Talk Python To Me #505: t-strings in Python (PEP 750)
50 snips
May 13, 2025 Dave Peck, a freelance software developer, joins Jim Baker, a veteran in Python and Jython, and Paul Everett, head of developer advocacy at JetBrains, to discuss the upcoming T-strings feature in Python. They delve into the evolution of string formatting, highlighting the security improvements of T-strings over f-strings, especially against SQL and HTML injections. The trio explores practical applications in web development, optimized templating, and the potential of T-strings for advanced data science workflows, all while sharing insights on community collaboration in Python's growth.
AI Snips
Chapters
Transcript
Episode notes
T-Strings Create Template Objects
- T-strings produce a new template type, unlike F-strings that produce a normal string.
- This enables libraries to distinguish static from dynamic parts and safely handle things like SQL or HTML escaping.
T-Strings Expose Interpolations
- Unlike F-strings, T-strings expose interpolation locations and values at runtime.
- This allows sanitization like escaping potentially harmful inputs, preventing injections.
Injection Prevention Motivation
- SQL, HTML, command shell injections are primary motivations behind T-strings.
- T-strings enable safer handling or transformations to prevent injection vulnerabilities.