-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
#9347 log method parens #12040
#9347 log method parens #12040
Conversation
please review |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks for the fix.
I think that this can be merged, as it's better than trunk
.
The comments about naming stuff are minor.
I did a quick check of the current automated tests and I don't see any tests for accessing private members.
Not sure if we should allow or deny access to private members.
I would say that formatting should only allow acces to public members.
It looks like there is no protection for private access with the following diff
I get this test fialure... and it looks like Twisted is happy to format the private members. ===============================================================================
[FAIL]
Traceback (most recent call last):
File "/home/adi/chevah/twisted/src/twisted/logger/test/test_format.py", line 93, in test_formatMethod
self.assertEqual(
File "/home/adi/chevah/twisted/src/twisted/trial/_synctest.py", line 444, in assertEqual
super().assertEqual(first, second, msg)
File "/usr/lib/python3.11/unittest/case.py", line 873, in assertEqual
assertion_func(first, second, msg=msg)
File "/usr/lib/python3.11/unittest/case.py", line 1253, in assertMultiLineEqual
self.fail(self._formatMessage(msg, standardMsg))
twisted.trial.unittest.FailTest: 'hello world' != 'hello world PRIV private'
- hello world
+ hello world PRIV private
twisted.logger.test.test_format.FormattingTests.test_formatMethod Twisted log format is also happy to format I think the formating should be less permisive. As a start, don't allow access to private members. |
… why? There are at least four big problems with doing that:
|
Thanks Glyph for the response. I am ok to have this merged. Also, maybe there aren't that many people using this code for user facing configuration. |
My concern about stdlib As long as you control the template, it's fine... but I guess that there might me people trying to use all kind of smart tricks with |
Yeah, it is explicitly a security failure for allowing "user-facing configuration" in log strings. The idea is that they're supposed to be static and constant, always. |
This PR broke one of the existing ways of formatting
ERROR is
|
@om26er (Did it myself, no need) |
chiming in, thank you @om26er for early warning and @glyph for your clear statement and reaction! cool, IMO this is OSS as it "should be", working together, being good OSS citizens - because, yes, fallout (will) hit txaio/autobahn/crossbar, but I just recently argued for keeping Twisted trunk (as well as multiple releases) in our CI since we do want to know early on about anything coming down the road with Twisted. We are (as you likely know) intensive users of Twisted and (still) love it;) It did break pretty new ground decades ago in Python and in general, paved the way, and is a broad spectrum, reliable weapon. I am still convinced (within the context of Python) even with aio and so present nowerdays .. anyways, cool=) |
Thanks for running trunk and catching issues like this before they make it to release! |
Scope and purpose
Fixes #9347