Tech stack for Python aurweb

Baptiste Jonglez baptiste at bitsofnetworks.org
Wed Jun 3 21:37:00 UTC 2020


Hi,

On 02-06-20, Lukas Fleischer wrote:
> One thing I should have clarified much more in my first email in this
> thread is that this is part of a dual stack solution, with most of the
> code still being written in PHP and only specific pages being handled by
> the new framework. Everything we do (including database access, user and
> session management, ...) must be fully compatible with our PHP
> implementation, hence we would almost certainly not be able to use any
> of the more sophisticated features that these more comprehensive
> frameworks provide.

Right, I had not understood this would be such a strong design constraint.
In that case, yes, Django is clearly out of the loop.

I understand the advantages of a gradual rollout.  However there's a risk
that the new code can end up being inconsistent, with possible security
impacts.  You will have to really double-check any code related to
authentication, autorization, privilege, permissions, etc.

"Heavyweight" frameworks usually take care of that for you in a consistent
way, but here you will be mostly on your own.

> As you may have noticed from some of the patches submitted to the ML, we
> decided to use FastAPI over Flask.

Indeed, I didn't know FastAPI.  It looks like a more fancy/modern Flask,
which is a good sign.

Baptiste
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/aur-dev/attachments/20200603/cd4744b9/attachment.sig>


More information about the aur-dev mailing list