Security News
Introducing the Socket Python SDK
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
django-pglock
performs advisory locks, table locks, and helps manage blocking locks.
Here's some of the functionality at a glance:
pglock.advisory
for application-level locking, for example, ensuring that tasks don't overlap.pglock.model
for locking an entire model.pglock.timeout
for dynamically setting the timeout to acquire a lock.pglock.prioritize
to kill blocking locks for critical code, such as migrations.PGLock
and BlockedPGLock
models for querying active and blocked locks.pglock
management command that wraps the models and provides other utilities.Use pglock.advisory
to acquire a Postgres advisory lock:
import pglock
with pglock.advisory("my_lock_id"):
# This code blocks until the "my_lock_id" lock is available
Above our code will block until the lock is available, meaning no instances of the function will run simultaneously. Use the timeout
argument to configure how long to wait for the lock. A timeout of zero will return immediately:
with pglock.advisory("my_lock_id", timeout=0) as acquired:
if acquired:
# The lock is acquired
Use side_effect=pglock.Raise
to raise a django.db.utils.OperationalError
if the lock can't be acquired. When using the decorator, you can also use side_effect=pglock.Skip
to skip the function if the lock can't be acquired:
@pglock.advisory(timeout=0, side_effect=pglock.Skip)
def non_overlapping_func():
# This function will not run if there's another one already running.
# The decorator lock ID defaults to <module_name>.<function_name>
pglock.model
can take a lock on an entire model during a transaction. For example:
from django.db import transaction
import pglock
with transaction.atomic():
pglock.model("auth.User")
# Any operations on auth.User will be exclusive here. Even read access
# for other transactions is blocked
pglock.model
uses Postgres's LOCK statement, and it accepts the lock mode as a argument. See the Postgres docs for more information.
Note pglock.model
is similar to pglock.advisory
. Use the timeout
argument to avoid waiting for locks, and supply the appropriate side_effect
to adjust runtime behavior.
pglock.prioritize
will terminate any locks blocking the wrapped code:
import pglock
@pglock.prioritize()
def my_func():
# Any other statements that have conflicting locks will be killed on a
# periodic interval.
MyModel.objects.update(val="value")
pglock.prioritize
is useful for prioritizing code, such as migrations, to avoid situations where locks are held for too long.
Use pglock.timeout
to dynamically set Postgres's lock_timeout runtime setting:
import pglock
@pglock.timeout(1)
def do_stuff():
# This function will throw an exception if any code takes longer than
# one second to acquire a lock
Use pglock.models.PGLock
to query active locks. It wraps Postgres's pg_locks view. Use pglock.models.BlockedPGLock
to query locks and join the activity that's blocking them.
Use python manage.py pglock
to view and kill locks from the command line. It has several options for dynamic filters and re-usable configuration.
django-pglock
is compatible with Python 3.8 - 3.12, Django 4.2 - 5.1, Psycopg 2 - 3, and Postgres 13 - 16.
View the django-pglock docs here to learn more about:
Install django-pglock
with:
pip3 install django-pglock
After this, add both pgactivity
and pglock
to the INSTALLED_APPS
setting of your Django project.
For information on setting up django-pglock for development and contributing changes, view CONTRIBUTING.md.
FAQs
Postgres locking routines and lock table access.
We found that django-pglock demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The initial version of the Socket Python SDK is now on PyPI, enabling developers to more easily interact with the Socket REST API in Python projects.
Security News
Floating dependency ranges in npm can introduce instability and security risks into your project by allowing unverified or incompatible versions to be installed automatically, leading to unpredictable behavior and potential conflicts.
Security News
A new Rust RFC proposes "Trusted Publishing" for Crates.io, introducing short-lived access tokens via OIDC to improve security and reduce risks associated with long-lived API tokens.