Security News
The Push to Ban Ransom Payments Is Gaining Momentum
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Readme
protovalidate-python
is the Python implementation of protovalidate
,
designed to validate Protobuf messages at runtime based on user-defined validation constraints. Powered by Google's
Common Expression Language (CEL), it provides a flexible and efficient foundation
for defining and evaluating custom validation rules. The primary goal of protovalidate
is to help developers ensure
data consistency and integrity across the network without requiring generated code.
protovalidate
projectHead over to the core protovalidate
repository for:
protovalidate
effectivelyprotoc-gen-validate
protovalidate
implementationsOther protovalidate
runtime implementations include:
protovalidate-go
protovalidate-cc
protovalidate-java
And others coming soon:
protovalidate-ts
To install the package, use pip:
pip install protovalidate
Make sure you have the latest version of protovalidate-python
by checking the
project's PyPI page.
Validation constraints are defined directly within .proto
files. Documentation for adding constraints can be found in
the protovalidate
project README and
its comprehensive docs.
syntax = "proto3";
package my.package;
import "google/protobuf/timestamp.proto";
import "buf/validate/validate.proto";
message Transaction {
uint64 id = 1 [(buf.validate.field).uint64.gt = 999];
google.protobuf.Timestamp purchase_date = 2;
google.protobuf.Timestamp delivery_date = 3;
string price = 4 [(buf.validate.field).cel = {
id: "transaction.price",
message: "price must be positive and include a valid currency symbol ($ or £)",
expression: "(this.startswith('$') or this.startswith('£')) and float(this[1:]) > 0"
}];
option (buf.validate.message).cel = {
id: "transaction.delivery_date",
message: "delivery date must be after purchase date",
expression: "this.delivery_date > this.purchase_date"
};
}
buf
When using the runtime library after installing it with pip
, it's necessary to generate the Python code for the core buf.protovalidate
Protobuf package. buf
provides an efficient method for this:
Initialize a New Configuration File:
buf mod init
This initializes the buf.yaml
configuration file at the root of the Protobuf source files.
Module Configuration and Dependencies:
# buf.yaml
version: v1
deps:
- buf.build/bufbuild/protovalidate
Ensure your dependencies are up-to-date with:
buf mod update
Setup Code Generation:
# buf.gen.yaml
version: v1
plugins:
- plugin: buf.build/protocolbuffers/python:v23.4
out: gen
Generate Code: To generate the required Python code:
buf generate --include-imports
If your goal is to generate code specifically for the buf.protovalidate
Protobuf package, run:
buf generate buf.build/bufbuild/protovalidate
Note: For users familiar with
protoc
, while it's an alternative tobuf
, it is recommended to use tooling or frameworks like Bazel for direct code generation, as it provides an encapsulated environment for such tasks.
import protovalidate
from google.protobuf.timestamp_pb2 import Timestamp
from my.package import Transaction
transaction = Transaction()
transaction.id = 1234
transaction.price = "$5.67"
transaction.purchase_date.CopyFrom(Timestamp())
transaction.delivery_date.CopyFrom(Timestamp())
try:
protovalidate.validate(transaction)
except protovalidate.ValidationError as e:
# Report the violations
protovalidate
core repositoryOffered under the Apache 2 license.
FAQs
Protocol Buffer Validation for Python
We found that protovalidate demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Ransomware costs victims an estimated $30 billion per year and has gotten so out of control that global support for banning payments is gaining momentum.
Application Security
New SEC disclosure rules aim to enforce timely cyber incident reporting, but fear of job loss and inadequate resources lead to significant underreporting.
Security News
The Python Software Foundation has secured a 5-year sponsorship from Fastly that supports PSF's activities and events, most notably the security and reliability of the Python Package Index (PyPI).