it's cool how many python core dev fundamentally don't understand how security works
Discussion
Loading...
@fay have i mentioned the buffer overflow clearly introduced by a well-known racist that "core" devs tried to close and then said was a GIL issue
@hipsterelectron i think you've alluded to it but i don't know what it is
@fay in particular observe the comments modified, especially in Objects/abstract.c, in which a clause indicating the ability to return 0 is removed
@fay it makes me feel really nihilistic and that's obviously unhelpful. i wanted to base my build system off of cpython like pants did but this makes me question if that can ever be made secure
~11 more replies (not shown)
@hipsterelectron oh lmao armin
@hipsterelectron gave me a fucking jumpscare
@fay i was looking through the source for something completely unrelated and hit the git blame before i saw the most questionable committer name ever
@fay cpython is completely captured by intelligence agencies
@hipsterelectron i have a hanlon razor bias but tbh who knows these days lol
@fay it's not a single incident. the METADATA format in wheels refuses to use json as i introduced several years ago to pip and instead relies upon an unspecified format that allows dependencies to be injected. i am completely done with making excuses
bonfire.cafe
A space for Bonfire maintainers and contributors to communicate
Automatic federation enabled
Install bonfire.cafe
Get the full app experience
1
Tap
Share
2
Add to Home Screen