Исследование структуры кода с помощью модуля ast
При работе с кодом на Python, иногда возникает необходимость анализа его структуры. Для этого идеально подходит модуль ast (Abstract Syntax Trees), который предоставляет мощные инструменты для работы с абстрактными синтаксическими деревьями.
Что такое ast?
ast - это модуль Python, который позволяет разбирать и анализировать исходный код на Python, представляя его в виде абстрактного синтаксического дерева (AST). AST представляет собой структурированное представление кода, которое легко интерпретировать и анализировать.
Пример использования модуля ast:
import ast
code = "print('Hello, ast!')"
tree = ast.parse(code)
print(ast.dump(tree))
В данном примере мы использовали функцию ast.parse для разбора строки кода с помощью модуля ast. Функция ast.dump выводит структуру AST в удобочитаемом формате.
Анализ структуры кода:
import ast
code = """
def greet(name):
print(f'Hello, {name}!')
"""
tree = ast.parse(code)
for node in ast.walk(tree):
if isinstance(node, ast.FunctionDef):
print(f"Найдена функция: {node.name}")
elif isinstance(node, ast.Print):
print("Обнаружен оператор печати")
В данном примере мы использовали модуль ast для анализа структуры кода. Функция ast.walk позволяет обойти все узлы AST, а затем мы проверяем их типы для выделения определенных элементов, таких как функции или операторы.
Модуль ast также предоставляет возможности для более сложных операций, таких как изменение кода, создание новых выражений и многое другое.
#python#ast#анализкода
#python
I find poetry a great tool to manage Python requirements.
I used to manage Python requirements using requirements.txt(environment.yaml) and install them using pip(conda). The thing is, in this stack, we have to pin the version ranges manually. It is quite tedious, and we easily run into version problems for a large project.
Poetry is the savior here. When developing a package, we add some initial dependencies to the pyproject.yaml, a PEP standard. Whenever a new package is needed, we run poetry add package-name. Poetry tries to figure out the compatible versions. A lock file for the dependencies with restricted versions will be created or updated. To recreate an identical python environment, we only need to run poetry install.
There's one drawback and may be quite painful at some point. Recreating the lock file for dependencies is extremely slow when the complexity grows in the requirements. But this is not a problem if poetry but rather constraints from pypi. One solution to this problem is to use cache.
https://python-poetry.org/
#python
I thought it was a trivial talk in the beginning.
But I quickly realized that I may know every each piece of the code mentioned in the video but the philosophy is what makes it exciting.
He talked about some fundamental ideas of Python, e.g., protocols.
After watching this video, an idea came to me. Pytorch lightning has implanted a lot of hooks in a very pythonic way. This is what makes pytorch lightning easy to use. (So if you do a lot of machine learning experiments, pytorch lightning is worth a try.)
https://youtu.be/cKPlPJyQrt4
📰 Feature freeze for Python 3.15 as first beta released
JIT compiler much improved, but no reinstatement for leaky incremental garbage collector.
🔗 Source: https://www.theregister.com/devops/2026/05/11/feature-freeze-for-python-315-as-first-beta-released/5237934
#python
📰 New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of sensitive information from compromised hosts."The intrusion chain begins with execution of a batch script ('install_obf.bat') that disables Windows security controls, dynamically extracts an.
🔗 Source: https://thehackernews.com/2026/04/new-python-backdoor-uses-tunneling.html
#python
📰 PyPI package with 1.1M monthly downloads hacked to push infostealer
An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive developer data and cryptocurrency wallets.
🔗 Source: https://www.bleepingcomputer.com/news/security/pypi-package-with-11m-monthly-downloads-hacked-to-push-infostealer/
#python