
Security News
GitHub Actions Supply Chain Attack Puts Thousands of Projects at Risk
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Pypendency is a dependency injection library for python >=3.7.
pip install pypendency
Pypendency supports:
# application_bootstrap.py
from pypendency.builder import container_builder
from pypendency.definition import Definition
from pypendency.loaders.yaml_loader import YamlLoader
from pypendency.loaders.py_loader import PyLoader
# Manually
container_builder.set('random_object', object())
container_builder.set_definition(
Definition('another_random_object', 'builtins.object')
)
# File by file
YamlLoader(container_builder).load('/absolute/path/to/yaml/example.yaml')
PyLoader(container_builder).load('/absolute/path/to/python_file/example.py')
PyLoader(container_builder).load_by_module_name('python_file.example')
# Specifying a directory
YamlLoader(container_builder).load_dir('/absolute/path/to/yaml/')
PyLoader(container_builder).load_dir('/absolute/path/to/python_file/')
# path_to_yaml/example_di.yaml
example_class_identifier:
fqn: example.class.namespace.ClassName
args:
- '@another_example_class_identifier'
kwargs:
example_kwarg: '@random_object'
# python/file/namespace/example_di.py
from pypendency.argument import Argument
from pypendency.builder import ContainerBuilder
from pypendency.definition import Definition
def load(container_builder: ContainerBuilder):
container_builder.set("literal_string", "example_literal_string")
container_builder.set_definition(
Definition(
"another_example_class_identifier",
"another.example.class.namespace.AnotherClassName",
[
Argument.no_kw_argument("@literal_string"),
Argument("kw_arg_example", "@literal_string"),
]
)
)
Build the docker image:
docker build . -t pypendency-dev
Run tests:
docker run -v $(pwd)/.:/usr/src/app pypendency-dev bash -c "pipenv run make run-tests"
FAQs
A dependency injection tool for python
We found that pypendency demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A compromised GitHub Action exposed secrets in CI/CD logs, putting thousands of projects at risk and forcing developers to urgently secure their workflows.
Research
Security News
A malicious Maven package typosquatting a popular library is secretly stealing OAuth credentials on the 15th of each month, putting Java developers at risk.
Security News
Socket and Seal Security collaborate to fix a critical npm overrides bug, resolving a three-year security issue in the JavaScript ecosystem's most popular package manager.