A secure python pickle replacement

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mreithinger from gravatar.com mreithinger

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Lesser General Public License v3 or later (LGPLv3+) (UNKNOWN)
  • Author: Michael Reithinger
  • Tags library
Classifiers
Report project as malware

Project description

## larch.pickle - A secure python pickle replacement

This module can be used as transparent replacement for pickle. It does not suffer the
vulnerability of original pickle see: http://michael-rushanan.blogspot.de/2012/10/why-python-pickle-is-insecure.html.

Difference to python pickle:
- no memo attribute
- no clear_memo()
- no persistent_id interface
- byte string are always assumed to be utf-8 encoded
- `Pickler` has an additional `with_refs` parameter. Setting `with_refs`
to `false`, the pickler will ignore object references, this results in
an extra speed boost.


### Installation
larch-pickle needs the boost library for compilation. If boost
is not in the standard include path install it with:

`python build_ext -I /path/to/boost install`


### Speed compared to some other pickler packages

#### dump Dictionaries (10 loops)
| Package | Seconds | Size |
|:-------------|----------:|---------:|
| marshal | 0.454694 | 15975952 |
| larch-pickle | 0.586087 | 9714411 |
| ujson | 1.94068 | 13141354 |
| msgpack | 1.95001 | 9843459 |
| json | 2.1489 | 14365311 |
| cPickle | 4.29243 | 12781866 |
#### load Dictionaries (10 loops)
| Package | Seconds |
|:-------------|----------:|
| msgpack | 1.43802 |
| larch-pickle | 1.53487 |
| marshal | 1.56561 |
| cPickle | 2.44472 |
| ujson | 2.48116 |
| json | 5.78576 |
#### dump Objects (10 loops)
| Package | Seconds | Size |
|:-------------|----------:|---------:|
| larch-pickle | 0.968418 | 10094415 |
| ujson | 2.56079 | 13331354 |
| cPickle | 4.8822 | 12961909 |
#### load Objects (10 loops)
| Package | Seconds |
|:-------------|----------:|
| larch-pickle | 1.6902 |
| ujson | 2.51544 |
| cPickle | 2.58821 |
#### dump Strings (10 loops)
| Package | Seconds | Size |
|:-------------|----------:|---------:|
| marshal | 0.582926 | 32826787 |
| msgpack | 0.980826 | 29464951 |
| json | 1.18866 | 31966498 |
| ujson | 1.51086 | 30987525 |
| larch-pickle | 1.70253 | 17054823 |
| cPickle | 4.21949 | 19871780 |
#### load Strings (10 loops)
| Package | Seconds |
|:-------------|----------:|
| larch-pickle | 0.431427 |
| marshal | 0.449067 |
| msgpack | 0.549114 |
| cPickle | 1.70127 |
| ujson | 1.88499 |
| json | 3.17667 |
#### dump Lists (10 loops)
| Package | Seconds | Size |
|:-------------|----------:|---------:|
| marshal | 0.879272 | 42703907 |
| larch-pickle | 3.11243 | 21005671 |
| json | 3.27417 | 35917346 |
| ujson | 4.34822 | 34938373 |
| msgpack | 4.44871 | 31440375 |
| cPickle | 15.2853 | 33700258 |
#### load Lists (10 loops)
| Package | Seconds |
|:-------------|----------:|
| larch-pickle | 2.12795 |
| marshal | 2.14723 |
| msgpack | 2.41231 |
| ujson | 4.27773 |
| json | 5.29066 |
| cPickle | 8.1543 |

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for mreithinger from gravatar.com mreithinger

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: GNU Lesser General Public License v3 or later (LGPLv3+) (UNKNOWN)
  • Author: Michael Reithinger
  • Tags library
Classifiers

Release history Release notifications | RSS feed

1.4.6

1.4.5

1.4.4

1.4.3

1.1.3

1.1.2

1.1.0

This version

1.0.3

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

larch-pickle-1.0.3.tar.gz (3.9 MB view details)

Uploaded Source

Built Distributions

If you're not sure about the file name format, learn more about wheel file names.

larch-pickle-1.0.3.win32-py3.4.exe (262.2 kB view details)

Uploaded Source

larch-pickle-1.0.3.win32-py2.7.exe (588.9 kB view details)

Uploaded Source

File details

Details for the file larch-pickle-1.0.3.tar.gz.

File metadata

  • Download URL: larch-pickle-1.0.3.tar.gz
  • Upload date:
  • Size: 3.9 MB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for larch-pickle-1.0.3.tar.gz
Algorithm Hash digest
SHA256 96fdee328b2e50bd3e06500420f2e7071f92b16606cf3dcd4ddd1073500d1cc2
MD5 42f9cc9279ae5b4567ec03e96fc03117
BLAKE2b-256 56e6ca057c8319cd80e0bf886641c3bb82d55813688f0ebad2e1acc6b91fb3f0

See more details on using hashes here.

File details

Details for the file larch-pickle-1.0.3.win32-py3.4.exe.

File metadata

File hashes

Hashes for larch-pickle-1.0.3.win32-py3.4.exe
Algorithm Hash digest
SHA256 7edc4d222f2a31cad096db50c8f4f5ed80c8f6b302935dd01565a4528e8220f7
MD5 32c3a23f980462ff4aeb0a99edff601b
BLAKE2b-256 cbab09539142e1a663dd6adfbcb8db4bdec0f6d97c251507c3cfb463911c6293

See more details on using hashes here.

File details

Details for the file larch-pickle-1.0.3.win32-py2.7.exe.

File metadata

File hashes

Hashes for larch-pickle-1.0.3.win32-py2.7.exe
Algorithm Hash digest
SHA256 0a3ac0b7832828c1ca6cd4b09fdfa49855152078b0003e0d42987dc7b7c91b4f
MD5 eea9ba3f26489270a4788e58dd123d18
BLAKE2b-256 6a90860783c9f9c5509416019837aade22c256dcfc6c89f73b230159a607275b

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page