This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author ariebovenberg
Recipients ariebovenberg, docs@python, eric.smith, vinay.sajip
Date 2022-01-02.12:37:04
SpamBayes Score -1.0
Marked as misclassified Yes
Message-id <>
I've done some more digging, and have read the related issue bpo-30995.

There are IMHO two challenges that are worth tackling:
1. A great number[1] of developers do their own string formatting.
   This is sub-optimal for performance and - in rare cases - 
   leaves them potentially vulnerable to attack 
   (DoS through a string formatting attack).
   We cannot prohibit this without breaking backwards compatibility: 
2. The logging cookbook has several mechanisms for new-style formatting, 
   but because these do not ship with the stdlib, 
   the vast majority[2] of programmers don't use them.

We can solve both issues with a new family of `Logger` methods.
The debug one shown below:

    def debugf(self, msg: Literal[str], *args, exc_info=False, **kwargs):
    Log 'msg.format(*args, **kwargs)' with severity 'DEBUG'.

    To pass exception information, use the keyword argument exc_info with
    a true value, e.g.

    logger.debugf("Houston, we have a {}", "thorny problem", exc_info=1)
    if self.isEnabledFor(DEBUG):
        # `BraceMessage` from the logging cookbook.
        self._log(DEBUG, BraceMessage(msg, args, kwargs), exc_info=exc_info)

Advantages of this approach:
- It's mostly the existing work of @vinay.sajip. It's Idiomatic and proven to work.
- No change to existing methods or loggers. Fully backwards compatible.
- Protection against string formatting attack at the type level (thanks to PEP675).
  Everyone with an IDE will get warned about unsafe use.
- Embed correct use of log formatting at type level.
- People will stop complaining about the `%`-style,
  now that there is an easy way to use new-style formatting in the stdlib. 

The disadvantage of course is an extra set of logging methods. However:
- An `f` suffix for string formatting operations is common (e.g. `printf`)
- It's visually similar to f-strings, thus straightforward to comprehend.
  Compare `debug(f"hello ...` and `debugf("hello ...`.
- It's explicit. The method logs _and_ formats.

[1] On GitHub code search, `logger` gets 8M results. 
    `logger` `format` gets almost 4M results, of which about half
    are actually instances of logging `.format()` strings. 
    f-strings are not even included in this search, and probably used
    very frequently as well.

[2] There are <1000 instances of `StyleAdapter`, `BraceMessage` in GitHub code search,
    while `getLogger` gets almost 5M results.
Date User Action Args
2022-01-02 12:37:04ariebovenbergsetrecipients: + ariebovenberg, vinay.sajip, eric.smith, docs@python
2022-01-02 12:37:04ariebovenbergsetmessageid: <>
2022-01-02 12:37:04ariebovenberglinkissue46200 messages
2022-01-02 12:37:04ariebovenbergcreate