GithubHelp home page GithubHelp logo

Comments (5)

ThiefMaster avatar ThiefMaster commented on May 3, 2024 1

-fstack-protector-all - All functions use stack cookies.
-fstack-protector-strong - Functions use stack cookies if they have arrays on the stack, take memory references to their own stack variables, call alloca(), or use variable-length arrays (VLA).

Apparently these compiler switches enable them. But I guess they'd need to be specified in a compiler-agnostic way since the speedups may be compiled e.g. with microsoft's compiler if someone is on windows.

from markupsafe.

ThiefMaster avatar ThiefMaster commented on May 3, 2024

If they cannot be enabled with a compiler flag, #pragma or some other preprocessor directive this sounds more like something setuptools would have to do (as all we do to build the speedups extension is this)

from markupsafe.

methane avatar methane commented on May 3, 2024

Can't you use just CFLAGS=-fstack-protect-all?
Use it by default is not common practice on Python, and it makes this library less portable.

from markupsafe.

davidism avatar davidism commented on May 3, 2024

I'm not convinced this is a good idea. I looked at a few other projects and none of them had these flags set, including SQLAlchemy and Cryptography, two widely used libraries with C components. Is MarkupSafe the only package that raised this warning? Re: portability, will this affect wheels I build and release to PyPI? Does setting that env var and telling pip to build from source accomplish what you need? Without understanding this more, I'm not planning on implementing it.

from markupsafe.

davidism avatar davidism commented on May 3, 2024

Closing due to lack of information. If this is important to you, I'll need help to understand and implement it correctly.

from markupsafe.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.