google / gae-secure-scaffold-python Goto Github PK
View Code? Open in Web Editor NEWLicense: Apache License 2.0
License: Apache License 2.0
I'm trying to use the ndb deferred library to set up a background task, but this doesn't seem to be supported as I get the error to the effect of Pickling is forbidden
.
I've tried various methods, but cannot add the methods to the pickle whitelist to get the setup described in the docs.
What would be even better is to allow pickling of any instance method to make this work without having to do something dirty like create custom deferred tasks in base
, but that seems to be tangential to this issue, as the error doesn't appear to have to do with whitelisting.
On the fifth step it can be read:
Visit https://developers.google.com/appengine/downloads, copy URL of "Linux/Other Platforms" zip file for current AppEngine SDK. Do this regardless of whether you are on Linux or OS X.
The link captioned as "Linux/Other Platforms" is not there anymore the main CTA inside that page actually points to the Google Cloud SDK which can be confusing.
In addition, installing the Google App Engine SDK from the old .dmg places its main folder in /usr/local
and running
bash util.sh -d
fails since the script is looking for the development server in /Users/<USER_NAME>/bin/google_appengine/dev_appserver.py
.
Are you able to include a list of all the pip dependencies in one requirements.txt file? For example:
Django==1.11.25
gcloud==0.18.3
google-api-python-client==1.7.11
pylint==1.9.5
unittest2==1.1.0
webapp2==2.5.2
WebOb==1.8.5
These can then all be installed easily in one go using virtualenv and the command:
pip install virtualenv
virtualenv env && source env/bin/activate
pip install -r requirements.txt
Hi there and thanks for the awesome scaffolding. Any idea how to get around this issue? I followed the README but when I run grunt I get this error. I read a bit online here and it seems like you can't have closurebuilder in the same directory as your app. Has anyone ran into this problem and have a straightforward solution? Thank you.
Grunt error below:
Traceback (most recent call last):
File "closure-library/closure/bin/build/closurebuilder.py", line 274, in
main()
File "closure-library/closure/bin/build/closurebuilder.py", line 214, in main
tree = depstree.DepsTree(sources)
File "/Users/adaro/LFL/cbc-frontend/cbc-pledge-frontend/closure-library/closure/bin/build/depstree.py", line 48, in init
provide, [self._provides_map[provide], source])
depstree.MultipleProvideError: Namespace "goog.events.BrowserFeature" provided more than once in sources:
PathSource closure-library/closure/goog/events/browserfeature.js
PathSource js/app.js
FAILED to run command for target: js
When running in development, the Python source code is run from out
, which means that changes made by the development appserver to index.yaml
are lost when rebuilding.
Are there best practices for detecting these changes and copying them back to src
, or for running in development from src
not out
?
self.app.config is sometimes reused between requests.
When reportOnly is removed from the csp_policy here the csp will behave as non-readonly on some consecutive requests.
The reportOnly item should be removed because it's not a valid csp entity. But it should only be removed for the current request. A solution would be to take a copy of the csp_policy.
Only tested locally using dev_appserver
_Compare should be replaced with hmac.compare_digest
https://docs.python.org/2/library/hmac.html
It's preferred to use hmac.compare_digest over hand-rolling
a constant-time comparison function, because it is difficult or impossible to
implement correctly in pure-python.
Fun example: https://bugs.python.org/issue15061#msg162758
Note that it takes different time to create a result of ord() depending
whether it's <=100 or > 100 due to caching of small numbers.
So definitely prefer hmac.compare_digest, if timing attacks are a worry.
I build project on Win10๏ผ
prolem is below:
Running "closureBuilder:js" (closureBuilder) task
Executing: python closure-library/closure/bin/build/closurebuilder.py -n app --root=closure-library --root=js --root=out/generated/js -o compiled --output_file=out/static/app.js --compiler_jar=closure-compiler/target/closure-compiler-v20160517.jar --compiler_flags="--compilation_level=ADVANCED_OPTIMIZATIONS"
Error: Command failed: python closure-library/closure/bin/build/closurebuilder.py -n app --root=closure-library --root=js --root=out/generated/js -o compiled --output_file=out/static/app.js --compiler_jar=closure-compiler/target/closure-compiler-v20160517.jar --compiler_flags="--compilation_level=ADVANCED_OPTIMIZATIONS"
closure-library/closure/bin/build/closurebuilder.py: Scanning paths...
closure-library/closure/bin/build/closurebuilder.py: 1523 sources scanned.
closure-library/closure/bin/build/closurebuilder.py: Building dependency tree..
Traceback (most recent call last):
File "closure-library/closure/bin/build/closurebuilder.py", line 293, in
main()
File "closure-library/closure/bin/build/closurebuilder.py", line 229, in main
tree = depstree.DepsTree(sources)
File "C:\Users\sheng.han\google\gae-secure-scaffold-python\closure-library\closure\bin\build\depstree.py", line 56, in init
raise NamespaceNotFoundError(require, source)
depstree.NamespaceNotFoundError: Namespace "goog.soy.data.SanitizedUri" never provided. Required in PathSource out\generated\js\soyutils_usegoog.js
FAILED to run command for target: js
I was having trouble with the test runner not finding third party libraries I had vendored in. I wanted to make sure the project I was working on could be downloaded by the client and the tests run without much work. I thought I was doing something wrong with the vendoring, but I pointed in the right direction by Jon Parret. He has an example here.
Following his lead third party libraries added to appengine_config.py can run within the test runner without needing to change the PythonPath or anything odd like that.
This is a great project!
It would be great to have something like this for Python3, having a boilerplate AppEngine application meant to provide a secure base on which to build additional functionality.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.