Security vulnerability in str.format in Python

This should have been obvious to me for a longer time, but until earlier
today I did not really realize the severity of the issues caused by
str.format on untrusted user input. It came up as a way to bypass the
Jinja2 Sandbox in a way that would permit r…

Read full article

Similar

Python Is Not Java

I was recently looking at the source of a wxPython-based GUI application, about 45.5KLOC in size, not counting the libraries used (e.g. Twisted). The code was written by Java developers who are relatively new to Python, and it suffers from some performanc... (more…)

Lark-cython lets you double the speed of Lark’s LALR parser (Python)

Cython plugin for Lark, reimplementing the LALR parser & lexer for better performance - GitHub - lark-parser/lark_cython: Cython plugin for Lark, reimplementing the LALR parser & lexer for ... (more…)

Python compiler written in Python to make standalone executables

Nuitka is a Python compiler written in Python. It's fully compatible with Python 2.6, 2.7, 3.3, 3.4, 3.5, 3.6, 3.7, 3.8, and 3.9. You feed it your Python app, it does a lot of clever things, ... (more…)

Get Exchange Rates with Currencylayer API in Python

There’re a fairly large number of APIs offering real-time and historical currency exchange rate out there. currencylayer API is one of the best. It’s an easy-to-use JSON API supporting 168 currencies, delivering accurate, reliable and consistent currency ... (more…)

The 4 Ways to Visualize Decision Tree from Sklearn in Python

There are two classes of Decision Tree in sklearn library: (more…)

Latest News

Peggy: Parser Generator for JavaScript

Jinx-Rust – A Rust Parser for Rust Tooling in TypeScript

Lux 0.7 is out Lisp for JVM, JavaScript, Python, Ruby and Lua with static types