Serpent, a serializer based on ast.literal_eval. Now also with Javaand .net implementations


Irmen de Jong


I've made "serpent", a serializer based around ast.literal_eval().
You can find it on Pypi:

Serpent takes a Python object tree and turns it into a serialized form that can be
safely read back by ast.literal_eval(). This avoids security issues that other
serialization protocols such as pickle have. It also has a few other nice properties
such as the readability of the serialized data.

I also wrote a Java and a .NET implementation so that you can easily exchange data
between the different ecosystemens. The library works with Python 2.6+ (including 3.x),
IronPython 2.7, Jython 2.7, Java 1.6, .NET 3.5, or newer versions.

A little bit of documentation can be found on serpent's Pypi page, including a little
demo program and its output. The full source and the Java/.NET versions are not
available from Pypi obviously, but a download link for them is provided in the description.

- Why not use XML? Answer: because XML.
- Why not use JSON? Answer: because JSON is quite limited in the number of datatypes it
supports, and you can't use comments in a JSON file.
- Why not use pickle? Answer: because pickle has security problems.
- Why not use repr()/ast.literal_eval()? See above; serpent is a superset of this and
provides more convenience. Serpent provides automatic serialization mappings for some
types other than the builtin primitive types. repr() can't serialize these to literals
that ast.literal_eval() understands.
- Why not a binary format? Answer: because binary isn't readable.
- But I don't care about readability. Answer: too bad, ast.literal_eval() wants a
literal string.
- But I want better performance. Answer: ok, maybe you shouldn't use serpent in this
case. Find an efficient binary protocol (protobuf?)
- Why only Python, Java and .NET, but no bindings for insert-favorite-language-here?
Answer: I don't speak that language. Maybe you could port serpent yourself?

Serpent on Pypi:

Irmen de Jong


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question