TechPulseTechPulse
Back to News
Advertisement
Advertisement

⚡ Community Insights

Discussion Sentiment

58% Positive

Analyzed from 562 words in the discussion.

Trending Topics

#python#slower#code#https#ast#rust#faster#bandit#com#idiomatic

Discussion (13 Comments)Read Original on HackerNews

fwipabout 1 hour ago
I wonder if these lints could have been expressed as semgrep rules?
eskaabout 4 hours ago
I appreciate that you first tried to optimize the original Python code. Idiomatic Python is unfortunately disappointingly slow and not so interesting to compare to.
jerfabout 3 hours ago
I often use the rough approximation that Python is 40-50x slower than C. This is what you'll see in the benchmarks.

The truly rough thing about Python though is that that is the speed when the code is being written to a benchmark. It is really, really easy to write Python that is multiples slower than that when not writing to a benchmark and just trying to get work done without hyperoptimizing. I did some testing of Python [1] to back some other commentary I was making that compared the time it took to set an attribute repeatedly on a particular instance of an empty class to the time it took to setting it on a subclass of a subclass of a class that had a property setter that was wrapped by a decorator. The latter was about 4.6 time slower than the direct attribute setting, which was itself already ~100x slower than an attribute setting in a static language.

And it's not like a three-deep nested class with a property wrapped by a decorator is all that absurd in Python or anything. That's a completely normal case, not some absurd example I made up to skew the test.

In practice the 40-50x number is more lower bound than what you can count on. If you are actually using Python's features I think you can easily score another order of magnitude slower without anything jumping out at you as being an obviously bad idea.

[1]: https://jerf.org/iri/post/2024/not_about_python_addendum/

elevation41 minutes ago
> 40-50x number is more lower bound [...] easily score another order of magnitude slower

This is about what I observe. I had a utility based on `scapy`; there were no obviously bad ideas in the python source, but porting the work loop into a cpython extension module yielded a 500x speedup.

colechristensenabout 3 hours ago
A while back I had claude implement something, I don't quite remember what it was, but it chose Python. It was going to take hours. I told it to rewrite it in Rust and it was > 300000x faster. This is without any optimization or prompting particularly about performance, a short one shot lift.

echo "Python sucks, use something else when you can" >> ~/CLAUDE.md

Python was cool in 2005 in academia IT, all the rage in startup 2012. These days...

flockonusabout 3 hours ago
> not so interesting to compare to

Absolutely disagree here, something that is considered good practice is very interesting to compare to!

eskaabout 1 hour ago
I mean that mostly in the sense that there is huge variance in idiomatic code. So your optimized C/Rust code might be 100-1000x faster than two idiomatic versions of writing that code
westurnerabout 4 hours ago
Could this ast.sprint ast.walk optimization make libCST or bandit faster? https://news.ycombinator.com/item?id=39111747

libCST: https://github.com/Instagram/LibCST

bandit: https://github.com/PyCQA/bandit

Links to codemod tools; "Baby Steps into Genetic Programming" https://news.ycombinator.com/item?id=43617655

adhamiabout 4 hours ago
it's possible! although many of the constraints in this blog were because we wanted to work with ast module in Python. If we were allowed to create our own types, we can do so much better. I think ruff has an even faster walk by those standards.

It seems bandit is using some decent optimizations already, looking at the `@test.checks("Call")` seems like they already captured some easy wins.

The largest win honestly would be using the same ast.walk for multiple rules, which we also did, but not mentioned in the blog.

westurnerabout 4 hours ago
AST: Abstract Syntax Tree

FST: Full Syntax Tree

CST: Concrete Syntax Tree

Comment preservation is a feature

123rust123about 4 hours ago
let me guess, the improved version is written in Rust?
adhamiabout 4 hours ago
only because I'm too lazy to learn how to write C with Python, if anything Rust wasn't helpful with all of those unsafes
mananaysiempreabout 2 hours ago
You’d have to spend a bit of time picking apart your arguments and releasing stuff on early error returns, but otherwise the Python/C API is completely banal and doesn’t really have much to learn. It might be worth the time to poke at it at some point to assure yourself this is the case.

(Or you could switch to C++ and use pybind11, but now you’re just switching from one quite complex and somewhat off-putting language to another really complicated and very ugly one, so the win is less clear.)