Readit News logoReadit News
mhils commented on Pdoc – Generate API documentation for Python projects   pdoc.dev/... · Posted by u/joshdavham
atoav · 4 months ago
Maybe it is me, but I find that idea unhinged and aesthetically/semantically offputting to a degree you would have to force me to do it. I know that isn't rational, but hey, it is my personal taste and those may differ.

I much prefer the way Rust did it, so just a separate type of comment-prefix for docstrings. In Rust a regular comment may be

  // this is a comment
  foo = 1.5;
while a docstring is simply

  /// this shows up in docs
  foo = 1.5;
with //! for docstrings at a module level. This is elegant. This is simple. It is a pythonic solution. Treating comments below a variable declaration implicity as a docstring is not. At the beginning of class or function declarations, ok (although I also would have prefered that to be above the declaration), but this.. I need a drink.

mhils · 4 months ago
FWIW I agree that the Rust way is nicer, but I can't impose the Rust way on Python. I guess the secret hack is to use PyO3, which pdoc supports quite well. ;)
mhils commented on Pdoc – Generate API documentation for Python projects   pdoc.dev/... · Posted by u/joshdavham
packetlost · 4 months ago
Any chance we could get a better solution to this problem: https://git.sr.ht/~chiefnoah/pybare/tree/master/item/pdoc_in...

There's a workaround for this case (relevant issue has a link at the top), which is cool, but it uses an "internal" function to solve it, which is not.

mhils · 4 months ago
pdoc3 is not pdoc, see https://github.com/mitmproxy/pdoc?tab=readme-ov-file#pdoc-vs....
mhils commented on Pdoc – Generate API documentation for Python projects   pdoc.dev/... · Posted by u/joshdavham
atoav · 4 months ago
Pdoc is great. I love it.

But there is one blemish.

They write on documenting variable assignments which don't support pythons __doc__ string:

> To compensate, pdoc will read the abstract syntax tree (an abstract representation of the source code) and include all assignment statements immediately followed by a docstring

I can't really understand that. I am programming Python for 14 years now, and any real codebase I have ever seen documents variables above their declaration. Even if there is some technical reason for it, if I saw a python developer comment what a variable declaration means below that declaration I would at least question their taste.

To me that particular implementation is so bad, that I would prefer pdoc without it.

mhils · 4 months ago
Let me try to explain why it is that way: First, it's consistent with Python functions. The docstring for functions is below the signature as well. Second, consider a file with only a docstring and then a variable declaration. Here it would be ambiguous if that's the module or the variable docstring. Finally, this behavior is consistent with other tools (and failed standardization efforts) in the space. So yeah - I share your sentiment, but I think it's the most pragmatic approach for pdoc. :)
mhils commented on Pdoc – Generate API documentation for Python projects   pdoc.dev/... · Posted by u/joshdavham
mhils · 4 months ago
pdoc maintainer here. Pleasant surprise to see us on HN again, and happy to answer any questions! :)
mhils commented on Pdoc – Generate API documentation for Python projects   pdoc.dev/... · Posted by u/joshdavham
kaycebasques · 4 months ago
In the 2021 thread [1] that dang linked to, there was some discussion of friendly and hostile forks. What's the status of the forks?

Are there any libraries similar to Doxylink [2] that ensure that links from Sphinx to pdoc (and vice versa) are valid?

[1] https://news.ycombinator.com/item?id=25903595

[2] https://sphinxcontrib-doxylink.readthedocs.io/en/stable/

mhils · 4 months ago
I'd say neither fork as made great strides since then, but I'm also biased here as the maintainer of pdoc.

There is no pdoc-specific library for link checking as far as I'm aware. It's all plain HTML though, so you can use a more general tool like https://lychee.cli.rs/. :)

mhils commented on Show HN: Subtrace – Wireshark for Docker Containers   github.com/subtrace/subtr... · Posted by u/adtac
mhils · a year ago
Congrats on the seccomp-based interception, that's a really neat way to solve this problem! We did some BPF_PROG_TYPE_CGROUP_SOCK eBPF shenanigans in mitmproxy for redirection, but that doesn't work with containers at all. Cool to see that intercepting all relevant syscalls works that well.
mhils commented on Httptap: View HTTP/HTTPS requests made by any Linux program   github.com/monasticacadem... · Posted by u/alexflint
mhils · a year ago
This is really cool, thank you for sharing! We've built a similar feature for mitmproxy lately, but with different tradeoffs. Our approach does require root and we don't have automated certificate install (yet), but we don't require apps to run in a dedicated namespace (so you can capture already-running processes). Super awesome to see this now, excited to dive into the code and see how you do TCP reassembly etc. :)
mhils commented on Httptap: View HTTP/HTTPS requests made by any Linux program   github.com/monasticacadem... · Posted by u/alexflint
alexflint · a year ago
Yeah mitmproxy is great. The main difference with httptap is that it's an HTTP proxy server, so you have to configure your program to use a proxy server. When I wrote httptap I wanted to be able to run `httptap <command>` and see the httptraces right there in standard output. There is an absolute ton of cool things that mitmproxy can do that httptap is not even close to, like interactively modifying HTTP requests and such. Very cool project.
mhils · a year ago
> so you have to configure your program to use a proxy server.

That's not true for local capture mode: https://mitmproxy.org/posts/local-capture/linux/. :)

mhils commented on PyPI now supports digital attestations   blog.pypi.org/posts/2024-... · Posted by u/miketheman
ris · a year ago
I'm not really convinced of the value of such attestations until a second party can reproduce the build themselves on their own hardware.

Putting aside the fact that the mechanisms underpinning Github Actions are a mystery black box, the vast vast vast majority of github workflows are not built in a reproducible way - it's not even something that's encouraged by Github Actions' architecture, which emphasises Actions' container images that are little more than packaged installer scripts that go and download dependencies from random parts of the internet at runtime. An "attestation" makes no guarantee that one of these randomly fetched dependencies hasn't been usurped.

This is not to go into the poor security record of Github Actions' permissions model, which has brought us all a number of "oh shit" moments.

mhils · a year ago
Fully reproducible builds would of course be nicer from a security standpoint, but attestations have vastly lower implementation costs and scale much better while still raising the bar meaningfully.
mhils commented on Mitmproxy 11: Full HTTP/3 Support   mitmproxy.org/posts/relea... · Posted by u/mhils
Onavo · a year ago
Do http/2 and http/3 offer any benefits if they are only supported by the reverse proxy but not the underlying web server? Most mainstream frameworks for JS/Python/Ruby don't support the newer http standards. Won't the web server be a bottleneck for the reverse proxied connection?
mhils · a year ago
One of the main promises of HTTP/3 is better performance under worse network conditions (e.g. no head-of-line blocking as in HTTP/2, connection migration, 0-RTT). For all of that HTTP/3 between client and proxy is really great. HTTP/3 between proxy and server is not required for that.
m

u/mhils

KarmaCake day1558July 26, 2012
About
https://hi.ls/ https://twitter.com/maximilianhils
View Original