The current stable version at the time of writing this post is Python 3.6.3. The version 3.6, brought with it a few really nice updates. So let’s get to know them. As you can probably imagine, the new version of Python brings quite a few new features and fixes. I won’t be covering everything in the update, but I’ve the link What’s New In Python 3.6 , where you can get to know the entire in’s and out’s of Python 3.6 .Consider this blog post to be the highest of highlights.
The addition that exists me the most is the new format in string literals. You’ve probably used this string method format to put some external data into a string.Like this, name = " CodeBig " and then
print (“ Hello, my name is {} ”.format(name)) .
You’ve done this, and it works every time. And it also works for simple Python statements, like
print (“ 2 + 2 = {} ”.format(2+2))So this is such a common scenario that they’ve put a shortcut into the language.We now you can skip the entire format call.And you can use the new F marker for strings.
print (f” Hello, my name is {name} ”)and we get hello, my name is CodeBig. So it brings the name variable that’s in the current scope, which was defined up here, and it puts it into the string.We can also do this with simple statements like before, so
print (f" 2 + 2 = {2+2} “) and we get 2 + 2 = 4.
While we’re talking about presentation things, if you regularly have to code large numbers, the addition of underscores to numbers makes them a little easier.So 1_000_000 * 10. And you get the new number. Python will just ignore the underscores and sees this as a million times 10. Most of you might be duh!!! but it will definitely help anyone who has to type out long numbers. It will mostly come in handy when you are using scientific Python like SciPy or NumPy.
If you’ve been using Python 3’s function annotation abilities or Python 3.5’s typing module, you’ll be happy to know that variable annotation has come to Python. We will jump over to PyCharm, and we’ll talk about this there. So now, if you have a type checker set up like the one that’s installed by default in PyCharm, you can annotate variables being of a particular type, and then you get some handy user information when you want to use them later.
So let’s say that age is an int, and then we can set it to a default value to 35. Now, PyCharm can infer that from the variable that was set before but you’ll also see things like if you’re trying to use this variable and you’re trying to use it in a way that’s not compatible with an int, if not you can get error messages.All of these changes, well, minor, definitely make working with strings and big numbers nicer in Python. The variable typing will definitely make a big impact on larger code bases too.I’m sure you will find yourself using the f-strings constantly.
One of the bigger changes that came to 3.6, is the new secrets module. One of the bigger changes that came to 3.6, is the new secrets module.This module provides handy tools for generating random numbers, tokens, and other security related data.Let me show you quickly how to use some of these new features.
We will start off by importing secrets, import secrets
The first useful thing in the secrets module is the ability to generate cryptographically strong, random numbers and tokens.You would use these numbers and tokens for generating encrypted messages, passwords, and even further tokens.
Now, why not use the random module? Well, random is meant for modeling in everyday usage like in games, not for security implementation. To get a random number though, from the secrets module, you’ll generally use one of two functions, randbelow: secrets.randbelow(50) and randbits: secrets.randbits(256) .
randbelow, as you can probably guess, gives you a random number below some other number. It’s similar to random Rand range function but again it’s meant for use in cryptographic scenarios. Probably more often though you’re going to want a random number of a given number of bits, so of a given size. If you’re generating keys, for instance, it’s really recommended to have a seed of at least 32 bytes which would be 256 bits. So randbits, and then we pass in the number of bits which we want 256 of them, and we get a number like that.Now that 256 is for current security recommendations.Ever since the advancement in hardware, brute force operations have gotten easier than ever
There are three different functions for generating tokens and each of them take a number of tokens to use in the generation of that token. Well, let’s get a 256-bit token, so 32 bytes. So secrets.token_hex(32). We can get bytes, hexadecimal or a token that would be URL friendly. Let's try the hex in URL versions( secrets.token_urlSafe(32)). So those are both handy little tokens that we could use. Not a lot of difference between these two like they're both the same kind of range of characters. But still a good idea to use the URL safe method when you know your token is going to travel across the wire in a URL . Now we can use these tokens or tokens like them to encode a message, and then use the secrets module to make sure the message hasn't been tampered with.
So I’m gonna import hmac so that I can generate a cryptographically secure message. And then I'm going to a new token, and this time I'm going to use the token bytes because hmac expects a bytes string for the key. And again I will go with 32 bytes. If I look at token, it's a bunch of bytes, and let's make msg1 = hmac.new, and we're going to use that token to encrypt it. And we have to give a message here, so I'm just gonna say 'Hi there'. And the message needs to be bytes as well. So now, let's be sneaky, and we'll do msg1.copy and make a copy of that message.And then we'll do msg2.update'Sneaky sneaky', and we'll add a new message to it. So now I can use secrets.compare_digest. And I can compare msg1.digest to msg1.digest, and I get that that's true. Because it is, it's the exact same message that message has not changed.
But if I compare msg1's digest to msg2's digest, I get false, since I tampered with the message by adding more data to it, the comparison fails for the second one.I'm sure the secrets module is going to get even more handy functions in the future so be sure to keep your eyes on it.There's lots more to explore in this update to Python.
Happy Coding.
