Differences between revisions 2 and 3
Revision 2 as of 2012-05-11 17:51:41
Size: 481
Editor: whit179
Comment:
Revision 3 as of 2012-05-11 17:56:47
Size: 879
Editor: whit179
Comment:
Deletions are marked like this. Additions are marked like this.
Line 14: Line 14:

= Alternatives =

 * The json module (http://docs.python.org/library/json.html) can handle dicts, lists, ints, floats, strings, booleans, and None. It cannot handle reference cycles, however. (pickle can.)
 * PyYAML (http://pyyaml.org/) can handle everything json can, as well as having comments inside source data, and reference cycles. However, it defaults to an unsafe pickle-like loader.

What is Pickle?

http://docs.python.org/library/pickle.html

Should I use Pickle?

Of course not.

  • It is insecure. Untrusted pickles can do arbitrary things. For example, this pickle executes arbitrary Python expressions: pickle.loads("c__builtin__\neval\n(c__builtin__\nraw_input\n(S'py> '\ntRtR.")

  • It is Python-only: pickles cannot be loaded in any other programming language / environment.
  • It is schemaless (may be seen as a benefit sometimes)

Alternatives

  • The json module (http://docs.python.org/library/json.html) can handle dicts, lists, ints, floats, strings, booleans, and None. It cannot handle reference cycles, however. (pickle can.)

  • PyYAML (http://pyyaml.org/) can handle everything json can, as well as having comments inside source data, and reference cycles. However, it defaults to an unsafe pickle-like loader.

Pickle (last edited 2012-05-12 05:24:57 by whit179)

Unable to edit the page? See the FrontPage for instructions.