wrapt

After using wrapt extensively for instrumentation and AOP patterns in production systems, it's become my default choice for any serious decorator work. The library handles the gnarly edge cases that pure Python decorators miss—preserving function signatures, handling descriptors correctly, and maintaining proper method binding. The C-accelerated wrapper is exceptionally lightweight with negligible performance overhead compared to manual wrapping approaches.

What sets wrapt apart operationally is its robustness under real-world conditions. The ObjectProxy implementation properly delegates attribute access, which is critical when monkey patching third-party libraries for observability. I've used it to instrument database clients and HTTP libraries without breaking introspection or causing memory leaks from circular references. The synchronized decorator has been reliable for thread-safety patterns without the boilerplate of manual lock management.

The API surface is minimal and stable—I've upgraded across multiple versions without breaking changes. Documentation is thorough with practical examples for each use case. Error messages are clear when wrappers are misapplied, and the library degrades gracefully to pure Python if the C extension isn't available.

In production, wrapt is the decorator library that just works. Unlike pure Python decorators, it preserves function signatures, introspection, and docstrings correctly without manual @functools.wraps gymnastics. The C extension provides negligible overhead—I've instrumented hundreds of methods with custom decorators and never seen wrapt show up in profiling as a bottleneck.

The ObjectProxy is exceptionally useful for lazy initialization and monkey patching scenarios. We use it to wrap database connections and API clients, deferring expensive initialization until first access. Memory overhead is minimal, and the proxy behavior is transparent enough that it doesn't break isinstance checks or attribute access patterns. Error messages when something goes wrong are clear and point to the actual issue, not proxy internals.

Configuration is straightforward—it's a library, not a framework. The decorator factory pattern is well-documented with practical examples. Breaking changes between versions have been rare and well-communicated. My only gripe is that advanced proxy customization requires reading source code, but for 95% of use cases, the defaults are exactly what you need.

I've used wrapt extensively for building decorators that preserve function signatures and introspection metadata. Unlike naive decorator implementations, wrapt's ObjectProxy and decorator utilities maintain proper signature preservation, which is critical for security contexts where you need accurate parameter inspection for input validation or authorization checks.

The library's approach to wrapper transparency is excellent - wrapped objects behave correctly with isinstance checks and attribute access, preventing subtle bugs where security decorators might be bypassed due to type checking issues. The C extension provides performance benefits without compromising safety, and it gracefully falls back to pure Python when unavailable.

From a security perspective, wrapt doesn't introduce surface area for injection attacks or unsafe defaults. Error messages are appropriately scoped without leaking implementation details. The monkey patching utilities are explicit and trackable, which helps during security audits. My main concern is the minimal documentation around edge cases with complex descriptor protocols, which can lead to unexpected behavior if you're wrapping security-critical class methods.