2009/3/20 Christian Theune <ct@gocept.com>:
- _protections.py module. It defines a NoProxy checker for zope.i18nmessageid.Message and adds __name__ and __parent__ attributes to _available_by_default. This module was executed in zope.app.security.__init__ and generally does useful things for most of applications. The problem is that neither zope.i18nmessage, nor zope.location already depend on zope.security. One solution is to move the protections in that packages, placing the code into "try/except ImportError" block to avoid hard dependency.
That last solution seems reasonable. I think Christian Theune has had some dealings with a strategy like this during our dependency refactoring sprint; Christian?
Sorry, I've stared at the issue for a while but can't remember that I had (something like) that during the sprint.
It's nevermind now :) I just added those protections to zope.security itself. -- WBR, Dan Korostelev