gh-138577: Fix keyboard shortcuts in getpass with echo_char#141597
gh-138577: Fix keyboard shortcuts in getpass with echo_char#141597vstinner merged 21 commits intopython:mainfrom
Conversation
When using getpass.getpass(echo_char='*'), keyboard shortcuts like Ctrl+U (kill line), Ctrl+W (erase word), and Ctrl+V (literal next) now work correctly by reading the terminal's control character settings and processing them in non-canonical mode.
picnixz
left a comment
picnixz
left a comment
There was a problem hiding this comment.
Thanks for doing this but this looks like a very complicate patch which is what I feared :( Also, I personally would use Ctrl+a/Ctrl+e for jumping at the start/end of what I write and ctrl+k (I think people are more familiar with ctrl+a/ctrl+k rather than ctrl+u for erasing an entire line in general...).
So I'm not really confident in actually changing this. I think deleting the last character that was typed (with DEL) is usually what people expect.
In addition, to make the feature more extendable in the future, I would prefer a tokenizer-based + dispatcher based approach instead (like we currently do for the REPL) because with many ifs like that it becomes hard to follow what's being done. But this would require an refactoring of this module which I don't really know if it's worth.
Lib/getpass.py
Outdated
| # Control chars from termios are bytes, convert to str | ||
| erase_char = term_ctrl_chars['ERASE'].decode('latin-1') if isinstance(term_ctrl_chars['ERASE'], bytes) else term_ctrl_chars['ERASE'] | ||
| kill_char = term_ctrl_chars['KILL'].decode('latin-1') if isinstance(term_ctrl_chars['KILL'], bytes) else term_ctrl_chars['KILL'] | ||
| werase_char = term_ctrl_chars['WERASE'].decode('latin-1') if isinstance(term_ctrl_chars['WERASE'], bytes) else term_ctrl_chars['WERASE'] | ||
| lnext_char = term_ctrl_chars['LNEXT'].decode('latin-1') if isinstance(term_ctrl_chars['LNEXT'], bytes) else term_ctrl_chars['LNEXT'] |
There was a problem hiding this comment.
Those are too long loines and they are unreadable. All of that can be a single function that is given the action to perform and the current capabilities.
Lib/getpass.py
Outdated
| erase_char = '\x7f' # DEL | ||
| kill_char = '\x15' # Ctrl+U | ||
| werase_char = '\x17' # Ctrl+W | ||
| lnext_char = '\x16' # Ctrl+V |
There was a problem hiding this comment.
Ideally, we should have them defined in a global private dict instead to ease maintenance.
Lib/getpass.py
Outdated
| term_ctrl_chars = { | ||
| 'ERASE': cc[termios.VERASE] if termios.VERASE < len(cc) else b'\x7f', | ||
| 'KILL': cc[termios.VKILL] if termios.VKILL < len(cc) else b'\x15', | ||
| 'WERASE': cc[termios.VWERASE] if termios.VWERASE < len(cc) else b'\x17', | ||
| 'LNEXT': cc[termios.VLNEXT] if termios.VLNEXT < len(cc) else b'\x16', | ||
| } |
There was a problem hiding this comment.
This code must be refactored with a combination of a global dict with the defaults and a function.
|
A Python core developer has requested some changes be made to your pull request before we can consider merging it. If you could please address their requests along with any other requests in other reviews from core developers that would be appreciated. Once you have made the requested changes, please leave a comment on this pull request containing the phrase |
Agree on this, since the original ticket asked for Ctrl+U, I would handle all these Ctrl characters.
I'm refactoring the patch to be more extensible in the future, especially as more control characters are added. |
|
It actually grew a lot bigger than I initially expected, but based on your review, I can iterate over this @picnixz |
|
It looks great. The patch itself is small but the tests are long so I think it is fine. Nonetheless I think it would be better to have it in 3.15 rather than in 3.14.1. WDYT? (i need to review it but not today) |
Lib/getpass.py
Outdated
|
|
||
| def refresh_display(self): | ||
| """Redraw the entire password line with asterisks.""" | ||
| self.stream.write('\r' + ' ' * (len(self.passwd) + 20) + '\r') |
There was a problem hiding this comment.
Why are we adding 20 extra characters?
There was a problem hiding this comment.
The +20 was an arbitrary buffer and has been removed. The current implementation now uses just len(self.passwd) to clear only the necessary characters:
self.stream.write('\r' + ' ' * len(self.passwd) + '\r')
Lib/getpass.py
Outdated
| self.ctrl = {name: _decode_ctrl_char(value) | ||
| for name, value in ctrl_chars.items()} |
There was a problem hiding this comment.
Can't we have the POSIX defaults already decoded?
|
Hi @picnixz 👋🏼 Sorry, it took some time to address the review here. I've refactored the patch & I think |
Lib/getpass.py
Outdated
| while self.cursor_pos > 0 and self.passwd[self.cursor_pos-1] == ' ': | ||
| self.cursor_pos -= 1 |
There was a problem hiding this comment.
You can actually skip the trailing spaces as follows:
stripped = self.passwd.rstrip(' ')
self.cursor_pos = self.cursor_pos - (len(self.passwd) - len(stripped))
Lib/getpass.py
Outdated
| while self.cursor_pos > 0 and self.passwd[self.cursor_pos-1] != ' ': | ||
| self.cursor_pos -= 1 |
There was a problem hiding this comment.
And here, use str.rfind using the start of the new cursor position.
* upstream/main: (1475 commits) Docs: replace all `datetime` imports with `import datetime as dt` (python#145640) pythongh-146153: Use `frozendict` in pure python fallback for `curses.has_key` (python#146154) pythongh-138234: clarify returncode behavior for subprocesses created with `shell=True` (python#138536) pythongh-140947: fix contextvars handling for server tasks in asyncio (python#141158) pythonGH-100108: Add async generators best practices section (python#141885) pythonGH-145667: Merge `GET_ITER` and `GET_YIELD_FROM_ITER` (pythonGH-146120) pythongh-146228: Better fork support in cached FastPath (python#146231) pythongh-146227: Fix wrong type in _Py_atomic_load_uint16 in pyatomic_std.h (pythongh-146229) pythongh-145980: Fix copy/paste mistake in binascii.c (python#146230) pythongh-146092: Raise MemoryError on allocation failure in _zoneinfo (python#146165) pythongh-91279: Note `SOURCE_DATE_EPOCH` support in `ZipFile.writestr()` doc (python#139396) pythongh-146196: Fix Undefined Behavior in _PyUnicodeWriter_WriteASCIIString() (python#146201) pythongh-143930: Reject leading dashes in webbrowser URLs pythongh-145916: Soft-deprecate ctypes.util.find_library (pythonGH-145919) pythongh-146205: Check the errno with != 0 in close impls in select module (python#146206) pythongh-146171: Fix nested AttributeError suggestions (python#146188) pythongh-146099: Optimize _GUARD_CODE_VERSION+IP via function version symbols (pythonGH-146101) pythongh-145980: Add support for alternative alphabets in the binascii module (pythonGH-145981) pythongh-145754: Update signature retrieval in unittest.mock to use forwardref annotation format (python#145756) pythongh-145177: Add emscripten run --test, uses test args from config.toml (python#146160) ...
|
Hey @picnixz 👋🏼 Thanks for the review :) I've addressed all your reviews. Can you please take another pass at this? |
picnixz
left a comment
picnixz
left a comment
There was a problem hiding this comment.
This looks great but I will try it locally to see whether there are other finalizing touches to do. Thanks for the awesome work though! I should review it by the end of next week.
|
I tried the reproducer: type "hello world", press Ctrl+W. I get: I expected the output:
There are ways to trigger this output error. For example, type "abc", press CTRL+A and then press "x": I expected the output: |
|
Oh I think the problem is the prompt being counted inside the buffer. We should simply have a single buffer for the password and prepend the prompt everytime we refresh the line instead |
Lib/getpass.py
Outdated
| '\b': self._handle_erase, # Backspace | ||
| } | ||
|
|
||
| def _refresh_display(self, prev_len=None): |
There was a problem hiding this comment.
The whole class is private, I don't think that it's useful to mark methods as private as well. Can you remove th underscore ("_") prefix from all methods?
There was a problem hiding this comment.
Done, I’ve made the change. Just for my understanding and to follow the preferred style going forward: if a class is already internal/non-public, is it generally considered unnecessary to prefix all its methods with _ as well?
There was a problem hiding this comment.
I don't know if it's a general rule, but yes, if a class is private, I consider that it's not needed to mark its methods as private as well.
…on into fix-pythongh-138577 * 'fix-pythongh-138577' of github.com:CuriousLearner/cpython: pythongh-146202: Create tmp_dir in regrtest worker (python#146347) pythongh-144319: obtain SeLockMemoryPrivilege on Windows (python#144928) pythongh-146199: Fix error handling in `code_richcompare` when `PyObject_RichCompareBool` fails (python#146200) pythongh-146197: Include a bit more information in sys._emscripten_info.runtime (python#146346) pythongh-135871: Reload lock internal state while spinning in `PyMutex_LockTimed` (pythongh-146064) pythongh-145719: Add `.efi` file detection in `mimetypes` (python#145720)
…8577 * 'main' of github.com:python/cpython: Remove inactive CODEOWNERS (python#145930) pythongh-140196: Added constructor behavior changes in ast.rst for python 3.13 (pythonGH-140243)
Co-authored-by: Victor Stinner <vstinner@python.org>
|
Yes, I'd like to double-check this either this evening or this w-e (I am a bit tight with my daily job's schedule) |
|
I will now review this PR locally and play with the REPL a bit. |
|
I found some errors when handling Ctrl+A/E so I fixed them. I also moved handling Ctrl+C into its own handler and the last commit should have reduced the diff. |
|
As I have other tasks I want to address with CPython, I didn't add more tests but could you extend the tests to test the cursor position after a Ctrl+A/Ctrl+E as well please? I wasn't able to find other bugs. FTR, my readline terminal is not capable of understanding control characters so maybe it could make sense to support |
| elif char == self.ctrl['EOF']: | ||
| # Handle EOF now as Ctrl+D must be pressed twice | ||
| # consecutively to stop reading from the input. | ||
| elif self.is_eof(char): |
There was a problem hiding this comment.
For posterity, but this state transition was really the most annoying. I collasped the if but it's not equivalent!
The flow is:
- EOF (first time) -> do nothing but record EOF pressed
- EOF (second time) -> stop!
If I do something else:
- EOF (first time) -> do nothing but record EOF pressed
- Any other character that is not EOF/EOL (including Ctrl+V) -> fall through and set
eof_pressed = Falsebefore reading the next character.
I considered having the state acceptance being in a function but I can't just encode three transitions ("break loop", "pass to handlers", "fall through") with just booleans so I decided against.
|
Merged, thanks for your contribution. |
|
|
IMO this change is too big to be backported to 3.14. Also, I see it as a new feature and we don't backport features. So 3.14 has to keep its behavior. The echo_char parameter was added to Python 3.14. The workaround for 3.14 is to not use echo_char parameter. |
|
Yes, I documented the limitations already so I don't think we need to backport. I don't want to break people relying on this. In addition, it's a bit niche but there were complaints so... I don't mind adding the support as a new feature. |
|
The Python version on the iOS buildbot should now be corrected. |
6 participants
Fixes #138577
When using
getpass.getpass(echo_char='*'), keyboard shortcuts likeCtrl+U(kill line),Ctrl+W(erase word), andCtrl+V(literal next) now work correctly by reading the terminal's control character settings and processing them in non-canonical mode.Tested with:
getpass'secho_charshould not affect keyboard shortcuts #138577📚 Documentation preview 📚: https://cpython-previews--141597.org.readthedocs.build/