Re: Bug#1085206: ITP: evalidate -- Validation and secure evaluation of untrusted Python expressions
Hi!
On Wed, 2024-10-16 at 11:00:31 +0100, Colin Watson wrote:
> Package: wnpp
> Severity: wishlist
> Owner: Colin Watson <cjwatson@debian.org>
> X-Debbugs-Cc: debian-devel@lists.debian.org
>
> * Package name : evalidate
> Version : 2.0.3
> Upstream Contact: Yaroslav Polyakov <yaroslaff@gmail.com>
> * URL : https://github.com/yaroslaff/evalidate
> * License : MIT
> Programming Lang: Python
> Description : Validation and secure evaluation of untrusted Python expressions
>
> Evaluate user-supplied Python expressions by walking their syntax tree
> and allowing only operations that pass a given security model.
>
> I'm packaging this because it's a new dependency of buildbot 4.1.0. I
> plan to maintain it within the Debian Python Team.
This seems to be a python module only package, but its source package
name is not currently namespaced. Given that it has not yet passed NEW,
please namespace it with python- to avoid taking on the global namespace,
so that we do not "prevent" packaging something that for example installs
a command with the same name (or having to end up using a non-obvious one
for that, or requiring a future rename), so that it's easier to see what
it is about when doing archive-wide analysis from Sources, or dd-lists,
or even reading changelogs via stuff like apt-listchanges, like the rest
of the language specific teams are doing. :)
Thanks,
Guillem
Reply to: