Socket
Socket
Sign inDemoInstall

zodbbrowser

Package Overview
Dependencies
Maintainers
2
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

zodbbrowser

ZODB browser

Maintainers
2

ZODB Browser

|buildstatus|_ |appveyor|_ |coverage|_

The ZODB browser allows you to inspect persistent objects stored in the ZODB, view their attributes and historical changes made to them.

.. warning::

ZODB is based on Python pickles, which are not secure -- they allow arbitrary command execution. Do not use zodbbrowser on databases from untrusted sources.

.. contents::

Usage as a standalone project

Install all the dependencies into the source tree with zc.buildout::

python bootstrap.py bin/buildout

Run bin/zodbbrowser specifying either a filename or a ZEO address ::

bin/zodbbrowser /path/to/Data.fs bin/zodbbrowser --zeo localhost:9080 bin/zodbbrowser --zeo /path/to/zeosock

If you don't have a spare Data.fs to test with, you can create a new empty one with just the barest Zope 3 scaffolding in it::

bin/zodbbrowser empty.fs --rw

Open http://localhost:8070 in a web browser. Note that there are no access controls; all other users on the local machine will be able to access the database contents.

Or you could try to use easy_install or pip. It may work or it may not, depending on the current state of all the dependencies (buildout.cfg hardcodes dependency version to a known-working-together state, called the "Zope 3.4 Known Good Set", so buildout-based installs are safer) ::

easy_install zodbbrowser zodbbrowser /path/to/Data.fs

Command-line options

Run bin/zodbbrowser --help to see a full and up-to-date list of command-line options::

Usage: zodbbrowser [options] [FILENAME | --zeo ADDRESS]

Open a ZODB database and start a web-based browser app.

Options: -h, --help show this help message and exit --zeo=ADDRESS connect to ZEO server instead --listen=ADDRESS specify port (or host:port) to listen on --rw open the database read-write (allows creation of the standard Zope local utilities if missing)

Help! Broken objects everywhere

If you don't want to see <persistent broken ...> everywhere, make sure your application objects are importable from the Python path. The easiest way of doing that is adding zodbbrowser to your application's buildout (or virtualenv, if you use virtualenvs). This way your application (or Zope's) nice repr will also be used.

Online help

There's a little 'help' link in the bottom-right corner of every page that describes the user interface in greater detail.

Usage as a plugin

Add zodbbrowser to the list of eggs (e.g. in buildout.cfg of your app) and add this to your site.zcml::

Rerun bin/buildout, restart Zope and append @@zodbbrowser to the end of the URL to start browsing, e.g. http://localhost:8080/@@zodbbrowser. Or, if you still use ZMI (the Zope Management Interface), look for a new menu item titled "ZODB Browser".

Alternatives

There's a package called z3c.zodbbrowser in the Zope svn repository that implements the same idea (but without history browsing) as a GUI desktop application written using wxPython. It doesn't have a website and was never released to the Python Package Index.

There's also dm.historical__ which provides access to object history from an interactive Python shell.

__ https://pypi.python.org/pypi/dm.historical

If you're not interested in history or objects that cannot be reached through URL traversal, you can use the built-in object inspector that comes with Zope 3 / Grok.

Authors

ZODB Browser was developed by Tautvilas Mečinskas (tautvilas@pov.lt) and Marius Gedminas (marius@pov.lt) from Programmers of Vilnius <https://pov.lt/>. It is licenced under the Zope Public Licence <https://opensource.org/licenses/ZPL-2.0>.

Please report bugs at https://github.com/mgedmin/zodbbrowser/issues.

There's an old bugtracker at https://bugs.launchpad.net/zodbbrowser but I'd really rather prefer new bugs in GitHub.

.. |buildstatus| image:: https://api.travis-ci.com/mgedmin/zodbbrowser.svg?branch=master .. _buildstatus: https://travis-ci.com/mgedmin/zodbbrowser

.. |appveyor| image:: https://ci.appveyor.com/api/projects/status/github/mgedmin/zodbbrowser?branch=master&svg=true .. _appveyor: https://ci.appveyor.com/project/mgedmin/zodbbrowser

.. |coverage| image:: https://coveralls.io/repos/mgedmin/zodbbrowser/badge.svg?branch=master .. _coverage: https://coveralls.io/r/mgedmin/zodbbrowser

Changes

0.17.1 (2020-11-25)


- Fix interpreter crash (BTree_rangeSearch: Assertion 'highbucket != NULL'
  failed) in historical state computation for large OOBTrees (`GH #33 <https://github.com/mgedmin/zodbbrowser/issues/33>`__).


0.17 (2020-11-24)
~~~~~~~~~~~~~~~~~

- Fix @@zodbbrowser_history when using ZEO (AttributeError:
  'TransactionIterator' object has no attribute 'close', `GH #31 <https://github.com/mgedmin/zodbbrowser/issues/31>`__).

- Fix OOBTree history browsing that regressed in 0.11.0: it was showing only a
  subset of changes (those that touched the OOBTree itself) and wasn't showing
  others (those that touched deeper OOBTreeBuckets).

- Fix TypeError for SampleContainer subclasses that use a non-persistent
  ``__data`` attribute (GH: #18) 

- Make @@zodbbrowser_history give up rendering all the details if it takes
  too long (more than 10 seconds); you can force fast mode by adding ``fast``
  to the query parameters, and you can force full mode by adding ``full`` to
  the query parameters.

- Make it possible to turn off the (slow) history part of @@zodbbrowser
  by adding ``nohist`` to the query parameters.


0.16.2 (2020-11-24)

  • Incomplete fix for @@zodbbrowser_history when using ZEO, broken since 0.12 (AttributeError: 'TransactionIterator' object has no attribute 'close', GH #31 <https://github.com/mgedmin/zodbbrowser/issues/31>__).

  • Add support for Python 3.8 and 3.9.

  • Drop support for Python 3.5.

0.16.1 (2019-07-30)


- Fix system error when an object refers to another object that was
  added in a newer transaction (`GH #29 <https://github.com/mgedmin/zodbbrowser/issues/29>`__).


0.16.0 (2019-07-24)
  • You can now view disassembled raw pickle data.

0.15.2 (2019-07-11)


- Stop depending on the obsolete ZODB3 metapackage from 2012.  Instead
  depend directly on persistent, BTrees, ZODB, and ZEO.


0.15.1 (2019-04-23)
  • Dropped Python 3.4 support.

0.15.0 (2019-04-02)


- Add support for Python 3.7.

- Add support for PyPy and PyPy3.

- Support zope.security proxies in PURE_PYTHON mode.

- Use our custom __repr__ instead of the new persistent one.

- Transaction IDs in generated URLs are now in hex.

- 100% test coverage.


0.14.0 (2017-11-15)

  • Add support for Python 3.4, 3.5, 3.6.

  • Drop support for ZODB 3.8.

0.13.1 (2017-10-06)


- Fixed @@zodbbrowser_history with recent versions of ZODB (AttributeError:
  MVCCAdapterInstance doesn't have attribute ``iterator``).


0.13.0 (2016-11-24)

  • Dropped Python 2.6 support (because ZODB---more specifically BTrees---dropped it).

  • Fixed rollback to work with transaction >= 2.0 (transaction notes must be Unicode now).

0.12.0 (2015-02-25)


- Show request URLs in history record headers (`GH #7 <https://github.com/mgedmin/zodbbrowser/issues/7>`__).
- Automate ZCML loading for Plone (`GH #9 <https://github.com/mgedmin/zodbbrowser/issues/9>`__).
- Fix standalone zodbbrowser when used with Zope 2 packages (`GH #10 <https://github.com/mgedmin/zodbbrowser/issues/10>`__).


0.11.2 (2015-01-09)
  • Fix AttributeError: repr when encountering instances of old-style classes (GH #6 <https://github.com/mgedmin/zodbbrowser/issues/6>__).

0.11.1 (2014-12-12)


- Updated bootstrap.py (`GH #3 <https://github.com/mgedmin/zodbbrowser/issues/3>`__).
- Fixed @@zodbbrowser_history not seeing new transactions because the
  cache is forever (`GH #4 <https://github.com/mgedmin/zodbbrowser/issues/4>`__).


0.11.0 (2013-05-29)
  • Dropped Python 2.4 and 2.5 support.
  • Migrated source from Launchpad to Github.
  • Custom representation of OOBucket objects.
  • Slightly better error pages when you specify an invalid/nonexistent OID.
  • Handle OrderedContainers with non-persistent _order or _data attributes (I've seen the first in the wild).
  • Partial fix for LP#1185175 <https://pad.lv/1185175>__: cannot browse objects of classes that use zope.interface.implementsOnly.

0.10.4 (2012-12-19)


- The previous release was completely broken (`LP#1091716 <https://pad.lv/1091716>`__).  Fix the issue,
  and fix tox.ini to actually run functional tests in addition to unit tests.


0.10.3 (2012-12-06)
  • Custom representation of persistent objects with no repr to avoid showing misleading memory addresses (LP#1087138 <https://pad.lv/1087138>__).

0.10.2 (2012-11-28)


- Bugfix for POSKeyErrors when viewing BTrees of non-trivial sizes
  (`LP#953480 <https://pad.lv/953480>`__).  This fixes a regression introduced in version 0.10.0.


0.10.1 (2012-11-27)

  • Standalone app mode uses the Zope exception formatter for easier debugging.

  • Bugfix for weird LocationError: 'class' for some containers with custom traversal rules.

  • Links to persistent objects in value representations now also use hex OIDs.

0.10.0 (2012-02-29)


- Browsing of transaction records (@@zodb_history).  Initial implementation so
  far, unbelievably slow when you have large databases (`LP#907900 <https://pad.lv/907900>`__).

- ZODB Browser now avoids writing to the database even in read-write mode.
  Previously when your objects had write-on-read semantics, those writes might
  have snuck in.

- More descriptive page titles (`LP#931115 <https://pad.lv/931115>`__).

- Show object size in the header (`LP#497780 <https://pad.lv/497780>`__).

- Expand truncated values by clicking on them (`LP#931184 <https://pad.lv/931184>`__).

- More user-friendly representation of multiline text values.

- Update maintainer email in setup.py.

- Better error message for "address already in use" errors.


0.9.0 (2011-10-21)
~~~~~~~~~~~~~~~~~~

- Make it possible to use zodbbrowser as a plugin for Zope 2.12.  Previously
  you could only use the standalone zodbbrowser app with Zope 2.12 databases.

- Be more robust against exceptions happening in repr(): show the value as
  "<unrepresentable Foo>" instead of erroring out.

- Make 'python -m zodbbrowser' run the standalone app on Python 2.5 and 2.7.
  Note that 'python -m zodbbrowser.standalone' already worked on Python 2.4
  through 2.7.

- Add an option to specify ZEO storage name (--storage NAME). Contributed by
  Thierry Florac.


0.8.1 (2010-12-18)
~~~~~~~~~~~~~~~~~~

- Show tuple differences more clearly in the history.  (Uses a really dumb
  diff algorithm that just looks for a common prefix/suffix.  Works really
  well when you append to the end, or remove just a single item.  I cannot
  use difflib.SequenceMapper because there's no guarantee tuple items are
  hashable.)

- Make it possible to locate an object by OID: press g, then type the oid
  (hex and both decimal supported; even octal, should you wish to use it).
  You can also find subobjects starting from a given OID by entering paths
  like '0x1234/sub/object'.

- Catch and display unpickling errors of the current state, not just
  historical older states.

- Handle missing interfaces that are directly provided by persistent objects.

  This works for the standalone zodbbrowser application; the zope.interface
  monkey-patch for this is too intrusive to install when using zodbbrowser
  as a plugin.

- Made ``pip install zodbbrowser`` work properly by adding explicit
  dependencies that easy_install would've picked up from setuptools extras.

  Note: if you get ``AttributeError: __file__``, make sure
  zope.app.applicationcontrol is at least version 3.5.9.  Older versions will
  not work with pip.


0.8.0 (2010-11-16)
~~~~~~~~~~~~~~~~~~

- Support all kinds of ZODB databases, not just those used by Zope 3/BlueBream
  apps (`LP#494987 <https://pad.lv/494987>`__).

- Renders tuples and lists that contain large dicts better.

- Remove dependency on zope.dublincore/zope.app.dublincore (`LP#622180 <https://pad.lv/622180>`__).


0.7.2 (2010-08-13)
~~~~~~~~~~~~~~~~~~

- Fixed TypeError: int() can't convert non-string with explicit base
  that could occur if no persistent objects were accessible from the request,
  and no explicit oid was passed.

- Handle proxies better: when type(obj) != obj.__class__, show both.

- Handle ContainedProxy objects with their special persistence scheme.


0.7.1 (2010-03-30)
~~~~~~~~~~~~~~~~~~

- IMPORTANT BUGFIX: don't leave old object states lying around in ZODB object
  cache, which could lead to DATA LOSS (`LP#487243 <https://pad.lv/487243>`__ strikes again, this time
  for OrderedContainers).

  I've audited the code and am fairly confident this bug is now dead dead
  dead.

- Try to discard data modifications when the DB is opened read-only.

- Avoid deprecated zope.testing.doctest.

- Avoid zope.app.securitypolicy; use zope.securitypolicy.


0.7 (2009-12-10)
~~~~~~~~~~~~~~~~

- Stopped using setuptools extras; now easy_install zodbbrowser is sufficient
  to run the standalone app.


0.6.1 (2009-12-09)
~~~~~~~~~~~~~~~~~~

- Compatibility with latest Zope packages, including ZODB 3.9.x.


0.6 (2009-12-07)
~~~~~~~~~~~~~~~~

- Ability to revert object state to an older version.  Requires a read-write
  database connection (i.e. run bin/zodbbrowser --rw).  The button is hidden
  and appears when you're hovering over a transaction entry in the list.
- Collapse long item lists by default.


0.5.1 (2009-11-23)
~~~~~~~~~~~~~~~~~~

- IMPORTANT BUGFIX: don't leave old object states lying around in ZODB object
  cache, which could lead to DATA LOSS (`LP#487243 <https://pad.lv/487243>`__).  This affected OOBTree
  objects.


0.5 (2009-11-23)
~~~~~~~~~~~~~~~~

- Be a bit more tolerant to unpickling errors (show which revision could not
  be loaded instead of breaking the whole page).
- Show full history of OOBTree objects and subobjects (`LP#474334 <https://pad.lv/474334>`__).
- Change background color of links on hover, to make it clear what
  object you'll see when you click, especially when the __repr__ shown
  contains reprs of subobjects.
- Show size of containers next to the "Items" heading (`LP#486910 <https://pad.lv/486910>`__).
- Show size of containers next to their representation, e.g.
  "<persistent.dict.PersistentDict object at 0xad0b3ec> (0 items)".
- Pay attention when __name__ is declared as a class attribute (`LP#484899 <https://pad.lv/484899>`__).
- Show names of directly provided interfaces on objects (i.e. show a better
  representation of pickled zope.interface.Provides objects).
- Pretty-printing of dictionaries (including nested ones).


0.4 (2009-10-11)
~~~~~~~~~~~~~~~~

- @@zodbbrowser oid and tid parameters now accept values in hex format (0x0123)
  Patch by Adam Groszer.


0.3.1 (2009-07-17)
~~~~~~~~~~~~~~~~~~

- Fixed install error on Windows (path cannot end in /).


0.3 (2009-07-17)
~~~~~~~~~~~~~~~~

- First public release

Keywords

FAQs

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Developers Burned by Elasticsearch’s License Change Aren’t Going Back, Despite Its Return to Open Source

Security News

Developers Burned by Elasticsearch’s License Change Aren’t Going Back, Despite Its Return to Open Source

Elastic’s return to open source with the AGPL license has been met with skepticism, as many developers see it as a strategic move rather than a genuine effort to restore user trust and freedoms.

By Sarah Gooding  -  Sep 06, 2024
Introducing Dashboard Analytics

Product

Introducing Dashboard Analytics

We're introducing a new Analytics feature in the Socket dashboard so you can view changes in your organization's and repositories' alerts over time.

By Charlie Gerard  -  Sep 05, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc