Metadata-Version: 2.2
Name: pikara
Version: 18.0.0.dev0
Summary: Safer Python pickles
Home-page: https://www.github.com/latacora/pikara
Author: Laurens Van Houtven (lvh)
Author-email: lvh@latacora.com
Maintainer: Laurens Van Houtven (lvh)
Maintainer-email: lvh@latacora.com
License: Apache v2
Keywords: pickle,security
Classifier: Development Status :: 3 - Alpha
Classifier: Intended Audience :: Developers
Classifier: Natural Language :: English
Classifier: License :: OSI Approved :: Apache Software License
Classifier: Operating System :: OS Independent
Classifier: Programming Language :: Python
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.4
Classifier: Programming Language :: Python :: 3.5
Classifier: Programming Language :: Python :: 3.6
Classifier: Programming Language :: Python :: 3.7
Classifier: Programming Language :: Python :: Implementation :: CPython
Classifier: Programming Language :: Python :: Implementation :: PyPy
Classifier: Topic :: Security
Classifier: Topic :: Software Development :: Libraries :: Python Modules
License-File: LICENSE
Requires-Dist: six
Requires-Dist: attrs
Provides-Extra: docs
Requires-Dist: sphinx; extra == "docs"
Requires-Dist: zope.interface; extra == "docs"
Provides-Extra: tests
Requires-Dist: coverage; extra == "tests"
Requires-Dist: hypothesis; extra == "tests"
Requires-Dist: pympler; extra == "tests"
Requires-Dist: pytest; extra == "tests"
Requires-Dist: six; extra == "tests"
Requires-Dist: zope.interface; extra == "tests"
Requires-Dist: pudb; extra == "tests"
Requires-Dist: pdbpp; extra == "tests"
Provides-Extra: dev
Requires-Dist: coverage; extra == "dev"
Requires-Dist: hypothesis; extra == "dev"
Requires-Dist: pympler; extra == "dev"
Requires-Dist: pytest; extra == "dev"
Requires-Dist: six; extra == "dev"
Requires-Dist: zope.interface; extra == "dev"
Requires-Dist: pudb; extra == "dev"
Requires-Dist: pdbpp; extra == "dev"
Requires-Dist: sphinx; extra == "dev"
Requires-Dist: zope.interface; extra == "dev"
Dynamic: author
Dynamic: author-email
Dynamic: classifier
Dynamic: description
Dynamic: home-page
Dynamic: keywords
Dynamic: license
Dynamic: maintainer
Dynamic: maintainer-email
Dynamic: provides-extra
Dynamic: requires-dist
Dynamic: summary

pikara
======

Safer pickles.

It's no secret Python's ``pickle`` module is unsafe. It's also enormously
popular. Most applications should really just use something else (like JSON).
Some really are best served by pickles, such as most uses of scientific Python.

This library can't fix the fundamental issues with pickle, but it can make
unpickling objects as safe as it ever is going to be. If you can, you should use
something else. If you can't, you should use this.

How does it work?
-----------------

This library gives you tools to specify a set of constraints around how
a pickle should behave and some general sniff checks for pickles. It
then lets you apply those checks to do entirely static analysis on a
pickle on the one hand, as well as apply some of the constraints to a
real unpickler object so they're also checked when you're actually
unpickling.

**WARNING**: This project can't save you if the model pickles you give
it do something dangerous. For example, if you're saving a machine
learning model that includes a numpy ndarray, and it turns out ndarray
actually has a code execution vulnerability in it on deserialization,
this package will not help you catch that.

Misc
----

"Pikara" is the Maori word for pickle.




`Full changelog <https://www.github.com/latacora/pikaraen/stable/changelog.html>`_.

Laurens Van Houtven (lvh) <lvh@latacora.com>
