Join GitHub today
GitHub is home to over 40 million developers working together to host and review code, manage projects, and build software together.
Sign upbpo-39498 Start linking the security warnings in the stdlib modules #18272
+17
−0
Conversation
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
tonybaloney commentedJan 30, 2020
•
edited by bedevere-bot
Within the documentation, there are some really important security considerations for standard library modules. e.g. subprocess, ssl, pickle, xml.
There is currently no "index" of these, so you have to go hunting for them. They're easter eggs within the docs. There isn't a unique admonition type either, so you have to search across many criteria.
In particular for security researchers, it would be useful to consolidate and signpost these security best-practices in one index.
This PR links to some of the existing ones that I found.
https://bugs.python.org/issue39498