Issue 33262: Deprecate shlex.split(None) to read from stdin.

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

This issue has been migrated to GitHub: https://github.com/python/cpython/issues/77443

classification

Title:	Deprecate shlex.split(None) to read from stdin.
Type:	behavior	Stage:	patch review
Components:	Library (Lib)	Versions:	Python 3.8

process

Status:	open	Resolution:
Dependencies:		Superseder:
Assigned To:		Nosy List:	ZackerySpytz, andrei.avk, christian.heimes, eric.smith, n_rosenstein, p-ganssle
Priority:	normal	Keywords:	patch

Created on 2018-04-11 10:28 by christian.heimes, last changed 2022-04-11 14:58 by admin.

Pull Requests
URL	Status	Linked	Edit
PR 6514	merged	ZackerySpytz, 2018-04-17 19:35

Messages (5)
msg315189 - (view)	Author: Christian Heimes (christian.heimes) *	Date: 2018-04-11 10:28
The shlex module implements simple tokenize for a shell-like mini language. The shlex.split() function splits a string into subcomponents just like a typical Unix shell. However function has a surprising feature. When None is passed into shlex.split(). Note: Since the split() function instantiates a shlex instance, passing None for s will read the string to split from standard input. https://docs.python.org/3/library/shlex.html#shlex.split This is both surprising, unnecessary and potentially dangerous. Reading from sys.stdin is a blocking operation. In case an application doesn't account for None, shlex.split(value) could lead to a blocked server application. I suggest to deprecate and eventually remove this mis-feature. Credits: David R. MacIver reported the bug on Twitter: https://twitter.com/DRMacIver/status/984001867985367040
msg315209 - (view)	Author: Eric V. Smith (eric.smith) *	Date: 2018-04-12 00:01
I agree that it should be deprecated. That's crazy behavior. I'd also recommend that shlex.shlex with instream=None be deprecated, but maybe that's too radical. It seems way too easy to accidentally pass in None.
msg323489 - (view)	Author: Niklas Rosenstein (n_rosenstein) *	Date: 2018-08-13 19:23
I've just run into this as well -- I thought it was a bug until I found this issue. I also think that this is anything from sane.
msg365468 - (view)	Author: Paul Ganssle (p-ganssle) *	Date: 2020-04-01 13:58
New changeset 975ac326ffe265e63a103014fd27e9d098fe7548 by Zackery Spytz in branch 'master': bpo-33262: Deprecate passing None for `s` to shlex.split() (GH-6514) https://github.com/python/cpython/commit/975ac326ffe265e63a103014fd27e9d098fe7548
msg400555 - (view)	Author: Andrei Kulakov (andrei.avk) *	Date: 2021-08-29 19:19
Can be closed as fixed (or perhaps renamed and kept open to track eventual raising of error in the future?)

History
Date	User	Action	Args
2022-04-11 14:58:59	admin	set	github: 77443
2021-08-29 19:19:42	andrei.avk	set	nosy: + andrei.avk messages: + msg400555
2020-04-01 13:58:59	p-ganssle	set	nosy: + p-ganssle messages: + msg365468
2018-08-13 19:23:19	n_rosenstein	set	nosy: + n_rosenstein messages: + msg323489
2018-04-17 19:37:07	ZackerySpytz	set	nosy: + ZackerySpytz components: + Library (Lib)
2018-04-17 19:35:17	ZackerySpytz	set	keywords: + patch stage: needs patch -> patch review pull_requests: + pull_request6207
2018-04-12 00:01:13	eric.smith	set	nosy: + eric.smith messages: + msg315209
2018-04-11 10:28:49	christian.heimes	create