Message 333002 - Python tracker

Message333002

Author	terry.reedy
Recipients	ammar2, iceboy, remi.lapeyre, serhiy.storchaka, terry.reedy
Date	2019-01-04.21:17:23
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1546636643.44.0.465787511215.issue35634@roundup.psfhosted.org>
In-reply-to

Content
Serhiy, nosying you because Ammar identified your commit as relevant. https://github.com/python/cpython/commit/e036ef8fa29f27d57fe9f8cef8d931d4122d8223 --- 3.6 is also security-fix only. Normally, code bug reports need a minimal, reproducible, initially-failing test case that only uses the stdlib, not 3rd party code. A test case would have to include a simplified version of a multidict. The problem here is that a multidict with duplicate keys is not a proper mapping, in spite of having a MutableMapping interface. (Just curious, what does d['a'] return?). The purpose of the package is to meet the needs of HTTP Headers and URL query strings (and other situations) where the 'keys' are value-type tags, not true mapping keys. Another example would be a bibliography entry that tags each of multiple author names with 'Author:'. (Aside: A deficiency of git (github) is allowing only 1 author key and only one github username as the value.) Is an object with duplicate keys legal for *expression in calls? https://docs.python.org/3/reference/expressions.html#index-48 says that expression must evaluate to a 'mapping'. The glossary entry https://docs.python.org/3/glossary.html#term-mapping says "A container object that supports arbitrary key lookups and implements the methods specified in the Mapping or MutableMapping abstract base classes." followed by unique-key examples. To me, 'key lookup' implies unique keys. The Mapping functions include 'keys' and 'items'. What signature? To return set-like views, the keys should be unique. If we take the call to be a bug, is CPython obligated* to immediately raise an exception? In other words, must every call with **mapping take the time to check for duplicates because someone might pass a dup-key 'mapping'.

Content

Serhiy, nosying you because Ammar identified your commit as relevant.
https://github.com/python/cpython/commit/e036ef8fa29f27d57fe9f8cef8d931d4122d8223
---

3.6 is also security-fix only.

Normally, code bug reports need a minimal, reproducible, initially-failing test case that only uses the stdlib, not 3rd party code.  A test case would have to include a simplified version of a multidict.

The problem here is that a multidict with duplicate keys is not a proper mapping, in spite of having a MutableMapping interface.  (Just curious, what does d['a'] return?). 

The purpose of the package is to meet the needs of HTTP Headers and URL query strings (and other situations) where the 'keys' are value-type tags, not true mapping keys.  Another example would be a bibliography entry that tags each of multiple author names with 'Author:'.  (Aside: A deficiency of git (github) is allowing only 1 author key and only one github username as the value.)

Is an object with duplicate keys legal for **expression in calls?
https://docs.python.org/3/reference/expressions.html#index-48
says that expression must evaluate to a 'mapping'.  The glossary entry
https://docs.python.org/3/glossary.html#term-mapping says
"A container object that supports arbitrary key lookups and implements the methods specified in the Mapping or MutableMapping abstract base classes." followed by unique-key examples.  To me, 'key lookup' implies unique keys.  The Mapping functions include 'keys' and 'items'.  What signature?  To return set-like views, the keys should be unique.

If we take the call to be a bug, is CPython *obligated* to immediately raise an exception?  In other words, must every call with **mapping take the time to check for duplicates because someone might pass a dup-key 'mapping'.

History
Date	User	Action	Args
2019-01-04 21:17:24	terry.reedy	set	recipients: + terry.reedy, serhiy.storchaka, iceboy, ammar2, remi.lapeyre
2019-01-04 21:17:23	terry.reedy	set	messageid: <1546636643.44.0.465787511215.issue35634@roundup.psfhosted.org>
2019-01-04 21:17:23	terry.reedy	link	issue35634 messages
2019-01-04 21:17:23	terry.reedy	create