Research
Security News
Quasar RAT Disguised as an npm Package for Detecting Vulnerabilities in Ethereum Smart Contracts
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
home | https://github.com/ipython/traitlets |
pypi-repo | https://pypi.org/project/traitlets/ |
docs | https://traitlets.readthedocs.io/ |
license | Modified BSD License |
Traitlets is a pure Python library enabling:
Its implementation relies on the descriptor pattern, and it is a lightweight pure-python alternative of the traits library.
Traitlets powers the configuration system of IPython and Jupyter and the declarative API of IPython interactive widgets.
For a local installation, make sure you have pip installed and run:
pip install traitlets
For a development installation, clone this repository, change into the
traitlets
root directory, and run pip:
git clone https://github.com/ipython/traitlets.git
cd traitlets
pip install -e .
pip install "traitlets[test]"
py.test traitlets
traitlets
has adopted automatic code formatting so you shouldn't
need to worry too much about your code style.
As long as your code is valid,
the pre-commit hook should take care of how it should look.
To install pre-commit
locally, run the following::
pip install pre-commit
pre-commit install
You can invoke the pre-commit hook by hand at any time with::
pre-commit run
which should run any autoformatting on your code and tell you about any errors it couldn't fix automatically. You may also install black integration into your text editor to format code automatically.
If you have already committed files before setting up the pre-commit
hook with pre-commit install
, you can fix everything up using
pre-commit run --all-files
. You need to make the fixing commit
yourself after that.
Some of the hooks only run on CI by default, but you can invoke them by
running with the --hook-stage manual
argument.
Any class with trait attributes must inherit from HasTraits
.
For the list of available trait types and their properties, see the
Trait Types
section of the documentation.
To calculate a default value dynamically, decorate a method of your class with
@default({traitname})
. This method will be called on the instance, and
should return the default value. In this example, the _username_default
method is decorated with @default('username')
:
import getpass
from traitlets import HasTraits, Unicode, default
class Identity(HasTraits):
username = Unicode()
@default('username')
def _username_default(self):
return getpass.getuser()
When a trait changes, an application can follow this trait change with additional actions.
To do something when a trait attribute is changed, decorate a method with
traitlets.observe()
.
The method will be called with a single argument, a dictionary which contains
an owner, new value, old value, name of the changed trait, and the event type.
In this example, the _num_changed
method is decorated with @observe(`num`)
:
from traitlets import HasTraits, Integer, observe
class TraitletsExample(HasTraits):
num = Integer(5, help="a number").tag(config=True)
@observe('num')
def _num_changed(self, change):
print("{name} changed from {old} to {new}".format(**change))
and is passed the following dictionary when called:
{
'owner': object, # The HasTraits instance
'new': 6, # The new value
'old': 5, # The old value
'name': "foo", # The name of the changed trait
'type': 'change', # The event type of the notification, usually 'change'
}
Each trait type (Int
, Unicode
, Dict
etc.) may have its own validation or
coercion logic. In addition, we can register custom cross-validators
that may depend on the state of other attributes. For example:
from traitlets import HasTraits, TraitError, Int, Bool, validate
class Parity(HasTraits):
value = Int()
parity = Int()
@validate('value')
def _valid_value(self, proposal):
if proposal['value'] % 2 != self.parity:
raise TraitError('value and parity should be consistent')
return proposal['value']
@validate('parity')
def _valid_parity(self, proposal):
parity = proposal['value']
if parity not in [0, 1]:
raise TraitError('parity should be 0 or 1')
if self.value % 2 != parity:
raise TraitError('value and parity should be consistent')
return proposal['value']
parity_check = Parity(value=2)
# Changing required parity and value together while holding cross validation
with parity_check.hold_trait_notifications():
parity_check.value = 1
parity_check.parity = 1
However, we recommend that custom cross-validators don't modify the state of the HasTraits instance.
The IPython Development Team is the set of all contributors to the IPython project. This includes all of the IPython subprojects.
The core team that coordinates development on GitHub can be found here: https://github.com/jupyter/.
IPython uses a shared copyright model. Each contributor maintains copyright over their contributions to IPython. But, it is important to note that these contributions are typically only changes to the repositories. Thus, the IPython source code, in its entirety is not the copyright of any single person or institution. Instead, it is the collective copyright of the entire IPython Development Team. If individual contributors want to maintain a record of what changes/contributions they have specific copyright on, they should indicate their copyright in the commit message of the change, when they commit the change to one of the IPython repositories.
With this in mind, the following banner should be used in any source code file to indicate the copyright and license terms:
# Copyright (c) IPython Development Team.
# Distributed under the terms of the Modified BSD License.
FAQs
Traitlets Python configuration system
We found that traitlets demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 12 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers uncover a malicious npm package posing as a tool for detecting vulnerabilities in Etherium smart contracts.
Security News
Research
A supply chain attack on Rspack's npm packages injected cryptomining malware, potentially impacting thousands of developers.
Research
Security News
Socket researchers discovered a malware campaign on npm delivering the Skuld infostealer via typosquatted packages, exposing sensitive data.