First time posting here .
Inspired by a conversation I had with Ashley Sommer about a week ago after the latest major changes in Sanic have been pushed, also by this comment of his: https://github.com/huge-success/sanic/issues/1854#issuecomment-629607608. I think we should move the essential Sanic libraries under the Sanic organization. Examples of the libs I have on mind are:
- A session library (e.g. sanic-session)
- A form validation library (e.g. sanic-wtf)
- A testing library (e.g. pytest-sanic)
- Cors / Security headers library (e.g. sanic-cors)
- (Maybe) Jinja rendering lib
What many frameworks that are more popular than Sanic have in common is that they all have these packages well maintained and even documented in their framework’s docs. I understand why Sanic would refuse to bake these libraires into the framework itself, but treating them strictly as 3rd party libs is a bad idea in my opinion, because the majority of Sanic users use atleast one of these libraries.
The main reason I’m writing this is because after the most recent changes, the request context API has been changed. This broke a lot of the libraries and applications out there. This would be fine if the Sanic library maintainers out there fixed the libs quickly and in a backward compatible manner to support the LTS version of Sanic. Unfortunately, many maintainers don’t have the time to do that, let alone merge fixes to the latest version only.
I know that both sanic-cors and pytest-sanic are already being maintained by two Sanic maintainers. So those are OK the way they are I guess. However, both pyx/sanic-wtf and xen/sanic_session are not, and their maintainers are apparently either don’t use the lib anymore or aren’t active. So, is the community open to having these two libraries moved under the Sanic org? I can handle the migration process myself and ensure that their current versions work for both the latest Sanic and LTS Sanic.
For full disclosure, I built another session library myself for Sanic that adds a bit to what sanic-session already provides (I couldn’t add these features to sanic-session because it would break its API).
- Provides both client side and session side sessions
- Provides an auth session interface super-class
- Supports having more than one session per request
- Supports having more than one transport per session
- It’s a bit opinionated when it comes to the race-conditions avoidance mechanism, but that can be easily ignored/not used.
There’s also: pyx/sanic-cookiesession which is a very simple cookie session similar to what Flask provides natively.
Regardless of which libraries the community chooses to move under the Sanic organisation, I’ll be happy to lend a hand in maintaining them for the near future. I believe this will help developers build apps quicker and with more confidence because they won’t have to shop around for essential libraries and worry about their future and their maintanence status. Also, this will help keep these librarires secure and adhering to strict security standards. Especially that session and form handling are considered to be very exploitable parts in most applications. By doing this we help provide the stability needed for the community to grow.
Sorry for the long post
Have a safe weekend
- Sorry about not linking to all the libs I mentioned, new users can only post 2 links.