This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author vstinner
Recipients dtrodrigues, fxcoudert, gregory.p.smith, hroncok, petr.viktorin, twouters, vstinner
Date 2021-02-15.10:17:49
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <1613384269.59.0.768716299625.issue42819@roundup.psfhosted.org>
In-reply-to
Content 
There are different things:

* Bracketed paste mode prevents to execute malicious command copied from evil internet web pages
* Python REPL is not really convenient in the bracked paste mode: bpo-39820
* Users are not used to the bracketed mode which gives a surprising behavior in Python REPL
* Copy/paste in a shell running in a graphical terminal is fine in bracketed mode, since users running a shell are used to modify a command before running and to run manually a command by pressing ENTER
* The bracketed paste mode causes test failures in applications (like pytest test suite) which doesn't support it.
* It is not easy/convenient to opt-out for the bracketed paste mode.

For all these reasons, it sounds reasonable to disable the readline bracketed paste mode by default in Python, even if it's enabled explicitly in ~/.inputrc.

If an user opts in for the bracketed paste mode, it is more likely to prevent running malicious commands in a shell, rather than not executing immediately commands executed in Python.

Once the bpo-39820 will be fixed, we can reconsider to leave the bracketed paste mode default unchanged (no longer disable it explicitly).
History
Date User Action Args
2021-02-15 10:17:49vstinnersetrecipients: + vstinner, twouters, gregory.p.smith, petr.viktorin, hroncok, fxcoudert, dtrodrigues
2021-02-15 10:17:49vstinnersetmessageid: <1613384269.59.0.768716299625.issue42819@roundup.psfhosted.org>
2021-02-15 10:17:49vstinnerlinkissue42819 messages
2021-02-15 10:17:49vstinnercreate