Steve has ☕️ for brains<p>I’m still a strong believer in PBD - print-based-debugging — but I hate getting stumped for two days because the value I’m printing automatically prints a string, but the value != an actual string so an equality test fails</p><p><a href="https://hachyderm.io/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://hachyderm.io/tags/pathlib" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pathlib</span></a></p>
veganism.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Veganism Social is a welcoming space on the internet for vegans to connect and engage with the broader decentralized social media community.
Administered by:
Server stats:
272active users
veganism.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0-alpha.5
#pathlib
0 posts · 0 participants · 0 posts today
Fiona :transbian: :autism: @WHY2025 DECT: 3591<p><span>So I mentioned that my project was at the point of being ready to demo…<br><br>It kinda is (after fixing some leftover bugs this morning/noon), but there is one thing I still have to be care of because it was functionally a directory traversal vulnerability (not super critical, given the use-case, but then again really not something that should be shipped, even as an MVP), so I’m still working on that…<br><br>That said: Python pathlib, WTF is wrong with you for not supporting preventing this </span><b>much</b> better‽ Where are methods like <code>.contains_double_dots()</code>, <code>.remove_double_dots()</code><span>, … and all of those things‽<br>And no, </span><code>.resolve()</code> is <b>not</b> an adequate substitute for <i>so many reasons</i><span>.<br><br>I’m calling it now: A </span><b>ton</b><span> of python projects using pathlib are vulnerable to directory-traversal.<br><br>Seriously, this is an issue and I’m shocked that I have never heard anyone bringing it up anywhere!<br><br></span><a href="https://blahaj.zone/tags/python" rel="nofollow noopener" target="_blank">#python</a> <a href="https://blahaj.zone/tags/pathlib" rel="nofollow noopener" target="_blank">#pathlib</a> <a href="https://blahaj.zone/tags/itsec" rel="nofollow noopener" target="_blank">#itsec</a></p>
VegansExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload