Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Argument parsing for the lazy.
# $ cat example.py
import json
def func(jsondict, dbg=False):
"""
put descriptive docstring here
"""
pass # use jsondict
if __name__ == '__main__':
import argz
f = argz.route(func)
f.jsondict.adapter = [open, json.load] # will be chained
argz.go() # will use sys.argv as input
Running:
$ example.py
Usage:
example.py jsondict [-dbg]
for detailed help, use any of (-h, /h, -?, /?, /help, --help)
$ example.py -h
|> jsondict [-dbg]
|
| jsondict
| adapter | [<built-in function open>, <function load at 0x0336B1B0>]
| dbg
| default | False
| adapter | <type 'bool'>
|
|- - doc - -
|
| put descriptive docstring here
|_ _ _ _ _ _
Download the file or use pip:
pip install argz
You can pass any argument by name or by position.
An argument will be treated as named if it starts with a double dash --
, otherwise* as positional.
You can pass a mishmash of positional and named arguments, because argz
will keep track of which arguments are left to parse according to the order in the function's definition.
* except for switches
To pass arguments from a file to your script you can prefix its path with @
. This must be the first argument passed to the script. If there are multiple routes the route name must be included in the file as the first argument.
Currently argz
does not allow a mixture of file input and command line input.
A callable object that accepts the string argument and returns the 'adapted' value, which will passed later to the routed function.
If the adapter is instead a sequence, each will be chained so that the return value of the former is passed to the latter, using the last returned value as input to the routed function.
To abort the parsing process, you may raise any exception. The message
property will be printed to the user.
Used to validate the input before any adapting is done. Can be one of the following types:
__contains__
def func(alphanum, filepath, key, novalidation):
"""
put descriptive docstring here
"""
pass
# ...
f = argz.route(func)
f.alphanum.validator = '[a-zA-Z0-9]{2,}'
f.filepath.validator = os.path.isfile
f.key.validator = {'option1': 1, 'option2': 2}
argz.go()
You can set a minimum and/or maximum value for an argument:
def func(count):
"""
put descriptive docstring here
"""
pass
# ...
f = argz.route(func)
f.count.min = 1 # same for max
argz.go()
These constraints will be checked after validation and adapters have run.
Both values are inclusive. For example, unsigned char
range would be:
min = 0; max = 0xFF
Setting either one will deem an argument optional, however, they have one major difference:
Default is any value that will be passed to the called route without any parsing or validation.
Fallback is a string value that will pass all validations and parsing, as if it was specified via the commandline.
If the argument was not provieded via the commandline, argz
will use either fallback
or default
. The fallback
value takes precedence.
If a default value is specified in the function definition, argz
will use it as the argument's default and infer a default adapter in some cases (see SUPPORTED_INFERRED_ADAPTERS
).
Function arguments that have a default boolean value will be inferred as a switch. This means this argument can also be passed using a single dash without a value following it (e.g. -dbg
). Doing so will 'switch' the default value (False
to True
, and vice versa)
The dbg
argument from the example.py
code above demonstrates this.
Setting the split
member of an argument changes a few things:
min
\ max
value(s) will be checked against the length of the listIf the function accepts them, any additional positional and named arguments will be passed in varargs/kwargs respectively.
Adapter(s) and validator will be called with the entire list/dictionary, and they must return a value of the same type.
Setting arguments properties can be done in two ways:
f = argz.route(func)
f.myvar.min = 1
f = argz.route(func)
f[0].min = 1
Note: argument names are case sensitive
The following graph illustrates the flow for parsing an argument (varargs\kwargs do not support splitting the input):
+------------+ +-----------+ +-----------+
| fallback | | input | | default |
+-----+------+ +-----+-----+ +-----+-----+
| | |
+-------+-------+ |
| |
v |
+----+-----+ |
| split? | |
+---+-+----+ |
| | |
| | Yes |
+----------+ v |
| +--------+--------+ |
No | | min / max len | |
| +--------+--------+ |
+-------+ | |
| | +-----------+ |
V v v | |
+--------+----+---+ | |
| | | |
| validator | | |
| + | | |
| v | | |
| adapter chain | | |
| | | |
+--------+----+---+ | |
| | | |
| | split? | |
| | | |
| +-----------+ |
+--------+---------+ |
| min / max check | (if not split) |
+--------+---------+ |
| |
v |
+-------+--------+ |
| return value | <------------------+
+----------------+
You can 'export' several different routes using argz
.
This means that the user must choose which one they want to run:
# $ cat example_routes.py
from os.path import isfile
def entry1(filepath, dbg=False):
pass
def entry2(count):
pass
# ...
if __name__ == '__main__':
import argz
argz.route(entry1).validator = isfile
argz.route(entry2).count.min = 1
argz.go()
Running:
$ example_routes.py
Available routes:
> 'entry1' filepath [-dbg]
> 'entry2' count
for detailed help, use any of (-h, /h, -?, /?, /help, --help)
you can specify the route name (e.g. -h MY_ROUTE)
$ example_routes.py -h
|> 'entry1' filepath [-dbg]
|
| filepath
| dbg
| default | False
| adapter | <type 'bool'>
|_ _ _ _ _ _
|> 'entry2' count
|
| count
| 1 <= X
|_ _ _ _ _ _
Note: routes are allowed to run without arguments, so long as there is more than one route available.
You can specify custom doc string to print when verbose help is shown by passing doc
argument to route
. To completely suppress it pass an empty string.
If you use a single route that accepts an argument whose name is in HELP_OPTIONS
, you can replace those by specifying a custom_help_options
list when calling go
.
To enable logging:
set ARGZ_LOG=<LOG_LEVEL>
LOG_LEVEL
will be passed to Logger.setLevel
added some unit-tests, run runtests.bat
MIT
_
) in argument namesRoute
object properties
FAQs
Argument parsing for the lazy
We found that argz demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.