Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
`interface_meta` provides a convenient way to expose an extensible API with enforced method signatures and consistent documentation.
interface_meta
provides a convenient way to expose an extensible API with
enforced method signatures and consistent documentation.
This library has been extracted (with some modifications) from
omniduct
, a library also principally
written by this author, where it was central to the extensible plugin
architecture. It places an emphasis on the functionality required to create a
well-documented extensible plugin system, whereby the act of subclassing is
sufficient to register the plugin and ensure compliance to the parent API. As
such, this library boasts the following features:
override
decorator when replacing methods on an interface, making
it clearer as to when a class is introducing new methods versus replacing
those that form the part of the interface API.from abc import abstractmethod, abstractproperty
from interface_meta import InterfaceMeta, override, quirk_docs
class MyInterface(metaclass=InterfaceMeta):
"""
An example interface.
"""
INTERFACE_EXPLICIT_OVERRIDES = True
INTERFACE_RAISE_ON_VIOLATION = False
INTERFACE_SKIPPED_NAMES = {'__init__'}
def __init__(self):
"""
MyInterface constructor.
"""
pass
@abstractproperty
def name(self):
"""
The name of this interface.
"""
pass
@quirk_docs(method='_do_stuff')
def do_stuff(self, a, b, c=1):
"""
Do things with the parameters.
"""
return self._do_stuff(a, b, c)
@abstractmethod
def _do_stuff(self, a, b, c):
pass
class MyImplementation(MyInterface):
"""
This implementation of the example interface works nicely.
"""
@quirk_docs(method='_init', mro=False)
def __init__(self, a):
"""
MyImplementation constructor.
"""
self._init(a)
def _init(self, a):
"""
In this instance, we do nothing with a.
"""
pass
@property
@override
def name(self):
return "Peter"
@override
def _do_stuff(self, a, b, c):
"""
In this implementation, we sum the parameters.
"""
return a + b + c
Running help(MyImplementation)
reveals how the documentation is generated:
class MyImplementation(MyInterface)
| This implementation of the example interface works nicely.
|
| Method resolution order:
| MyImplementation
| MyInterface
| builtins.object
|
| Methods defined here:
|
| __init__(self, a)
| MyImplementation constructor.
|
| In this instance, we do nothing with a.
|
| do_stuff(self, a, b, c=1)
| Do things with the parameters.
|
| MyImplementation Quirks:
| In this implementation, we sum the parameters.
...
This library is released into an already crowded space, and the author would like to recognise some of the already wonderful work done by others. The primary difference between this and other libraries is typically these other libraries focus more on abstracting interface definitions and compliance, and less on the documentation and plugin registration work. While this work overlaps with these projects, its approach is sufficiently different (in the author's opinion) to warrant a separate library.
python-interface
has an emphasis on ensuring that implementations of various
interfaces strictly adhere to the methods and properties associated with
the interface, and that helpful errors are raised when this is violated.
By comparison this library focusses on functional comformance to parent classes, whereby methods on subclasses are allowed to include additional parameters. It also focusses on ensuring that documentation for such quirks in method signatures are correctly composed into the final documentation rendered for that method.
FAQs
`interface_meta` provides a convenient way to expose an extensible API with enforced method signatures and consistent documentation.
We found that interface-meta demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.