Validation optional #153
Validation optional #153
Conversation
…of adding validation on/off to GlyphSet
Update tests. Fix errors. Add documenation.
Make validation optional
…. Those should always fail.
…itten. That's expensive.
Get encoding right for py2 and py3
Syncing with master
|
can you remind me again why in the end we decided to have lxml as hard dependency as opposed to use the ElementTree API (supported by both lxml and built-in ElementTree library) and try to use lxml when it's available else fall back to the built-in ElementTree library if not? I have mixed feelings because, on the one had, I'm happy when we add good third-party dependencies (usually better than our artisanal "reinvented" wheel); on the other hand, this shouldn't be done too lightly, especially when this is compiled extension, and one which, unlike the others (compreffor, pyclipper, etc.) we don't control directly. |
|
@anthrotype We could do that, not opposed. We wanted to make lxml the thing for speed, but understand wanting a graceful fallback. |
|
but maybe you or @typesupply decided to require lxml because you're depending on some lxml-specific features that are not available with the built-in elementtree library? |
|
or if it is, then fine, we can add lxml as required dependency. the problem is, we need to decide now, otherwise everybody who does pip install fontmake or fontParts or anything will get ImportError |
|
It's been a really long time since I wrote this... but, I didn't think I was relying on any LXML specific features. Falling back to ET when LXML isn't available is fine with me. |
|
we are using |
|
Ah, yeah. I forgot about that. It's so weird that ET doesn't have this. |
|
and also, the |
|
i'm going to encode as a UTF-8 bytes string and decode it as Unicode string before returning it from |
|
two more problems
- <glyph name="a" format="2">
+ <glyph format="2" name="a">
- <unicode hex="0062"/>
+ <unicode hex="0062" /> |
|
yeah, ElementTree's 😢 |
|
Perhaps that's enough to say "Alright, sorry, lxml is a requirement"? |
|
it was worth a try. I really wouldn't like to implement our own elementtree xml serializer.. |
|
@anthrotype Agree. If there is pushback on the lxml requirement, we can revisit. Thanks for all the work, really appreciated! |
|
just pushed v2.2.1. Oh, when tagging a new release, I like to "edit" the github release notes so that they will be displayed as formatted markdown, instead of as a monospaced code block that is used by default when pushing a git tag. I basically copy and paste the same text of the git tag. Probably there are tools to automate this, but I'm lazy. |
|
@anthrotype got it. and, thanks again; know we just did that one quick — it had been sitting for a while with no comments on the other thread so before the code got too stale it was merged. Thanks again for your running down ETree and everything — it is really appreciated! |
|
Thoughts about a major version increment for these changes? It sounds like the mandatory use of lxml writes may have the potential for large source text diffs c/w the last release for some users (if I understood Cosimo's comment above correctly) and the elimination of default source validation on UFO reads through the main i/o reading class is a significant change in expected behavior. This has the potential to lead to breakage in projects that depend on the previous default behaviors. |
|
@chrissimpkins Fair point. There shouldn't (fingers crossed) be too many diff changes, we didn't change the test cases and made lxml conform to the tests, though I suppose there will still be some. Also open to changing read to validate by default if that seems better. |
|
I also think it would be better to bump major version for this. I'll add the plistlib module from ufoLib2 and then go to 3.0, if you guys are also OK with it. |
|
@anthrotype Agree. What do you think about the default being to validate on |
|
maybe that could be safer, as long as it's easy to opt-out. |
|
in the defcon PR I linked, the defaults are rather the opposite of what @benkiel was suggesting: read is False, write is True.. Not sure what's best. |
|
My 2¢ is that validation should be on by default in all cases. That preserves backwards compatibility, for what that is worth. I also didn't engineer defcon against malicious input so I prefer that turning validation off be something that one has to knowingly do. |
|
makes sense. Ok, let's flip the default to be validate=True in ufoLib, and probably defcon too. |
|
I was just following ufoLib in defcon, will change it to read and write to be validated by default in defcon. |
|
@anthrotype done in #155. This now means that validation is on by default for both read and write (it was on for write before) |
Add the option to turn on/off validation. Switch to lxml.