
Security News
npm ‘is’ Package Hijacked in Expanding Supply Chain Attack
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
An implementation of lazy strings. Can be used in combination with gettext for the translation of web apps.
It's less beautiful than speaklater (an other implementation of lazy strings), but I wanted lazy strings that work even if a single thread interleaves the processing of many http requests (this happens with async frameworks).
postpone doesn't rely on a global state. And it doesn't use the thread.local()
trick that speaklater uses either.
Example of use:
.. code:: python
>>> from postpone import evalr, LazyString as _
>>> translations = {
"Order {item}.": "Commander {item}.",
"Take a nap": "Faire une sieste",
"Stare at the wall for %s minutes.": "Fixer le mur pendant %s minutes." ,
"a new pillow": "un nouvel oreiller"
}
>>> tasklist = [
_("Order {item}.").format(item = _("a new pillow")),
_("Take a nap") + '!',
_("Stare at the wall for %s minutes.") % 30
]
>>> evalr(tasklist, translations.get)
['Commander un nouvel oreiller.', 'Faire une sieste!', 'Fixer le mur pendant 30 minutes.']
evalr
walks python dictionaries, lists, tuples or sets and apply
a function to all the strings wrapped inside a LazyString
object.
To apply a function to the strings inside a single expression, you can use the eval
method:
.. code:: python
>>> s = _("Take a nap") + '!'
>>> s.eval(str.upper)
'TAKE A NAP!'
>>> s.eval(translations.get)
'Faire une sieste!'
Or, again, the evalr
function
.. code:: python
>>> evalr(_("a new pillow").capitalize(), translations.get)
'Un nouvel oreiller'
For most projects containing more than a few strings or languages, you'll probably want to use the gettext_ module to supply you with a translation function.
.. code:: python
import gettext
translation = gettext.translation("myproject", "./locale", ["fr"])
translated_tasklist = evalr(tasklist, translation.ugettext)
GitHub repo: https://github.com/leforestier/postpone
.. _gettext: https://docs.python.org/3/library/gettext.html
FAQs
A lazy string implementation that doesn't rely on a global or thread local state.
We found that postpone demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
The ongoing npm phishing campaign escalates as attackers hijack the popular 'is' package, embedding malware in multiple versions.
Security News
A critical flaw in the popular npm form-data package could allow HTTP parameter pollution, affecting millions of projects until patched versions are adopted.
Security News
Bun 1.2.19 introduces isolated installs for smoother monorepo workflows, along with performance boosts, new tooling, and key compatibility fixes.