python · zooba · Jun 27, 2019 · Jun 24, 2019 · Jun 24, 2019 · Jun 24, 2019
diff --git a/Doc/c-api/code.rst b/Doc/c-api/code.rst
@@ -45,7 +45,7 @@ bound into a function.
       The first parameter (*argcount*) now represents the total number of positional arguments,
       including positional-only.
 
-   .. audit-event:: code.__new__ "code filename name argcount posonlyargcount kwonlyargcount nlocals stacksize flags"
+   .. audit-event:: code.__new__ code,filename,name,argcount,posonlyargcount,kwonlyargcount,nlocals,stacksize,flags c.PyCode_New
 
 .. c:function:: PyCodeObject* PyCode_NewEmpty(const char *filename, const char *funcname, int firstlineno)
 

diff --git a/Doc/c-api/sys.rst b/Doc/c-api/sys.rst
@@ -291,8 +291,6 @@ accessible to C code.  They all work with the current interpreter thread's
 
 .. c:function:: int PySys_Audit(const char *event, const char *format, ...)
 
-   .. index:: single: audit events
-
    Raises an auditing event with any active hooks. Returns zero for success
    and non-zero with an exception set on failure.
 
@@ -311,8 +309,6 @@ accessible to C code.  They all work with the current interpreter thread's
 
 .. c:function:: int PySys_AddAuditHook(Py_AuditHookFunction hook, void *userData)
 
-   .. index:: single: audit events
-
    Adds to the collection of active auditing hooks. Returns zero for success
    and non-zero on failure. If the runtime has been initialized, also sets an
    error on failure. Hooks added through this API are called for all

diff --git a/Doc/library/array.rst b/Doc/library/array.rst
@@ -83,7 +83,7 @@ The module defines the following type:
    to add initial items to the array.  Otherwise, the iterable initializer is
    passed to the :meth:`extend` method.
 
-   .. audit-event:: array.__new__ "typecode initializer"
+   .. audit-event:: array.__new__ typecode,initializer array.array
 
 .. data:: typecodes
 

@@ -0,0 +1,21 @@
+.. _audit-events:
+
+.. index:: single: audit events
+
+Audit events table
+==================
+
+This table contains all events raised by :func:`sys.audit` or
+:c:func:`PySys_Audit` calls throughout the CPython runtime and the
+standard library.
+
+See :func:`sys.addaudithook` and :c:func:`PySys_AddAuditHook` for
+information on handling these events.
+
+.. impl-detail::
+
+   This table is generated from the CPython documentation, and may not
+   represent events raised by other implementations. See your runtime
+   specific documentation for actual events raised.
+
+.. audit-event-table::
@@ -1509,13 +1509,13 @@ object is available:
    :c:type:`int`, which is of course not always the truth, so you have to assign
    the correct :attr:`restype` attribute to use these functions.
 
-.. audit-event:: ctypes.dlopen name
+.. audit-event:: ctypes.dlopen name ctypes.LibraryLoader
 
    Loading a library through any of these objects raises an
    :ref:`auditing event <auditing>` ``ctypes.dlopen`` with string argument
    ``name``, the name used to load the library.
 
-.. audit-event:: ctypes.dlsym "library name"
+.. audit-event:: ctypes.dlsym library,name ctypes.LibraryLoader
 
    Accessing a function on a loaded library raises an auditing event
    ``ctypes.dlsym`` with arguments ``library`` (the library object) and ``name``
@@ -2043,7 +2043,7 @@ Data types
       This method returns a ctypes type instance using the memory specified by
       *address* which must be an integer.
 
-      .. audit-event:: ctypes.cdata address
+      .. audit-event:: ctypes.cdata address ctypes._CData.from_address
 
          This method, and others that indirectly call this method, raises an
          :ref:`auditing event <auditing>` ``ctypes.cdata`` with argument

@@ -5,10 +5,13 @@ Debugging and Profiling
 These libraries help you with Python development: the debugger enables you to
 step through code, analyze stack frames and set breakpoints etc., and the
 profilers run code and give you a detailed breakdown of execution times,
-allowing you to identify bottlenecks in your programs.
+allowing you to identify bottlenecks in your programs. Auditing events
+provide visibility into runtime behaviors that would otherwise require
+intrusive debugging or patching.
 
 .. toctree::
 
+   audit_events.rst
    bdb.rst
    faulthandler.rst
    pdb.rst

@@ -119,7 +119,7 @@ Module API
    *verbosity* controls the level of output to :data:`sys.stdout` from the
    bootstrapping operation.
 
-   .. audit-event:: ensurepip.bootstrap root
+   .. audit-event:: ensurepip.bootstrap root ensurepip.bootstrap
 
    .. note::
 

@@ -190,7 +190,7 @@ followed by ``lines`` for the text version or ``binary`` for the binary version.
    *source_address* is a 2-tuple ``(host, port)`` for the socket to bind to as
    its source address before connecting.
 
-   .. audit-event:: ftplib.FTP.connect "self host port"
+   .. audit-event:: ftplib.connect self,host,port ftplib.FTP.connect
 
    .. versionchanged:: 3.3
       *source_address* parameter was added.
@@ -225,7 +225,7 @@ followed by ``lines`` for the text version or ``binary`` for the binary version.
 
    Send a simple command string to the server and return the response string.
 
-   .. audit-event:: ftplib.FTP.sendcmd "self cmd"
+   .. audit-event:: ftplib.sendcmd self,cmd ftplib.FTP.sendcmd
 
 
 .. method:: FTP.voidcmd(cmd)
@@ -234,7 +234,7 @@ followed by ``lines`` for the text version or ``binary`` for the binary version.
    nothing if a response code corresponding to success (codes in the range
    200--299) is received.  Raise :exc:`error_reply` otherwise.
 
-   .. audit-event:: ftplib.FTP.sendcmd "self cmd"
+   .. audit-event:: ftplib.sendcmd self,cmd ftplib.FTP.voidcmd
 
 
 .. method:: FTP.retrbinary(cmd, callback, blocksize=8192, rest=None)

@@ -128,7 +128,7 @@ are always available.  They are listed here in alphabetical order.
    :func:`breakpoint` will automatically call that, allowing you to drop into
    the debugger of choice.
 
-   .. audit-event:: builtins.breakpoint "sys.breakpointhook"
+   .. audit-event:: builtins.breakpoint breakpointhook breakpoint
 
    .. versionadded:: 3.7
 
@@ -277,7 +277,7 @@ are always available.  They are listed here in alphabetical order.
    If you want to parse Python code into its AST representation, see
    :func:`ast.parse`.
 
-   .. audit-event:: compile "source filename"
+   .. audit-event:: compile source,filename compile
 
       Raises an :ref:`auditing event <auditing>` ``compile`` with arguments
       ``source`` and ``filename``. This event may also be raised by implicit
@@ -490,7 +490,7 @@ are always available.  They are listed here in alphabetical order.
    See :func:`ast.literal_eval` for a function that can safely evaluate strings
    with expressions containing only literals.
 
-   .. audit-event:: exec code_object
+   .. audit-event:: exec code_object eval
 
       Raises an :ref:`auditing event <auditing>` ``exec`` with the code object
       as the argument. Code compilation events may also be raised.
@@ -525,7 +525,7 @@ are always available.  They are listed here in alphabetical order.
    builtins are available to the executed code by inserting your own
    ``__builtins__`` dictionary into *globals* before passing it to :func:`exec`.
 
-   .. audit-event:: exec code_object
+   .. audit-event:: exec code_object exec
 
       Raises an :ref:`auditing event <auditing>` ``exec`` with the code object
       as the argument. Code compilation events may also be raised.
@@ -779,12 +779,12 @@ are always available.  They are listed here in alphabetical order.
    If the :mod:`readline` module was loaded, then :func:`input` will use it
    to provide elaborate line editing and history features.
 
-   .. audit-event:: builtins.input prompt
+   .. audit-event:: builtins.input prompt input
 
       Raises an :ref:`auditing event <auditing>` ``builtins.input`` with
       argument ``prompt`` before reading input
 
-   .. audit-event:: builtins.input/result result
+   .. audit-event:: builtins.input/result result input
 
       Raises an auditing event ``builtins.input/result`` with the result after
       successfully reading input.
@@ -1222,7 +1222,7 @@ are always available.  They are listed here in alphabetical order.
    (where :func:`open` is declared), :mod:`os`, :mod:`os.path`, :mod:`tempfile`,
    and :mod:`shutil`.
 
-   .. audit-event:: open "file mode flags"
+   .. audit-event:: open file,mode,flags open
 
    The ``mode`` and ``flags`` arguments may have been modified or inferred from
    the original call.

@@ -52,7 +52,7 @@ For example, ``'[?]'`` matches the character ``'?'``.
    more directories and subdirectories.  If the pattern is followed by an
    ``os.sep``, only directories and subdirectories match.
 
-   .. audit-event:: glob.glob "pathname recursive"
+   .. audit-event:: glob.glob pathname,recursive glob.glob
 
    .. note::
       Using the "``**``" pattern in large directory trees may consume
@@ -67,7 +67,7 @@ For example, ``'[?]'`` matches the character ``'?'``.
    Return an :term:`iterator` which yields the same values as :func:`glob`
    without actually storing them all simultaneously.
 
-   .. audit-event:: glob.glob "pathname recursive"
+   .. audit-event:: glob.glob pathname,recursive glob.iglob
 
 
 .. function:: escape(pathname)

@@ -361,7 +361,7 @@ An :class:`IMAP4` instance has the following methods:
    :meth:`IMAP4.send`, and :meth:`IMAP4.shutdown` methods.  You may override
    this method.
 
-   .. audit-event:: imaplib.IMAP4.open "self host port"
+   .. audit-event:: imaplib.open self,host,port imaplib.IMAP4.open
 
 
 .. method:: IMAP4.partial(message_num, message_part, start, length)
@@ -432,7 +432,7 @@ An :class:`IMAP4` instance has the following methods:
 
    Sends ``data`` to the remote server. You may override this method.
 
-   .. audit-event:: imaplib.IMAP4.send "self data"
+   .. audit-event:: imaplib.send self,data imaplib.IMAP4.send
 
 
 .. method:: IMAP4.setacl(mailbox, who, what)

@@ -120,7 +120,7 @@ High-level Module Interface
 
    This is an alias for the builtin :func:`open` function.
 
-   .. audit-event:: open "path mode flags"
+   .. audit-event:: open path,mode,flags io.open
 
       This function raises an :ref:`auditing event <auditing>` ``open`` with
       arguments ``path``, ``mode`` and ``flags``. The ``mode`` and ``flags``

@@ -67,7 +67,7 @@ To map anonymous memory, -1 should be passed as the fileno along with the length
    will be relative to the offset from the beginning of the file. *offset*
    defaults to 0.  *offset* must be a multiple of the :const:`ALLOCATIONGRANULARITY`.
 
-   .. audit-event:: mmap.__new__ "fileno length access offset"
+   .. audit-event:: mmap.__new__ fileno,length,access,offset mmap.mmap
 
 .. class:: mmap(fileno, length, flags=MAP_SHARED, prot=PROT_WRITE|PROT_READ, access=ACCESS_DEFAULT[, offset])
    :noindex:
@@ -156,7 +156,7 @@ To map anonymous memory, -1 should be passed as the fileno along with the length
 
           mm.close()
 
-   .. audit-event:: mmap.__new__ "fileno length access offset"
+   .. audit-event:: mmap.__new__ fileno,length,access,offset mmap.mmap
 
    Memory-mapped file objects support the following methods:
 

@@ -79,11 +79,13 @@ The module itself defines the following classes:
     ('211 1755 1 1755 gmane.comp.python.committers', 1755, 1, 1755, 'gmane.comp.python.committers')
     >>>
 
-   .. audit-event:: nntplib.NNTP "self host port"
+   .. audit-event:: nntplib.connect self,host,port nntplib.NNTP
 
-   All commands will raise an :ref:`auditing event <auditing>`
-   ``nntplib.NNTP.putline`` with arguments ``self`` and ``line``,
-   where ``line`` is the bytes about to be sent to the remote host.
+   .. audit-event:: nntplib.putline self,line nntplib.NNTP
+
+      All commands will raise an :ref:`auditing event <auditing>`
+      ``nntplib.putline`` with arguments ``self`` and ``line``,
+      where ``line`` is the bytes about to be sent to the remote host.
 
    .. versionchanged:: 3.2
       *usenetrc* is now ``False`` by default.
@@ -105,11 +107,13 @@ The module itself defines the following classes:
    STARTTLS as described below.  However, some servers only support the
    former.
 
-   .. audit-event:: nntplib.NNTP "self host port"
+   .. audit-event:: nntplib.connect self,host,port nntplib.NNTP_SSL
+
+   .. audit-event:: nntplib.putline self,line nntplib.NNTP_SSL
 
-   All commands will raise an :ref:`auditing event <auditing>`
-   ``nntplib.NNTP.putline`` with arguments ``self`` and ``line``,
-   where ``line`` is the bytes about to be sent to the remote host.
+      All commands will raise an :ref:`auditing event <auditing>`
+      ``nntplib.putline`` with arguments ``self`` and ``line``,
+      where ``line`` is the bytes about to be sent to the remote host.
 
    .. versionadded:: 3.2
 

@@ -851,7 +851,7 @@ as internal buffering of data.
    most *length* bytes in size.  As of Python 3.3, this is equivalent to
    ``os.truncate(fd, length)``.
 
-   .. audit-event:: os.truncate "fd length"
+   .. audit-event:: os.truncate fd,length os.ftruncate
 
    .. availability:: Unix, Windows.
 
@@ -938,7 +938,7 @@ as internal buffering of data.
    This function can support :ref:`paths relative to directory descriptors
    <dir_fd>` with the *dir_fd* parameter.
 
-   .. audit-event:: open "path mode flags"
+   .. audit-event:: open path,mode,flags os.open
 
    .. versionchanged:: 3.4
       The new file descriptor is now non-inheritable.
@@ -1801,7 +1801,7 @@ features:
    This function can also support :ref:`specifying a file descriptor
    <path_fd>`; the file descriptor must refer to a directory.
 
-   .. audit-event:: os.listdir path
+   .. audit-event:: os.listdir path os.listdir
 
    .. note::
       To encode ``str`` filenames to ``bytes``, use :func:`~os.fsencode`.
@@ -2180,7 +2180,7 @@ features:
    This function can also support :ref:`specifying a file descriptor
    <path_fd>`; the file descriptor must refer to a directory.
 
-   .. audit-event:: os.scandir path
+   .. audit-event:: os.scandir path os.scandir
 
    The :func:`scandir` iterator supports the :term:`context manager` protocol
    and has the following method:
@@ -2788,7 +2788,7 @@ features:
 
    This function can support :ref:`specifying a file descriptor <path_fd>`.
 
-   .. audit-event:: os.truncate "path length"
+   .. audit-event:: os.truncate path,length os.truncate
 
    .. availability:: Unix, Windows.
 
@@ -3794,7 +3794,7 @@ written in Python, such as a mail server's external command delivery program.
    to using this function.  See the :ref:`subprocess-replacements` section in
    the :mod:`subprocess` documentation for some helpful recipes.
 
-   .. audit-event:: os.system command
+   .. audit-event:: os.system command os.system
 
    .. availability:: Unix, Windows.
 

@@ -181,7 +181,7 @@ access further features, you have to do this yourself:
 
       import pdb; pdb.Pdb(skip=['django.*']).set_trace()
 
-   .. audit-event:: pdb.Pdb
+   .. audit-event:: pdb.Pdb "" pdb.Pdb
 
    .. versionadded:: 3.1
       The *skip* argument.

@@ -437,7 +437,7 @@ The :mod:`pickle` module exports three classes, :class:`Pickler`,
       how they can be loaded, potentially reducing security risks. Refer to
       :ref:`pickle-restrict` for details.
 
-      .. audit-event:: pickle.find_class "module name"
+      .. audit-event:: pickle.find_class module,name pickle.Unpickler.find_class
 
 .. class:: PickleBuffer(buffer)