Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
@pipcook/boa-cloud
Advanced tools
pybind11 is a lightweight header-only library that exposes C++ types in Python and vice versa, mainly to create Python bindings of existing C++ code. Its goals and syntax are similar to the excellent Boost.Python library by David Abrahams: to minimize boilerplate code in traditional extension modules by inferring type information using compile-time introspection.
The main issue with Boost.Python—and the reason for creating such a similar project—is Boost. Boost is an enormously large and complex suite of utility libraries that works with almost every C++ compiler in existence. This compatibility has its cost: arcane template tricks and workarounds are necessary to support the oldest and buggiest of compiler specimens. Now that C++11-compatible compilers are widely available, this heavy machinery has become an excessively large and unnecessary dependency.
Think of this library as a tiny self-contained version of Boost.Python with everything stripped away that isn't relevant for binding generation. Without comments, the core header files only require ~4K lines of code and depend on Python (2.7 or 3.x, or PyPy2.7 >= 5.7) and the C++ standard library. This compact implementation was possible thanks to some of the new C++11 language features (specifically: tuples, lambda functions and variadic templates). Since its creation, this library has grown beyond Boost.Python in many ways, leading to dramatically simpler binding code in many common situations.
Tutorial and reference documentation is provided at http://pybind11.readthedocs.org/en/master. A PDF version of the manual is available here.
pybind11 can map the following core C++ features to Python
std::shared_ptr
In addition to the core functionality, pybind11 provides some extra goodies:
Python 2.7, 3.x, and PyPy (PyPy2.7 >= 5.7) are supported with an implementation-agnostic interface.
It is possible to bind C++11 lambda functions with captured variables. The lambda capture data is stored inside the resulting Python function object.
pybind11 uses C++11 move constructors and move assignment operators whenever possible to efficiently transfer custom data types.
It's easy to expose the internal storage of custom data types through Pythons' buffer protocols. This is handy e.g. for fast conversion between C++ matrix classes like Eigen and NumPy without expensive copy operations.
pybind11 can automatically vectorize functions so that they are transparently applied to all entries of one or more NumPy array arguments.
Python's slice-based access and assignment operations can be supported with just a few lines of code.
Everything is contained in just a few header files; there is no need to link against any additional libraries.
Binaries are generally smaller by a factor of at least 2 compared to equivalent bindings generated by Boost.Python. A recent pybind11 conversion of PyRosetta, an enormous Boost.Python binding project, reported a binary size reduction of 5.4x and compile time reduction by 5.8x.
Function signatures are precomputed at compile time (using constexpr
),
leading to smaller binaries.
With little extra effort, C++ types can be pickled and unpickled similar to regular Python objects.
This project was created by Wenzel Jakob. Significant features and/or improvements to the code were contributed by Jonas Adler, Lori A. Burns, Sylvain Corlay, Trent Houliston, Axel Huebl, @hulucc, Sergey Lyskov Johan Mabille, Tomasz Miąsko, Dean Moldovan, Ben Pritchard, Jason Rhinelander, Boris Schäling, Pim Schellart, Henry Schreiner, Ivan Smirnov, and Patrick Stewart.
pybind11 is provided under a BSD-style license that can be found in the
LICENSE
file. By using, distributing, or contributing to this project,
you agree to the terms and conditions of this license.
FAQs
Use Python modules seamlessly in Node.js
The npm package @pipcook/boa-cloud receives a total of 2 weekly downloads. As such, @pipcook/boa-cloud popularity was classified as not popular.
We found that @pipcook/boa-cloud demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 6 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.