[SciPy-dev] Cython and large generated .c files

Sturla Molden sturla@molden...
Mon Nov 9 04:12:09 CST 2009

Den 9. nov. 2009 kl. 06.51 skrev David Cournapeau <david@ar.media.kyoto-u.ac.jp 

> Matthew Brett wrote:
>> I think that size does matter, as they say, because, if we add a
>> moderate number of .pyx files to scipy, we can easily end up adding
>> megabytes of diff _per_commit_.
> The diff problem can be somewhat alleviated by marking the generated
> files as binary.

There is a security issue here: the genererated C code is difficult to  
review. Not that I think scipy developers cannot be trusted, but it is  
easy to hide malicious code in there. At least we need to verify  
that .pyx and generated .c match.

As for the diff issue: generated C must be considered binary. The  
purpose of a diff is for reviewing code. Those C files are hardly  
human readable.

Should we depend on Cython or include Cython? Or have a verified  
buildbot that converts SciPy's Cython source to C?


More information about the Scipy-dev mailing list