Author barry
Recipients Anthony Sottile, Antony.Lee, Ethan Smith, Ivan.Pozdeev, barry, brett.cannon, christian.heimes, eric.smith, eric.snow, mhammond, ncoghlan, pitrou, takluyver, terry.reedy
Date 2018-11-12.22:04:53
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <86135560-EDFC-4026-BFEA-1186B1228F0B@python.org>
In-reply-to <1541854207.44.0.788709270274.issue33944@psf.upfronthosting.co.za>
Content
On Nov 10, 2018, at 04:50, Ivan Pozdeev <report@bugs.python.org> wrote:

> In its .pth file, each such package will import the hook's module (which will cause the hook to be installed on the first import) and "register" its namespaces and/or dependencies with it. The hook will then calculate the required load order and enforce it upon import of any of the registered namespaces.

I’m a little concerned about this approach because it means random third party modules can affect the global environment for your application, without knowing it.  Since the hook installation happens at import time, and just depending on a library that has such a .pth file will install it, the end application will not have control over its global state.  It’s not possible to know whether this is a serious problem, but in the past, global state changes are problematic when applications do not have control over it.
History
Date User Action Args
2018-11-12 22:04:54barrysetrecipients: + barry, mhammond, brett.cannon, terry.reedy, ncoghlan, pitrou, eric.smith, christian.heimes, eric.snow, takluyver, Antony.Lee, Ivan.Pozdeev, Anthony Sottile, Ethan Smith
2018-11-12 22:04:54barrylinkissue33944 messages
2018-11-12 22:04:53barrycreate