Python | Stack | Fluid Attacks Help

Python

Rationale

Python is Fluid Attacks' main back-end programming language.

The main reasons why we chose it over other alternatives are:
  1. It is Open Source.
  2. It is a high level programming language that is fairly easy to understand when compared to others.
  3. It has a big community that supports thousands of libraries, making it very flexible.
  4. It has a big market, allowing us to easily find developers that have worked with it previously.
  5. It partially supports static typing (as an extension rather than built-in), which helps with maintainability, clarity and debugging.
  6. It is an interpreted language, meaning that it does not require to be compiled before execution, which helps saving time.

Alternatives

The following languages are being considered.
Although all these languages are better than Python in most scenarios, they are not currently being used mainly due to:
  1. Using new languages makes it harder for developers to do their job, as it forces them to learn those new languages, increasing cognitive complexity.
  2. Increasing the number of languages we support, also makes our stack more complex.
  3. Technical debt, as migrating a component from one language to another is no easy task.

Go

  1. It is Open Source.
  2. It has a slightly more complex syntax than Python.
  3. Being a modern programming language, its community is still growing and is not as big as Python's.
  4. It has a growing market, with more and more companies and developers embracing it.
  5. Due to its spike in popularity, it feels like the Python of the future.
  6. It is a compiled language, meaning that it requires to spend extra time on compilation, but also increases source code quality by validating many things that interpreted languages like Python do not.
  7. It is much better than Python in terms of dependency management and setting up environments.
  8. It supports self-contained binaries, which allows to easily distribute applications for any platform.
  9. It has built-in async support, ideal for intensive I/O applications.
  10. It has an acceptable multi-processing support, ideal for cpu-intensive applications.
Go looks like a very solid alternative for pretty much everything that is currently built in Python, as it provides a middle ground between modernity, accessibility and achieving high-quality software.

TypeScript

  1. It is Open Source.
  2. It has a slightly more complex syntax than Python.
  3. Like Python, it has a big community, which makes it very flexible.
  4. It also has a big market, so finding developers is not a problem.
  5. Its static typing support is much better than Python's.
  6. It also is an interpreted language, meaning that compilation is not necessary.
  7. It is much better than Python in terms of dependency management and setting up environments.
  8. It has built-in async support, ideal for intensive I/O applications.
  9. It is our second most-used language, meaning that migrating components to TypeScript would reduce the number of languages we support (less complexity) and also decrease cognitive load on developers.
TypeScript looks like a very solid alternative for non-cpu-intensive components like:
  1. Integrates Back
  2. Forces
  3. Observes ETLs
  4. Melts

Rust

  1. It is Open Source.
  2. It has a much more complex syntax than Python.
  3. Being a modern programming language, its community is still growing and is not as big as Python's.
  4. It has a small market, so finding experienced developers is way harder.
  5. It is one of the most reliable programming languages right now. It is memory-safe, has very powerful static typing, and allows to write highly maintainable and reliable applications in the long term.
  6. It is a compiled languagemeaning that it requires to spend extra time on compilation, but also increases source code quality by validating many things that interpreted languages like Python do not.
  7. It is much better than Python in terms of dependency management and setting up environments.
  8. It supports self-contained binaries, which allows to easily distribute applications for any platform.
  9. It is one of the fastest programming languages on the market.
Rust looks like a very solid alternative for cpu-intensive applications like:

Usage

Python is used by:
  1. Integrates Back
  2. Skims
  3. Sorts
  4. Forces
  5. Observes ETLs
  6. Melts