[Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance) (original) (raw)
Nick Coghlan ncoghlan at gmail.com
Fri Nov 27 06:38:11 EST 2015
- Previous message (by thread): [Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)
- Next message (by thread): [Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 27 November 2015 at 18:47, Cory Benfield <cory at lukasa.co.uk> wrote:
Perhaps I missed this, Nick, but what happens if multiple third party libraries apply updates to call this function in incompatible ways? For example, if you depend on libfoo which calls ssl.verifyhttpscertificates(False) and libbar which calls ssl.verifyhttpscertificates(True)? Is it…last import wins?
Last import wins, but libaries shouldn't be mutating process global state as a side effect of import - like the sys module, the ssl module configuration should only be modified (directly or indirectly) from main.
Cheers, Nick.
-- Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
- Previous message (by thread): [Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)
- Next message (by thread): [Python-Dev] Request for pronouncement on PEP 493 (HTTPS verification backport guidance)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]