Security News
NIST Misses 2024 Deadline to Clear NVD Backlog
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
This SDK is still considered a work in progress, therefore things might (and will) break with every update.
This SDK current supports the following versions of CloudEvents:
Package cloudevents provides primitives to work with CloudEvents specification: https://github.com/cloudevents/spec.
The CloudEvents SDK can be installed with pip:
pip install cloudevents
Below we will provide samples on how to send cloudevents using the popular
requests
library.
from cloudevents.http import CloudEvent
from cloudevents.conversion import to_binary
import requests
# Create a CloudEvent
# - The CloudEvent "id" is generated if omitted. "specversion" defaults to "1.0".
attributes = {
"type": "com.example.sampletype1",
"source": "https://example.com/event-producer",
}
data = {"message": "Hello World!"}
event = CloudEvent(attributes, data)
# Creates the HTTP request representation of the CloudEvent in binary content mode
headers, body = to_binary(event)
# POST
requests.post("<some-url>", data=body, headers=headers)
from cloudevents.conversion import to_structured
from cloudevents.http import CloudEvent
import requests
# Create a CloudEvent
# - The CloudEvent "id" is generated if omitted. "specversion" defaults to "1.0".
attributes = {
"type": "com.example.sampletype2",
"source": "https://example.com/event-producer",
}
data = {"message": "Hello World!"}
event = CloudEvent(attributes, data)
# Creates the HTTP request representation of the CloudEvent in structured content mode
headers, body = to_structured(event)
# POST
requests.post("<some-url>", data=body, headers=headers)
You can find a complete example of turning a CloudEvent into a HTTP request in the samples' directory.
The code below shows how to consume a cloudevent using the popular python web framework flask:
from flask import Flask, request
from cloudevents.http import from_http
app = Flask(__name__)
# create an endpoint at http://localhost:/3000/
@app.route("/", methods=["POST"])
def home():
# create a CloudEvent
event = from_http(request.headers, request.get_data())
# you can access cloudevent fields as seen below
print(
f"Found {event['id']} from {event['source']} with type "
f"{event['type']} and specversion {event['specversion']}"
)
return "", 204
if __name__ == "__main__":
app.run(port=3000)
You can find a complete example of turning a CloudEvent into a HTTP request in the samples' directory.
The goal of this package is to provide support for all released versions of CloudEvents, ideally while maintaining the same API. It will use semantic versioning with following rules:
@denysmakogon
on slack).Each SDK may have its own unique processes, tooling and guidelines, common
governance related material can be found in the
CloudEvents docs
directory. In particular, in there you will find information concerning
how SDK projects are
managed,
guidelines
for how PR reviews and approval, and our
Code of Conduct
information.
If there is a security concern with one of the CloudEvents specifications, or with one of the project's SDKs, please send an email to cncf-cloudevents-security@lists.cncf.io.
We use black and isort for autoformatting. We set up a tox environment to reformat the codebase.
e.g.
pip install tox
tox -e reformat
For information on releasing version bumps see RELEASING.md
FAQs
CloudEvents Python SDK
We found that cloudevents demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
NIST has failed to meet its self-imposed deadline of clearing the NVD's backlog by the end of the fiscal year. Meanwhile, CVE's awaiting analysis have increased by 33% since June.
Security News
Cloudflare has launched a setup wizard allowing users to easily create and manage a security.txt file for vulnerability disclosure on their websites.
Security News
The Socket Research team breaks down a malicious npm package targeting the legitimate DOMPurify library. It uses obfuscated code to hide that it is exfiltrating browser and crypto wallet data.