PEP 638: security implications for syntactic macros? (EDIT: title corrected)

I’d like to see a discussion in the PEP about security implications, even if it says that no vulnerabilities can possibly exist.

Presumably you’re talking about PEP 638, not 658?

Mark Shannon is presumably quite busy and not working on this right now. I’d wait until he re-opens discussion on the PEP (if that happens), and provide feedback then.

2 Likes

There’s no security implications here. This is for use in source code. If you use a 3rd party macro, it’s just as dangerous as using a 3rd party function and the same responsibility to review your dependencies exists either way.

1 Like