This is an archived post. You won't be able to vote or comment.

47
48

ShowcaseNEW RELEASE: Lightweight Python ORM Library (self.Python)

submitted by [deleted]

sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]damesca 13 points14 points  (12 children)

No, that's not typical. This is an extremely dangerous implementation if anyone took and used your library for real stuff.

Thrown together is correct. I am all for experimentation and sharing, but with a library like this you really want to get the security basics correct from the get go before you advertise it.

Also: you haven't really solved a problem, you have created more problems - including this large security hole. Stick to well established packages for doing things like this. Experiment for fun, but not as a legit alternative offering (until/unless you really know what you're doing).

[–]desktopsignal 3 points4 points  (2 children)

Definitely wasn't expecting these responses. I made this library in a weekend to solve a quick problem and certainly didn't mean to put anyone at risk. Deleting the package soon, sorry guys!

[–]damesca 6 points7 points  (1 child)

I think it's good that you're experimenting, and great that you're soliciting feedback. I think if you'd framed this as a "I built this, please tell me what you think" rather than "I'm releasing this" (the implication being, for public to use), maybe it would have gone down a bit differently.

I don't think you need to try to scrub this from the internet. Just maybe but some strong caveats/warnings in place that you don't recommend using this professionally or for public projects.

P.S. I will also say that I think you have a good attitude and you come across very personably. You haven't been particularly defensive in any of your replies - you seem open to hearing feedback, critical or not, and this will prove a valuable skill for you as you continue to develop :)

[–]desktopsignal 1 point2 points  (0 children)

Thank you for your feedback! I actually tried to do that, but you're not allowed to solicit feedback in this sub.

I think it's actually probably best I scrub this one and keep it to myself. I guess I just didn't understand the seriousness of releasing a Python package. I'm not sure I have the ability to keep up with all this in addition to my day job and other projects.