must be posted in this
-PEP that this platform is no longer actively supported. This
+If a certain platform that currently has special code in Python is
+deemed to be without Python users or lacks proper support from the
+Python development team and/or a buildbot, a note must be posted in
+this PEP that this platform is no longer actively supported. This
note must include:
- the name of the system
@@ -69,8 +105,8 @@
forward and offer maintenance.
-Resupporting platforms
-----------------------
+Re-supporting platforms
+-----------------------
If a user of a platform wants to see this platform supported
again, he may volunteer to maintain the platform support. Such an
@@ -101,7 +137,7 @@
release is made. Developers of extension modules will generally need
to use the same Visual Studio release; they are concerned both with
the availability of the versions they need to use, and with keeping
-the zoo of versions small. The Python source tree will keep
+the zoo of versions small. The Python source tree will keep
unmaintained build files for older Visual Studio releases, for which
patches will be accepted. Such build files will be removed from the
source tree 3 years after the extended support for the compiler has
@@ -223,6 +259,7 @@
----------
.. [1] http://support.microsoft.com/lifecycle/
+.. [2] http://buildbot.python.org/3.x.stable/
Copyright
---------
The current memory layout for dictionaries is
unnecessarily inefficient. It has a sparse table of
24-byte entries containing the hash value, key pointer,
and value pointer.
Instead, the 24-byte entries should be stored in a
dense table referenced by a sparse table of indices.
For example, the dictionary:
d = {'timmy': 'red', 'barry': 'green', 'guido': 'blue'}
is currently stored as:
entries = [['--', '--', '--'],
[-8522787127447073495, 'barry', 'green'],
['--', '--', '--'],
['--', '--', '--'],
['--', '--', '--'],
[-9092791511155847987, 'timmy', 'red'],
['--', '--', '--'],
[-6480567542315338377, 'guido', 'blue']]
Instead, the data should be organized as follows:
indices = [None, 1, None, None, None, 0, None, 2]
entries = [[-9092791511155847987, 'timmy', 'red'],
[-8522787127447073495, 'barry', 'green'],
[-6480567542315338377, 'guido', 'blue']]
Only the data layout needs to change. The hash table
algorithms would stay the same. All of the current
optimizations would be kept, including key-sharing
dicts and custom lookup functions for string-only
dicts. There is no change to the hash functions, the
table search order, or collision statistics.
The memory savings are significant (from 30% to 95%
compression depending on the how full the table is).
Small dicts (size 0, 1, or 2) get the most benefit.
For a sparse table of size t with n entries, the sizes are:
curr_size = 24 * t
new_size = 24 * n + sizeof(index) * t
In the above timmy/barry/guido example, the current
size is 192 bytes (eight 24-byte entries) and the new
size is 80 bytes (three 24-byte entries plus eight
1-byte indices). That gives 58% compression.
Note, the sizeof(index) can be as small as a single
byte for small dicts, two bytes for bigger dicts and
up to sizeof(Py_ssize_t) for huge dict.
In addition to space savings, the new memory layout
makes iteration faster. Currently, keys(), values, and
items() loop over the sparse table, skipping-over free
slots in the hash table. Now, keys/values/items can
loop directly over the dense table, using fewer memory
accesses.
Another benefit is that resizing is faster and
touches fewer pieces of memory. Currently, every
hash/key/value entry is moved or copied during a
resize. In the new layout, only the indices are
updated. For the most part, the hash/key/value entries
never move (except for an occasional swap to fill a
hole left by a deletion).
With the reduced memory footprint, we can also expect
better cache utilization.
For those wanting to experiment with the design,
there is a pure Python proof-of-concept here:
http://code.activestate.com/recipes/578375
YMMV: Keep in mind that the above size statics assume a
build with 64-bit Py_ssize_t and 64-bit pointers. The
space savings percentages are a bit different on other
builds. Also, note that in many applications, the size
of the data dominates the size of the container (i.e.
the weight of a bucket of water is mostly the water,
not the bucket).
Raymond
Hi all,
https://github.com/python/cpython is now live as a semi-official, *read
only* Github mirror of the CPython Mercurial repository. Let me know if you
have any problems/concerns.
I still haven't decided how often to update it (considering either just N
times a day, or maybe use a Hg hook for batching). Suggestions are welcome.
The methodology I used to create it is via hg-fast-export. I also tried to
pack and gc the git repo as much as possible before the initial Github push
- it went down from almost ~2GB to ~200MB (so this is the size of a fresh
clone right now).
Eli
P.S. thanks Jesse for the keys to https://github.com/python
Hi all,
I've just submitted PEP 476, on enabling certificate validation by default for
HTTPS clients in Python. Please have a look and let me know what you think.
PEP text follows.
Alex
---
PEP: 476
Title: Enabling certificate verification by default for stdlib http clients
Version: $Revision$
Last-Modified: $Date$
Author: Alex Gaynor <alex.gaynor(a)gmail.com>
Status: Draft
Type: Standards Track
Content-Type: text/x-rst
Created: 28-August-2014
Abstract
========
Currently when a standard library http client (the ``urllib`` and ``http``
modules) encounters an ``https://`` URL it will wrap the network HTTP traffic
in a TLS stream, as is necessary to communicate with such a server. However,
during the TLS handshake it will not actually check that the server has an X509
certificate is signed by a CA in any trust root, nor will it verify that the
Common Name (or Subject Alternate Name) on the presented certificate matches
the requested host.
The failure to do these checks means that anyone with a privileged network
position is able to trivially execute a man in the middle attack against a
Python application using either of these HTTP clients, and change traffic at
will.
This PEP proposes to enable verification of X509 certificate signatures, as
well as hostname verification for Python's HTTP clients by default, subject to
opt-out on a per-call basis.
Rationale
=========
The "S" in "HTTPS" stands for secure. When Python's users type "HTTPS" they are
expecting a secure connection, and Python should adhere to a reasonable
standard of care in delivering this. Currently we are failing at this, and in
doing so, APIs which appear simple are misleading users.
When asked, many Python users state that they were not aware that Python failed
to perform these validations, and are shocked.
The popularity of ``requests`` (which enables these checks by default)
demonstrates that these checks are not overly burdensome in any way, and the
fact that it is widely recommended as a major security improvement over the
standard library clients demonstrates that many expect a higher standard for
"security by default" from their tools.
The failure of various applications to note Python's negligence in this matter
is a source of *regular* CVE assignment [#]_ [#]_ [#]_ [#]_ [#]_ [#]_ [#]_ [#]_
[#]_ [#]_ [#]_.
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4340
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3533
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5822
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5825
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1909
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2037
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2073
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2191
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4111
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6396
.. [#] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6444
Technical Details
=================
Python would use the system provided certificate database on all platforms.
Failure to locate such a database would be an error, and users would need to
explicitly specify a location to fix it.
This can be achieved by simply replacing the use of
``ssl._create_stdlib_context`` with ``ssl.create_default_context`` in
``http.client``.
Trust database
--------------
This PEP proposes using the system-provided certificate database. Previous
discussions have suggested bundling Mozilla's certificate database and using
that by default. This was decided against for several reasons:
* Using the platform trust database imposes a lower maintenance burden on the
Python developers -- shipping our own trust database would require doing a
release every time a certificate was revoked.
* Linux vendors, and other downstreams, would unbundle the Mozilla
certificates, resulting in a more fragmented set of behaviors.
* Using the platform stores makes it easier to handle situations such as
corporate internal CAs.
Backwards compatibility
-----------------------
This change will have the appearance of causing some HTTPS connections to
"break", because they will now raise an Exception during handshake.
This is misleading however, in fact these connections are presently failing
silently, an HTTPS URL indicates an expectation of confidentiality and
authentication. The fact that Python does not actually verify that the user's
request has been made is a bug, further: "Errors should never pass silently."
Nevertheless, users who have a need to access servers with self-signed or
incorrect certificates would be able to do so by providing a context with
custom trust roots or which disables validation (documentation should strongly
recommend the former where possible). Users will also be able to add necessary
certificates to system trust stores in order to trust them globally.
Twisted's 14.0 release made this same change, and it has been met with almost
no opposition.
Other protocols
===============
This PEP only proposes requiring this level of validation for HTTP clients, not
for other protocols such as SMTP.
This is because while a high percentage of HTTPS servers have correct
certificates, as a result of the validation performed by browsers, for other
protocols self-signed or otherwise incorrect certificates are far more common.
Note that for SMTP at least, this appears to be changing and should be reviewed
for a potential similar PEP in the future:
* https://www.facebook.com/notes/protect-the-graph/the-current-state-of-smtp
starttls-deployment/1453015901605223
* https://www.facebook.com/notes/protect-the-graph/massive-growth-in-smtp-
starttls-deployment/1491049534468526
Python Versions
===============
This PEP proposes making these changes to ``default`` (Python 3) branch. I
strongly believe these changes also belong in Python 2, but doing them in a
patch-release isn't reasonable, and there is strong opposition to doing a 2.8
release.
Copyright
=========
This document has been placed into the public domain.
..
Local Variables:
mode: indented-text
indent-tabs-mode: nil
sentence-end-double-space: t
fill-column: 70
coding: utf-8
Earlier versions of PEP 453 proposed bootstrapping pip into a Python 2.7
maintenance release in addition to including it with Python 3.4.
That part of the proposal proved to be controversial, so we dropped it from
the original PEP in order to focus on meeting the Python 3.4 specific
release deadlines. This also had the benefit of working out the kinks in
the bootstrapping processing as part of the Python 3.4 release cycle.
However, we still think we should start providing pip by default to Python
2.7 users as well, at least as part of the Windows and Mac OS X installers.
One notable difference from PEP 453 is that because there is no venv module
in 2.7, and hence no integration between venv and ensurepip, we can give
redistributors the option of just disabling ensurepip entirely and
redirecting users to platform specific installation tools.
Regards,
Nick.
======================
PEP: 477
Title: Backport ensurepip (PEP 453) to Python 2.7
Version: $Revision$
Last-Modified: $Date$
Author: Donald Stufft <donald(a)stufft.io>
Nick Coghlan <ncoghlan(a)gmail.com>
Status: Active
Type: Process
Content-Type: text/x-rst
Created: 26-Aug-2014
Post-History: 1-Sep-2014
Abstract
========
This PEP proposes that the ``ensurepip`` module, added to Python 3.4 by PEP
453, be backported to Python 2.7. It also proposes that automatic invocation
of ``ensurepip`` be added to the Python 2.7 Windows and OSX installers.
However
it does **not** propose that automatic invocation be added to the
``Makefile``.
It also proposes that the documentation changes for the package distribution
and installation guides be updated to match that in 3.4, which references
using
the ``ensurepip`` module to bootstrap the installer.
Rationale
=========
Python 2.7 is effectively a LTS release of Python which represents the end
of
the 2.x series and there is still a very large contingent of users whom are
still using Python 2.7 as their primary version. These users, in order to
participate in the wider Python ecosystem, must manually attempt to go out
and
find the correct way to bootstrap the packaging tools.
It is the opinion of this PEP that making it as easy as possible for end
users
to participate in the wider Python ecosystem is important for 3 primary
reasons:
1. The Python 2.x to 3.x migration has a number of painpoints that are
eased by
a number of third party modules such as six [#six]_, modernize
[#modernize]_,
or future [#future]_. However relying on these tools requires that
everyone
who uses the project have a tool to install these packages.
2. In addition to tooling to aid in migration from Python 2.x to 3.x, there
are
also a number of modules that are *new* in Python 3 for which there are
backports available on PyPI. This can also aid in the ability for people
to write 2.x and 3.x compatible software as well as enable them to use
some
of the newer features of Python 3 on Python 2.
3. Users also will need a number of tools in order to create python packages
that conform to the newer standards that are being proposed. Things like
setuptools [#setuptools]_, Wheel [#wheel]_, and twine [#twine]_ are
enabling
a safer, faster, and more reliable packaging tool chain. These tools can
be
difficult for people to use if first they must be told how to go out and
install the package manager.
4. One of Pythons biggest strengths is in the huge ecosystem of libraries
and
projects that have been built on top of it, most of which are distributed
through PyPI. However in order to benefit from this wide ecosystem
meaningfully requires end users, some of which are going to be new, to
make
a decision on which package manager they should get, how to get it, and
then
finally actually installing it first.
Furthermore, alternative implementations of Python are recognizing the
benefits
of PEP 453 and both PyPy and Jython have plans to backport ensurepip to
their
2.7 runtimes.
Automatic Invocation
====================
PEP 453 has ``ensurepip`` automatically invoked by default in the
``Makefile``
and the Windows and OSX Installers. This allowed it to ensure that, by
default,
all users would get Python with pip already installed. This PEP however
believes that while this is fine for the Python 2.7 Windows and Mac OS X
installers it is *not* ok for the Python 2.7 ``Makefile`` in general.
The primary consumers of the ``Makefile`` are downstream package managers
which
distribute Python themselves. These downstream distributors typically do not
want pip to be installed via ``ensurepip`` and would prefer that end users
install it with their own package manager. Not invoking ``ensurepip``
automatically from the ``Makefile`` would allow these distributors to simply
ignore the fact that ``ensurepip`` has been backported and still not end up
with pip installed via it.
The primary consumers of the OSX and Windows installers are end users who
are
attempting to install Python on their own machine. There is not a package
manager available where these users can install pip into their Python
through
a more supported mechanism. For this reason it is the belief of this PEP
that
installing by default on OSX and Windows is the best course of action.
Documentation
=============
As part of this PEP, the updated packaging distribution and installation
guides for Python 3.4 would be backported to Python 2.7.
Disabling ensurepip by Downstream Distributors
==============================================
Due to its use in the ``venv`` module, downstream distributors cannot
disable
the ``ensurepip`` module in Python 3.4. However since Python 2.7 has no such
module it is explicitly allowed for downstream distributors to patch the
``ensurepip`` module to prevent it from installing anything.
If a downstream distributor wishes to disable ``ensurepip`` completely in
Python 2.7, they should still at least provide the module and allow
`python -m ensurepip` style invocation. However it should raise errors or
otherwise exit with a non-zero exit code and print out an error on stderr
directing users to what they can/should use instead of ``ensurepip``.
References
==========
.. [#six] `six.py <https://pypi.python.org/pypi/six>`__
.. [#modernize] `modernize <https://pypi.python.org/pypi/modernize>`__
.. [#future] `python-future <https://pypi.python.org/pypi/future>`__
.. [#setuptools] `setuptools <https://pypi.python.org/pypi/setuptools>`__
.. [#wheel] `Wheel <https://pypi.python.org/pypi/wheel>`__
.. [#twine] `twine <https://pypi.python.org/pypi/twine>`__
Copyright
=========
This document has been placed in the public domain.
..
Local Variables:
mode: indented-text
indent-tabs-mode: nil
sentence-end-double-space: t
fill-column: 70
coding: utf-8
End:
HTML version:
http://legacy.python.org/dev/peps/pep-0475/
PEP: 475
Title: Retry system calls failing with EINTR
Version: $Revision$
Last-Modified: $Date$
Author: Charles-François Natali <cf.natali(a)gmail.com>, Victor Stinner
<victor.stinner(a)gmail.com>
Status: Draft
Type: Standards Track
Content-Type: text/x-rst
Created: 29-July-2014
Python-Version: 3.5
Abstract
========
Retry system calls failing with the ``EINTR`` error and recompute
timeout if needed.
Rationale
=========
Interrupted system calls
------------------------
On POSIX systems, signals are common. Your program must be prepared to
handle them. Examples of signals:
* The most common signal is ``SIGINT``, signal sent when CTRL+c is
pressed. By default, Python raises a ``KeyboardInterrupt`` exception
when this signal is received.
* When running subprocesses, the ``SIGCHLD`` signal is sent when a
child process exits.
* Resizing the terminal sends the ``SIGWINCH`` signal to the
applications running in the terminal.
* Putting the application in background (ex: press CTRL-z and then
type the ``bg`` command) sends the ``SIGCONT`` signal.
Writing a signal handler is difficult, only "async-signal safe"
functions can be called. For example, ``printf()`` and ``malloc()``
are not async-signal safe. When a signal is sent to a process calling
a system call, the system call can fail with the ``EINTR`` error to
give the program an opportunity to handle the signal without the
restriction on signal safe functions. Depending on the platform, on
the system call and the ``SA_RESTART`` flag, the system call may or
may not fail with ``EINTR``.
If the signal handler was set with the ``SA_RESTART`` flag set, the
kernel retries some the system call instead of failing with
``EINTR``. For example, ``read()`` is retried, whereas ``select()`` is
not retried. The Python function ``signal.signal()`` clears the
``SA_RESTART`` flag when setting the signal handler: all system calls
should fail with ``EINTR`` in Python.
The problem is that handling ``EINTR`` should be done for all system
calls. The problem is similar to handling errors in the C language
which does not have exceptions: you must check all function returns to
check for error, and usually duplicate the code checking for errors.
Python does not have this issue, it uses exceptions to notify errors.
Current status
--------------
Currently in Python, the code to handle the ``InterruptedError``
exception (``EINTR`` error) is duplicated on case by case. Only a few
Python modules handle this exception, and fixes usually took several
years to cover a whole module. Example of code retrying
``file.read()`` on ``InterruptedError``::
while True:
try:
data = file.read(size)
break
except InterruptedError:
continue
List of Python modules of the standard library which handle
``InterruptedError``:
* ``asyncio``
* ``asyncore``
* ``io``, ``_pyio``
* ``multiprocessing``
* ``selectors``
* ``socket``
* ``socketserver``
* ``subprocess``
Other programming languages like Perl, Java and Go already retry
system calls failing with ``EINTR``.
Use Case 1: Don't Bother With Signals
-------------------------------------
In most cases, you don't want to be interrupted by signals and you
don't expect to get ``InterruptedError`` exceptions. For example, do
you really want to write such complex code for an "Hello World"
example?
::
while True:
try:
print("Hello World")
break
except InterruptedError:
continue
``InterruptedError`` can happen in unexpected places. For example,
``os.close()`` and ``FileIO.close()`` can raises ``InterruptedError``:
see the article `close() and EINTR
<http://alobbs.com/post/54503240599/close-and-eintr>`_.
The `Python issues related to EINTR`_ section below gives examples of
bugs caused by "EINTR".
The expectation is that Python hides the ``InterruptedError``: retry
system calls failing with the ``EINTR`` error.
Use Case 2: Be notified of signals as soon as possible
------------------------------------------------------
Sometimes, you expect some signals and you want to handle them as soon
as possible. For example, you may want to quit immediatly a program
using the ``CTRL+c`` keyboard shortcut.
Some signals are not interesting and should not interrupt the the
application. There are two options to only interrupt an application
on some signals:
* Raise an exception in the signal handler, like ``KeyboardInterrupt`` for
``SIGINT``
* Use a I/O multiplexing function like ``select()`` with the Python
signal "wakeup" file descriptor: see the function
``signal.set_wakeup_fd()``.
Proposition
===========
If a system call fails with ``EINTR``, Python must call signal
handlers: call ``PyErr_CheckSignals()``. If a signal handler raises
an exception, the Python function fails with the exception.
Otherwise, the system call is retried. If the system call takes a
timeout parameter, the timeout is recomputed.
Modified functions
------------------
Example of functions that need to be modified:
* ``os.read()``, ``io.FileIO.read()``, ``io.FileIO.readinto()``
* ``os.write()``, ``io.FileIO.write()``
* ``os.waitpid()``
* ``socket.accept()``
* ``socket.connect()``
* ``socket.recv()``, ``socket.recv_into()``
* ``socket.recv_from()``
* ``socket.send()``
* ``socket.sendto()``
* ``time.sleep()``
* ``select.select()``
* ``select.poll()``
* ``select.epoll.poll()``
* ``select.devpoll.poll()``
* ``select.kqueue.control()``
* ``selectors.SelectSelector.select()`` and other selector classes
Note: The ``selector`` module already retries on ``InterruptedError``, but it
doesn't recompute the timeout yet.
Backward Compatibility
======================
Applications relying on the fact that system calls are interrupted
with ``InterruptedError`` will hang. The authors of this PEP don't
think that such application exist.
If such applications exist, they are not portable and are subject to
race conditions (deadlock if the signal comes before the system call).
These applications must be fixed to handle signals differently, to
have a reliable behaviour on all platforms and all Python versions.
For example, use a signal handler which raises an exception, or use a
wakeup file descriptor.
For applications using event loops, ``signal.set_wakeup_fd()`` is the
recommanded option to handle signals. The signal handler writes signal
numbers into the file descriptor and the event loop is awaken to read
them. The event loop can handle these signals without the restriction
of signal handlers.
Appendix
========
Wakeup file descriptor
----------------------
Since Python 3.3, ``signal.set_wakeup_fd()`` writes the signal number
into the file descriptor, whereas it only wrote a null byte before.
It becomes possible to handle different signals using the wakeup file
descriptor.
Linux has a ``signalfd()`` which provides more information on each
signal. For example, it's possible to know the pid and uid who sent
the signal. This function is not exposed in Python yet (see the
`issue 12304 <http://bugs.python.org/issue12304>`_).
On Unix, the ``asyncio`` module uses the wakeup file descriptor to
wake up its event loop.
Multithreading
--------------
A C signal handler can be called from any thread, but the Python
signal handler should only be called in the main thread.
Python has a ``PyErr_SetInterrupt()`` function which calls the
``SIGINT`` signal handler to interrupt the Python main thread.
Signals on Windows
------------------
Control events
^^^^^^^^^^^^^^
Windows uses "control events":
* ``CTRL_BREAK_EVENT``: Break (``SIGBREAK``)
* ``CTRL_CLOSE_EVENT``: Close event
* ``CTRL_C_EVENT``: CTRL+C (``SIGINT``)
* ``CTRL_LOGOFF_EVENT``: Logoff
* ``CTRL_SHUTDOWN_EVENT``: Shutdown
The `SetConsoleCtrlHandler() function
<http://msdn.microsoft.com/en-us/library/windows/desktop/ms686016%28v=vs.85%…>`_
can be used to install a control handler.
The ``CTRL_C_EVENT`` and ``CTRL_BREAK_EVENT`` events can be sent to a
process using the `GenerateConsoleCtrlEvent() function
<http://msdn.microsoft.com/en-us/library/windows/desktop/ms683155%28v=vs.85%…>`_.
This function is exposed in Python as ``os.kill()``.
Signals
^^^^^^^
The following signals are supported on Windows:
* ``SIGABRT``
* ``SIGBREAK`` (``CTRL_BREAK_EVENT``): signal only available on Windows
* ``SIGFPE``
* ``SIGILL``
* ``SIGINT`` (``CTRL_C_EVENT``)
* ``SIGSEGV``
* ``SIGTERM``
SIGINT
^^^^^^
The default Python signal handler for ``SIGINT`` sets a Windows event
object: ``sigint_event``.
``time.sleep()`` is implemented with ``WaitForSingleObjectEx()``, it
waits for the ``sigint_event`` object using ``time.sleep()`` parameter
as the timeout. So the sleep can be interrupted by ``SIGINT``.
``_winapi.WaitForMultipleObjects()`` automatically adds
``sigint_event`` to the list of watched handles, so it can also be
interrupted.
``PyOS_StdioReadline()`` also used ``sigint_event`` when ``fgets()``
failed to check if Ctrl-C or Ctrl-Z was pressed.
Links
-----
Misc
^^^^
* `glibc manual: Primitives Interrupted by Signals
<http://www.gnu.org/software/libc/manual/html_node/Interrupted-Primitives.ht…>`_
* `Bug #119097 for perl5: print returning EINTR in 5.14
<https://rt.perl.org/Public/Bug/Display.html?id=119097>`_.
Python issues related to EINTR
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The main issue is: `handle EINTR in the stdlib
<http://bugs.python.org/issue18885>`_.
Open issues:
* `Add a new signal.set_wakeup_socket() function
<http://bugs.python.org/issue22018>`_
* `signal.set_wakeup_fd(fd): set the fd to non-blocking mode
<http://bugs.python.org/issue22042>`_
* `Use a monotonic clock to compute timeouts
<http://bugs.python.org/issue22043>`_
* `sys.stdout.write on OS X is not EINTR safe
<http://bugs.python.org/issue22007>`_
* `platform.uname() not EINTR safe
<http://bugs.python.org/issue21772>`_
* `asyncore does not handle EINTR in recv, send, connect, accept,
<http://bugs.python.org/issue11266>`_
* `socket.create_connection() doesn't handle EINTR properly
<http://bugs.python.org/issue20611>`_
Closed issues:
* `Interrupted system calls are not retried
<http://bugs.python.org/issue9867>`_
* `Solaris: EINTR exception in select/socket calls in telnetlib
<http://bugs.python.org/issue1049450>`_
* `subprocess: Popen.communicate() doesn't handle EINTR in some cases
<http://bugs.python.org/issue12493>`_
* `multiprocessing.util._eintr_retry doen't recalculate timeouts
<http://bugs.python.org/issue12338>`_
* `file readline, readlines & readall methods can lose data on EINTR
<http://bugs.python.org/issue12268>`_
* `multiprocessing BaseManager serve_client() does not check EINTR on recv
<http://bugs.python.org/issue17097>`_
* `selectors behaviour on EINTR undocumented
<http://bugs.python.org/issue19849>`_
* `asyncio: limit EINTR occurrences with SA_RESTART
<http://bugs.python.org/issue19850>`_
* `smtplib.py socket.create_connection() also doesn't handle EINTR properly
<http://bugs.python.org/issue21602>`_
* `Faulty RESTART/EINTR handling in Parser/myreadline.c
<http://bugs.python.org/issue11650>`_
* `test_httpservers intermittent failure, test_post and EINTR
<http://bugs.python.org/issue3771>`_
* `os.spawnv(P_WAIT, ...) on Linux doesn't handle EINTR
<http://bugs.python.org/issue686667>`_
* `asyncore fails when EINTR happens in pol
<http://bugs.python.org/issue517554>`_
* `file.write and file.read don't handle EINTR
<http://bugs.python.org/issue10956>`_
* `socket.readline() interface doesn't handle EINTR properly
<http://bugs.python.org/issue1628205>`_
* `subprocess is not EINTR-safe
<http://bugs.python.org/issue1068268>`_
* `SocketServer doesn't handle syscall interruption
<http://bugs.python.org/issue7978>`_
* `subprocess deadlock when read() is interrupted
<http://bugs.python.org/issue17367>`_
* `time.sleep(1): call PyErr_CheckSignals() if the sleep was interrupted
<http://bugs.python.org/issue12462>`_
* `siginterrupt with flag=False is reset when signal received
<http://bugs.python.org/issue8354>`_
* `need siginterrupt() on Linux - impossible to do timeouts
<http://bugs.python.org/issue1089358>`_
* `[Windows] Can not interrupt time.sleep()
<http://bugs.python.org/issue581232>`_
Python issues related to signals
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Open issues:
* `signal.default_int_handler should set signal number on the raised
exception <http://bugs.python.org/issue17182>`_
* `expose signalfd(2) in the signal module
<http://bugs.python.org/issue12304>`_
* `missing return in win32_kill?
<http://bugs.python.org/issue14484>`_
* `Interrupts are lost during readline PyOS_InputHook processing
<http://bugs.python.org/issue3180>`_
* `cannot catch KeyboardInterrupt when using curses getkey()
<http://bugs.python.org/issue1687125>`_
* `Deferred KeyboardInterrupt in interactive mode
<http://bugs.python.org/issue16151>`_
Closed issues:
* `sys.interrupt_main()
<http://bugs.python.org/issue753733>`_
Copyright
=========
This document has been placed in the public domain.
..
Local Variables:
mode: indented-text
indent-tabs-mode: nil
sentence-end-double-space: t
fill-column: 70
coding: utf-8
End:
Hi,
I've released mpdecimal-2.4.1:
http://www.bytereef.org/mpdecimal/changelog.html
da74d3cfab559971a4fbd4fb506e1b4498636eb77d0fd09e44f8e546d18ac068 mpdecimal-2.4.1.tar.gz
Starting with Python 3.4.2, this version should be used for an external libmpdec.
Stefan Krah
