11========================
2- Announcing NumExpr 2.8.5
2+ Announcing NumExpr 2.8.6
33========================
44
55Hi everyone,
66
7- In 2.8.5 we have added a new function, `validate ` which checks an expression `ex `
8- for validity, for usage where the program is parsing a user input. There are also
9- consequences for this sort of usage, since `eval(ex) ` is called, and as such we
10- do some string sanitization as described below.
7+ NumExpr 2.8.6 is a release to deal with issues related to downstream `pandas `
8+ where the sanitization blacklist was hitting private variables used in their
9+ evaluate. In addition the sanitization was hitting on scientific notation.
10+
11+ For those who do not wish to have sanitization on by default, it can be changed
12+ by setting an environment variable, `NUMEXPR_SANITIZE=0 `.
13+
14+ If you use `pandas ` in your packages it is advisable you pin
15+
16+ `numexpr >= 2.8.6 `
17+
18+ in your requirements.
1119
1220Project documentation is available at:
1321
@@ -16,8 +24,13 @@ http://numexpr.readthedocs.io/
1624Changes from 2.8.5 to 2.8.6
1725---------------------------
1826
19- ** Under Construction **
27+ * The sanitization can be turned off by default by setting an environment variable,
28+
29+ `set NUMEXPR_SANITIZE=0 `
2030
31+ * Improved behavior of the blacklist to avoid triggering on private variables
32+ and scientific notation numbers.
33+
2134
2235What's Numexpr?
2336---------------
0 commit comments