{ "info": { "author": "Laurens Van Houtven (lvh)", "author_email": "lvh@latacora.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 3 - Alpha", "Intended Audience :: Developers", "License :: OSI Approved :: Apache Software License", "Natural Language :: English", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 2.7", "Programming Language :: Python :: 3", "Programming Language :: Python :: 3.4", "Programming Language :: Python :: 3.5", "Programming Language :: Python :: 3.6", "Programming Language :: Python :: 3.7", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", "Topic :: Security", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "pikara\n======\n\nSafer pickles.\n\nIt's no secret Python's ``pickle`` module is unsafe. It's also enormously\npopular. Most applications should really just use something else (like JSON).\nSome really are best served by pickles, such as most uses of scientific Python.\n\nThis library can't fix the fundamental issues with pickle, but it can make\nunpickling objects as safe as it ever is going to be. If you can, you should use\nsomething else. If you can't, you should use this.\n\nHow does it work?\n-----------------\n\nThis library gives you tools to specify a set of constraints around how\na pickle should behave and some general sniff checks for pickles. It\nthen lets you apply those checks to do entirely static analysis on a\npickle on the one hand, as well as apply some of the constraints to a\nreal unpickler object so they're also checked when you're actually\nunpickling.\n\n**WARNING**: This project can't save you if the model pickles you give\nit do something dangerous. For example, if you're saving a machine\nlearning model that includes a numpy ndarray, and it turns out ndarray\nactually has a code execution vulnerability in it on deserialization,\nthis package will not help you catch that.\n\nMisc\n----\n\n\"Pikara\" is the Maori word for pickle.\n\n\n\n\n`Full changelog `_.\n\nLaurens Van Houtven (lvh) ", "description_content_type": "", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://www.github.com/latacora/pikara", "keywords": "pickle,security", "license": "Apache v2", "maintainer": "", "maintainer_email": "", "name": "pikara", "package_url": "https://pypi.org/project/pikara/", "platform": "", "project_url": "https://pypi.org/project/pikara/", "project_urls": { "Homepage": "https://www.github.com/latacora/pikara" }, "release_url": "https://pypi.org/project/pikara/18.0.0.dev0/", "requires_dist": null, "requires_python": "", "summary": "Safer Python pickles", "version": "18.0.0.dev0" }, "last_serial": 3861390, "releases": { "18.0.0.dev0": [ { "comment_text": "", "digests": { "md5": "cf0af0cb896093f727e077dc995f63d7", "sha256": "fc39cc04cc5150e7e52630aa6dd33b2de6a641063406c720c570aca86b7523ca" }, "downloads": -1, "filename": "pikara-18.0.0.dev0.tar.gz", "has_sig": false, "md5_digest": "cf0af0cb896093f727e077dc995f63d7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12033, "upload_time": "2018-05-14T15:44:00", "url": "https://files.pythonhosted.org/packages/13/24/a2399aab3e95b1cc7eb7046ffbc0d46e98cc37d75107627245f76b429942/pikara-18.0.0.dev0.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "cf0af0cb896093f727e077dc995f63d7", "sha256": "fc39cc04cc5150e7e52630aa6dd33b2de6a641063406c720c570aca86b7523ca" }, "downloads": -1, "filename": "pikara-18.0.0.dev0.tar.gz", "has_sig": false, "md5_digest": "cf0af0cb896093f727e077dc995f63d7", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 12033, "upload_time": "2018-05-14T15:44:00", "url": "https://files.pythonhosted.org/packages/13/24/a2399aab3e95b1cc7eb7046ffbc0d46e98cc37d75107627245f76b429942/pikara-18.0.0.dev0.tar.gz" } ] }