Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
python-editor
is a library that provides the editor
module for programmatically
interfacing with your system's $EDITOR.
import editor
commit_msg = editor.edit(contents=b"# Enter commit message here")
Opens an editor, prefilled with the contents, # Enter commit message here
.
When the editor is closed, returns the contents (bytes) in variable commit_msg
.
Note that the argument to contents
needs to be a bytes object on Python 3.
editor.edit(file="README.txt")
Opens README.txt in an editor. Changes are saved in place. If there is
a contents
argument then the file contents will be overwritten.
editor.edit(..., use_tty=True)
Opens the editor in a TTY. This is usually done in programs which output is piped to other programs. In this case the TTY is used as the editor's stdout, allowing interactive usage.
editor
first looks for the ${EDITOR} environment variable. If set, it uses
the value as-is, without fallbacks.
If no $EDITOR is set, editor will search through a list of known editors, and use the first one that exists on the system.
For example, on Linux, editor
will look for the following editors in order:
When calling editor.edit
, an editor will be opened in a subprocess, inheriting
the parent process's stdin, stdout.
FAQs
Programmatically open an editor, capture the result.
We found that python-editor demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.