Ah, that's too boring. I have a range of responses to pick from to keep things interesting:
For me, no text means "I haven't really reviewed this properly so don't want to write anything that could be used against me if (when?) this breaks something in prod"
Alright, here are my solutions :)
import __hello__
Not the most technically interesting, but a fun Easter egg!
@print
@lambda _: "Hello World"
class Foo:
...
Decorators are another way of calling a function, so can be abused to solve this task. You need to decorate a class rather than a function though, since a function definition requires parentheses!
class Printer:
__class_getitem__ = print
Printer["Hello World"]
There might be some other Dunder methods you can use to do this, although it's sort of difficult since most (e.g. __add__) only describe behaviour on the instance of the class.
from _sitebuiltins import Quitter
Quitter.__add__ = print
exit + "Hello World"
Writing number 3 made me realise I just needed to find a class that already had an instance and change that. I'm sure there are many other cases of this, but here's one!
Although "critical" by CVE standards could just mean ReDoS for some non user facing code and which clearly is not a security issue but still of course requires urgent dependabot warnings on some parent package which doesn't even use the not at all vulnerable code anyway...
Am I the only one that gets triggered by the spelling "Pypy" and "Pypi" instead of "PyPy" and "PyPI" :P
The info about Nuitka being a similar speed is good to note, since everyone assumes that by compiling something you automatically get a massive speed boost.
This is related to the fact that a lot of people hear about the Faster Python and go "ooh will python be getting a JIT" compiler, as if that's the magic weapon that will improve everything, while in reality loads of different changes are needed.
(If anyone's interested Mark Shannon gave a good talk on Faster Python at PyCon this year, now available on YouTube)
Agreed, and the questions I have that MDN doesn't answer would probably be ones even less likely for the AI explain to get right.
I've often ended up guessing what things do and messing things up.
One example is when I couldn't remember the difference between git checkout -b and git checkout -B, so in my infinite wisdom I decided to use -B because surely capital letters are better! Tried using it to switch back to a branch, and... Yeah, that was annoying.
Confusable characters get a little yellow box which is different from the squiggly underlines most linters and stuff use which at least makes it a bit more recogniseable.
Personally I can't stand having underlines all over my code, so I'll usually just "fix" the non-issue if possible, or otherwise just disable whatever the warning is entirely.
To be fair, it's no worse than articles some people write on those nonsense websites.
From a quick look at the code it looks like it uses regex to extract any name assignments and compares that to usages. This approach seems very limited as it has no understanding of context (e.g. the same name used in multiple places, or special methods like __add__ on classes that aren't called manually).
I'd be interested to know what false positives in vulture this solves. The main false positives I've found with vulture are:
I don't think this project would solve any of those cases (and in some cases I think vulture has special casing to handle things better).
I've never understood returns (https://github.com/dry-python/returns), is it just a gimmick or do people actually use it? It seems like it would be awkward to use and is working against how the language was designed.
Yeah definitely, I think there's also funding secured for a PyPI Security Developer, and a Deputy Developer in Residence. Can't remember exactly what the status on those two are, but definitely seems like there's more good stuff to come! The PSF has been doing a great job it seems.