Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
Similar Podcasts
24H24L
Evento en línea, de 24 horas de duración que consiste en la emisión de 24 audios de diversas temáticas sobre GNU/Linux. Estos son los audios del evento en formato podcast.
The Infinite Monkey Cage
Brian Cox and Robin Ince host a witty, irreverent look at the world through scientists' eyes.
Talking Kotlin
A bimonthly podcast that covers the Kotlin programming language by JetBrains, as well as related technologies. Hosted by Hadi Hariri
#390 Coding in a Castle
Topics covered in this episode: Joining Strings in Python: A "Huh" Moment 10 hard-to-swallow truths they won't tell you about software engineer job My thoughts on Python in Excel Extra, extra, extra Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Joining Strings in Python: A "Huh" Moment Veronica Berglyd Olsen Standard solution to “read lines from a file, do some filtering, create a multiline string”: f = open("input_file.txt") filtered_text = "\n".join(x for x in f if not x.startswith("#")) This uses a generator, file reading, and passes the generator to join. Another approach is to add brackets and pass that generator to a list comprehension: f = open("input_file.txt") filtered_text = "\n".join([x for x in f if not x.startswith("#")]) At first glance, this seems to just be extra typing, but it’s actually faster by 16% on CPython due to the implementation of .join() doing 2 passes on input if passed a generator. From Trey Hunner: “I do know that it’s not possible to do 2 passes over a generator (since it’d be exhausted after the first pass) so from my understanding, the generator version requires an extra step of storing all the items in a list first.” Michael #2: 10 hard-to-swallow truths they won't tell you about software engineer job College will not prepare you for the job You will rarely get greenfield projects Nobody gives a BLANK about your clean code You will sometimes work with incompetent people Get used to being in meetings for hours They will ask you for estimates a lot of times Bugs will be your arch-enemy for life Uncertainty will be your toxic friend It will be almost impossible to disconnect from your job You will profit more from good soft skills than from good technical skills Brian #3: My thoughts on Python in Excel Felix Zumstein Interesting take on one person’s experience with trying Python in Excel. “We wanted an alternative to VBA, but got an alternative to the Excel formula language” “Python runs in the cloud on Azure Container Instances and not inside Excel.” “DataFrames are great, but so are NumPy arrays and lists.” … lots of other interesting takaways. Michael #4: Extra, extra, extra Code in a castle - Michael’s Python Zero to Hero course in Tuscany Polyfill.io JavaScript supply chain attack impacts over 100K sites Now required reading: Reasons to avoid Javascript CDNs Mac users served info-stealer malware through Google ads HTMX for the win! ssh to run remote commands > ssh user@server "command_to_run --arg1 --arg2" Extras Brian: A fun reaction to AI - I will not be showing the link on our live stream, due to colorful language. Michael: Coding in a Castle Developer Education Event Polyfill.io JavaScript supply chain attack impacts over 100K sites See Reasons to avoid Javascript CDNs Joke: HTML Hacker
#389 More OOP for Python?
Topics covered in this episode: Solara UI Framework Coverage at a crossroads “Virtual” methods in Python classes Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Solara UI Framework via Florian A Pure Python, React-style Framework for Scaling Your Jupyter and Web Apps Solara lets you build web apps from pure Python using ipywidgets or a React-like API on top of ipywidgets. These apps work both inside the Jupyter Notebook and as standalone web apps with frameworks like FastAPI. See the Examples page. Based on Reacton By building on top of ipywidgets, Solara automatically leverage an existing ecosystem of widgets and run on many platforms, including JupyterLab, Jupyter Notebook, Voilà, Google Colab, DataBricks, JetBrains Datalore, and more. Brian #2: Coverage at a crossroads Ned Batchelder is working on making coverage.py faster. Includes a nice, quick explanation of roughly how coverage.py works with trace function and arcs used for branch coverage. And how trace slows things down for lines we know are already covered. There are cool ideas from SlipCover that could be applicable. There’s also sys.monitoring from Python 3.12 that helps with line coverage, since you can disable it for lines you already have info on. It doesn’t quite complete the picture for branch coverage, though. Summary: jump in and help if you can read it anyway for a great mental model of how coverage.py works. Michael #3: “Virtual” methods in Python classes via Brian Skinn PEP 698 just got accepted, defining an @override decorator for type hinting, to help avoid errors in subclasses that override methods. Only affects type checkers but allows you to declare a “link” between the base method and derived class method with the intent of overriding it using OOP. If there is a mismatch, it’s an error. Python 3.12’s documentation Makes Python a bit more like C# and other more formal languages Brian #4: Parsing Python ASTs 20x Faster with Rust Evan Doyle Tach is “a CLI tool that lets you define and enforce import boundaries between Python modules in your project.” we covered it in episode 384 When used to analyze Sentry’s ~3k Python file codebase, it took about 10 seconds. Profiling analysis using py-spy and speedscope pointed to a function that spends about 2/3 of the time parsing the AST, and about 1/3 traversing it. That portion was then rewritten in Rust, resulting in 10x speedup, ending in about 1 second. This is a cool example of not just throwing Rust at a speed problem right away, but doing the profiling homework first, and focusing the Rust rewrite on the bottleneck. Extras Brian: I brought up pkgutil.resolve_name() last week on episode 388 Brett Cannon says don’t use that, it’s deprecated Thanks astroboy for letting me know Will we get CalVer for Python? it was talked about at the language summit There’s also pep 2026, in draft, with a nice nod in the number of when it might happen. 3.13 already in the works for 2024 3.14 slated for 2025, and we gotta have a pi release So the earliest is then 2026, with maybe a 3.26 version ? Saying thanks to open source maintainers Great write-up by Brett Cannon about how to show your appreciation for OSS maintainers. Be nice Be an advocate Produce your own open source Say thanks Fiscal support On topic Thanks Brett for pyproject.toml. I love it. Michael: The Shiny for Python course is out! Plus, it’s free so come and get it. Joke: Tao of Programming: Book 1: Into the Silent Void, Part 1
#388 Don't delete all the repos
Topics covered in this episode: PSF Elections coming up Cloud engineer gets 2 years for wiping ex-employer’s code repos Python: Import by string with pkgutil.resolve_name() DuckDB goes 1.0 Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: PSF Elections coming up This is elections for the PSF Board and for 3 bylaw changes. To vote in the PSF election, you need to be a Supporting, Managing, Contributing, or Fellow member of the PSF, … And affirm your voting status by June 25. See Affirm your PSF Membership Voting Status for more details. Timeline Board Nominations open: Tuesday, June 11th, 2:00 pm UTC Board Nominations close: Tuesday, June 25th, 2:00 pm UTC Voter application cut-off date: Tuesday, June 25th, 2:00 pm UTC same date is also for voter affirmation. Announce candidates: Thursday, June 27th Voting start date: Tuesday, July 2nd, 2:00 pm UTC Voting end date: Tuesday, July 16th, 2:00 pm UTC See also Thinking about running for the Python Software Foundation Board of Directors? Let’s talk! There’s still one upcoming office hours session on June 18th, 12 PM UTC And For your consideration: Proposed bylaws changes to improve our membership experience 3 proposed bylaws changes Michael #2: Cloud engineer gets 2 years for wiping ex-employer’s code repos Miklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired. The court documents state that Brody's employment was terminated after he violated company policies by connecting a USB drive. Brian #3: Python: Import by string with pkgutil.resolve_name() Adam Johnson You can use pkgutil.resolve_name("[HTML_REMOVED]:[HTML_REMOVED]")to import classes, functions or modules using strings. You can also use importlib.import_module("[HTML_REMOVED]") Both of these techniques are so that you have an object imported, but the end thing isn’t imported into the local namespace. Michael #4: DuckDB goes 1.0 via Alex Monahan The cloud hosted product @MotherDuck also opened up General Availability Codenamed "Snow Duck" The core theme of the 1.0.0 release is stability. Extras Brian: Sending us topics. Please send before Tuesday. But any time is welcome. NumPy 2.0 htmx 2.0.0 Michael: Get 6 months of PyCharm Pro for free. Just take a course (even a free one) at Talk Python Training. Then visit your account page > details tab and have fun. Coming soon at Talk Python: Shiny for Python Joke: .gitignore thoughts won't let me sleep
#387 Heralding in a new era of database queries
Topics covered in this episode: Dataherald Python's many command-line utilities Distroless Python functools.cache, cachetools, and cachebox Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Dataherald Interact with your SQL database, Natural Language to SQL using LLMs. Allows you to set up an API from your database that can answer questions in plain English Uses include Allow business users to get insights from the data warehouse without going through a data analyst Enable Q+A from your production DBs inside your SaaS application Create a ChatGPT plug-in from your proprietary data Brian #2: Python's many command-line utilities Trey Hunner Too many to list, but here’s some fun ones json.tool - nicely format json data calendar - print the calendar current by default, but you can pass in year and month gzip, ftplib, tarfile, and other unixy things handy on Windows cProfile & pstats Michael #3: Distroless Python via Patrick Smyth What is distroless anyway? These are container images without package managers or shells included. Debugging these images presents some wrinkles (can't just exec into a shell inside the image), but they're a lot more secure. Chainguard, creates low/no CVE distroless images based on our FOSS distroless OS, Wolfi. Some Python use-cases: docker run -it cgr.dev/chainguard/python:latest # The entrypoint is a Python REPL, since no b/a/sh is included docker run -it cgr.dev/chainguard/python:latest-dev # This is their dev version and has pip, bash, apk, etc. Brian #4: functools.cache, cachetools, and cachebox functools cache and lru_cache - built in cachetools - “This module provides various memoizing collections and decorators, including variants of the Python Standard Library's @lru_cache function decorator.” cachebox - “The fastest caching Python library written in Rust” Extras Brian: Python 3.12.4 is out VSCode has some pytest improvements Michael: Time for a bartender alternative, I’ve switched to Ice. Rocket.chat as an alternative to Slack Joke: CSS Cartoons
#386 Major releases abound
Topics covered in this episode: NumPy 2.0 release date is June 16 Uvicorn adds multiprocess workers pixi JupyterLab 4.2 and Notebook 7.2 are available Extras Joke Watch on YouTube About the show Sponsored by Mailtrap: pythonbytes.fm/mailtrap Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: NumPy 2.0 release date is June 16 “This release has been over a year in the making, and is the first major release since 2006. Importantly, in addition to many new features and performance improvement, it contains breaking changes to the ABI as well as the Python and C APIs. It is likely that downstream packages and end user code needs to be adapted - if you can, please verify whether your code works with NumPy 2.0.0rc2.” NumPy 2.0.0 Release Notes NumPy 2.0 migration guide including “try just running ruff check path/to/code/ --select NPY201” “Many of the changes covered in the 2.0 release notes and in this migration guide can be automatically adapted in downstream code with a dedicated Ruff rule, namely rule NPY201.” Michael #2: Uvicorn adds multiprocess workers via John Hagen The goal was to no longer need to suggest that people use Gunicorn on top of uvicorn. Uvicorn can now in a sense "do it all” Steps to use it and background on how it works. Brian #3: pixi Suggested by Vic Kelson “pixi is a cross-platform, multi-language package manager and workflow tool built on the foundation of the conda ecosystem.” Tutorial: Doing Python development with Pixi Some quotes from Vic: “Pixi is a project manager, written in Rust, that allows you to build Python projects without having Python previously installed. It’s installable with Homebrew (brew install pixi on Linux and MacOS). There’s support in VSCode and PyCharm via plugins. By default, pixi fetches packages from conda-forge, so you get the scientific stack in a pretty reliable and performant build. If a package isn’t on conda-forge, it’ll look on PyPI, or I believe you can force it to look on PyPI if you like.” “So far, it works GREAT for me. What really impressed me is that I got a Jupyter environment with CuPy utilizing my aging Nvidia GPU on the FIRST TRY.” Michael #4: JupyterLab 4.2 and Notebook 7.2 are available JupyterLab 4.2.0 has been released! This new minor release of JupyterLab includes 3 new features, 20 enhancements, 33 bug fixes and 29 maintenance tasks. Jupyter Notebook 7.2.0 has also been released Highlights include Easier Workspaces Management with GUI Recently opened/closed files Full notebook windowing mode by default (renders only the cells visible in the window, leading to improved performance) Improved Shortcuts Editor Dark High Contrast Theme Extras Brian: Help test Python 3.13! Help us test free-threaded Python without the GIL both from Hugo van Kemenade Python Test 221: How to get pytest to import your code under test is out Michael: Bend follow up from Bernát Gábor “Bend looks roughly like Python but is nowhere there actually. For example it has no for loops, instead you're meant to use bend keyword (hence the language name) to expand calculations and another keyword to join branches. So basically think of something that resembles Python at high level, but without being compatible with that and without any of the standard library or packages the Python language provides. That being said does an impressive job at parallelization, but essentially it's a brand new language with new syntax and paradigms that you will have to learn, it just shares at first look similarities with Python the most.” Joke: Do-while
#385 RESTing on Postgres
Topics covered in this episode: PostgresREST How Python Asyncio Works: Recreating it from Scratch Bend The Smartest Way to Learn Python Regular Expressions Extras Joke Watch on YouTube About the show Sponsored by Mailtrap: pythonbytes.fm/mailtrap Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: PostgresREST PostgREST serves a fully RESTful API from any existing PostgreSQL database. It provides a cleaner, more standards-compliant, faster API than you are likely to write from scratch. Speedy First the server is written in Haskell using the Warp HTTP server (aka a compiled language with lightweight threads). Next it delegates as much calculation as possible to the database. Finally it uses the database efficiently with the Hasql library PostgREST handles authentication (via JSON Web Tokens) and delegates authorization to the role information defined in the database. This ensures there is a single declarative source of truth for security. Brian #2: How Python Asyncio Works: Recreating it from Scratch Jacob Padilla Cool tutorial walking through how async works, including Generators Review The Event Loop Sleeping Yield to Await Await with AsyncIO Another great async resource is: Build your Own Async David Beasley talk from 2019 Michael #3: Bend A massively parallel, high-level programming language. With Bend you can write parallel code for multi-core CPUs/GPUs without being a C/CUDA expert with 10 years of experience. It feels just like Python! No need to deal with the complexity of concurrent programming: locks, mutexes, atomics... any work that can be done in parallel will be done in parallel. Brian #4: The Smartest Way to Learn Python Regular Expressions Christian Mayer, Zohaib Riaz, and Lukas Rieger Self published ebook on Python Regex that utilizes book form readings, links to video course sections puzzle challenges to complete online It’s a paid resource, but the min is free. Extras Brian: Replay - A graphic memoir by Prince of Persia creator Jordan Mechner, recounting his own family story of war, exile and new beginnings. Michael: PyCon 2026 Joke: Shells Scripts
#384 Force push lightly
Topics covered in this episode: Git: Force push safely with --force-with-lease and --force-if-includes Thoughts from PyCon 2024 Being friendly: Strategies for friendly fork management tach Extras Joke Watch on YouTube About the show Sponsored by Mailtrap: pythonbytes.fm/mailtrap Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Git: Force push safely with --force-with-lease and --force-if-includes Adam Johnson Using gentle force Avoid stomping on remote changes with a couple extra flags. Michael #2: Thoughts from PyCon 2024 PyCon is special - the connections you make are always more than you expect Great to see many old friends Did a ”live” Talk Python episode that’ll be out in a few weeks. The talks look great, we’ll let you know when they land on YouTube. Masks were a mistake - universally heard complaints from fellow attendees. This is my two cents towards a more reasonable next PyCon. Brian #3: Being friendly: Strategies for friendly fork management That’s part 2. Part 1 is Being friendly: Friendly forks 101 Lessley Dennington on GitHub Blog Examples of long running friendly forks git-for-windows/git, microsift/git, github/git two public, one private Fork management strategies - when pulling changes downstream merging rebase git-for-windows/git uses this proactively and regularly fake merge + rebase new branch microsoft/git uses this new branch from upstream major versions merge previous changes to new branch traditional merge github/git uses this, conservatively, after a few point bug fix versions Michael #4: tach A Python tool to enforce a modular, decoupled package architecture. tach allows you to define boundaries and control dependencies between your Python packages. Each package can define its public interface. If a package tries to import from another package that is not listed as a dependency, tach will report an error. If a package tries to import from another package and does not use its public interface, with strict: true set, tach will report an error. Zero runtime impact. Extras Brian: Logfire - new observability platform from the pydantic team - free for now Michael: 10% off the new spaCy course throughout May Joke: Evolution of smart products
#383 Why aren’t devs shipping faster?
Topics covered in this episode: I asked 100 devs why they aren’t shipping faster. Here’s what I learned Python 3.13.0 beta 1 released A theme editor for JupyterLab rich-argparse Extras Joke Watch on YouTube About the show Sponsored by Mailtrap: pythonbytes.fm/mailtrap Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: I asked 100 devs why they aren’t shipping faster. Here’s what I learned by Daksh Gupta (via PyCoders) What’s stopping you from shipping faster? Dependency bugs Complicated codebase >There is so much undocumented in our service, including poor records of new features, nonexistent or outdated info on our dependencies, or even essential things like best practices for testing, a lot of time is wasted in syncs trying to find the right information QA Loops Waiting for spec > At Amazon? Meetings, approval, talking to 10 different stakeholders because changing the color of a button affects 15 micro services Writing tests Deployment/build speed Scope creep > ソ The human tendency to stuff last-minute items into the crevices of their luggage minutes before leaving for the airport manifests itself at software companies as scope creep. Unclear requirements Excessive meetings Motivation >honest answer is i was on ads >and that’s a very old / complicated / large stack (edited) >and i didn’t understand it >my friends on younger teams seemed happier, i was miserable DORA metrics Brian #2: Python 3.13.0 beta 1 released "Python 3.13 is still in development. This release, 3.13.0b1, is the first of four beta release previews of 3.13.” New REPL, featuring multi-line editing, color support, colorized exception tracebacks Cool GIL, JIT, and GC features Typing changes, including typing.TypeIs . See last weeks episode and TypeIs does what I thought TypeGuard would do in Python Some nice dead battery removals and more But seriously, the REPL is cool. Just ask Trey The new REPL in Python 3.13 - Trey Hunner Michael #3: A theme editor for JupyterLab by Florence Haudin A new tool for authoring JupyterLab themes To lower the bar for customizing JupyterLab we created a new tool providing a simple interface for tuning the JupyterLab appearance interactively. See jupyterlab-theme-editor on github Brian #4: rich-argparse “Format argparse and optparse help using rich.” “rich-argparse improves the look and readability of argparse's help while requiring minimal changes to the code.” They’re not kidding. 2 line code change. from rich_argparse import RichHelpFormatter parser = argparse.ArgumentParser(..., formatter_class=RichHelpFormatter) Extras Brian: pytest course is now switched to the new platform. I sent out an email including how to save their spot on the old site and mark that spot complete on the new site. There’s now comments on the course now. Trying that out. If you’ve got a question, just ask in that section. Michael: A new Talk Python course: Getting Started with NLP and spaCy Joke: Testing holiday
#382 A Simple Game
Topics covered in this episode: act: Run your GitHub Actions locally! portr Annotating args and kwargs in Python github badges Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: act: Run your GitHub Actions locally! Why? “Fast Feedback - Rather than having to commit/push every time you want to test out the changes you are making to your .github/workflows/ files (or for any changes to embedded GitHub actions), you can use act to run the actions locally. The environment variables and filesystem are all configured to match what GitHub provides.” “Local Task Runner - I love make. However, I also hate repeating myself. With act, you can use the GitHub Actions defined in your .github/workflows/ to replace your Makefile!” Docs: nektosact.com Uses Docker to run containers for each action. Michael #2: portr Open source ngrok alternative designed for teams Expose local http, tcp or websocket connections to the public internet Warning: Portr is currently in beta. Expect bugs and anticipate breaking changes. Server setup (docker basically). Brian #3: Annotating args and kwargs in Python Redowan Delowar I don’t think I’ve ever tried, but this is a fun rabbit hole. Leveraging bits of PEP-5891, PEP-6462, PEP-6553, and PEP-6924. Punchline: from typing import TypedDict, Unpack *# Python 3.12+* *# from typing_extensions import TypedDict, Unpack # < Python 3.12* class Kw(TypedDict): key1: int key2: bool def foo(*args: Unpack[tuple[int, str]], **kwargs: Unpack[Kw]) -> None: ... A recent pic from Redowan’s blog: TypeIs does what I thought TypeGuard would do in Python Michael #4: github badges A curated list of GitHub badges for your next project Extras Brian: Fake job interviews target developers with new Python backdoor Later this week, course.pythontest.com will shift from Teachable to Podia Same great content. Just a different backend. To celebrate, get 25% off at pythontest.podia.com now through this Sunday using coupon code PYTEST Getting the most out of PyCon, including juggling - Rob Ludwick Latest PythonTest episode, also cross posted to pythonpeople.fm 3D visualization of dom Michael: Djangonauts Space Session 2 Applications Open! More background at Djangonauts, Ready for Blast-Off on Talk Python. Self-Hosted Open Source - Michael Kennedy on Django Chat Joke: silly games Closing song: Permission Granted
#381 Python Packages in the Oven
Topics covered in this episode: Announcing py2wasm: A Python to Wasm compiler Exploring Python packages with Oven and PyPI Browser PyCharm Local LLM Google shedding Python devs (at least in the US). Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Announcing py2wasm: A Python to Wasm compiler py2wasm converts your Python programs to WebAssembly, running them at 3x faster speeds thanks to Nuitka Brian #2: Exploring Python packages with Oven and PyPI Browser pypi.org is great, but there are some handy alternatives Oven Shows how to install stuff with pip, pdm, rye, and poetry Similar meta and description as PyPI Includes README.md view (no tables yet, though) Nice listing of versions Ability to look at what files are in wheels and tarballs (very cool) Can deploy yourself. Node/Remix app. Really slick. PyPI Browser View versions View wheel and tarball contents. Metadata and contents. No README view Is a Starlette app that you can deploy on your on with a private registry. So that’s cool. Michael #3: PyCharm Local LLM Pretty awesome full line completer based on a local LLM for PyCharm Requires PyCharm Professional An example, given this partial function in Flask: @blueprint.get('/listing') def listing(): videos = video_service.all_videos() Typing ret → That is, typing ret autocompletes to: return flask.render_template('home/listing.html', videos=videos) Which is pretty miraculous, and correct. Brian #4: Google shedding Python devs (at least in the US). Google lays off staff from Flutter, Dart and Python teams weeks before its developer conference - techcrunch Python, Flutter teams latest on the Google chopping block - The Register “Despite Alphabet last week reporting a 57 percent year-on-year jump in net profit to $23.66 billion for calendar Q1, more roles are being expunged as the mega-corp cracks down on costs.” “As for the Python team, the current positions have reportedly been "reduced" in favor of a new team based in Munich.” MK: Related and timely: How one power-hungry leader destroyed Google search Extras Brian: Python Gotcha: strip, lstrip, rstrip can remove more than expected Reminder: You probably want .removesuffix() and .removeprefix() Michael: Using Llama3 in LMStudio Joke: Broken System
#380 Debugging with your eyes
Topics covered in this episode: NumFOCUS concerns leaping pytest debugger llm Extra, Extra, Extra, PyPI has completed its first security audit Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: NumFOCUS concerns Suggested by Pamphile Roy Write up of the current challenges faced by NumFOCUS, by Paul Ivanov (one of the OG of Scientific Python: Jupyter, Matplotlib, etc.) Struggling to meet the needs of sponsored and affiliated projects. In February, NumFOCUS announced it is moving in a new direction. NumFOCUS initiated an effort to run an election for open board seats and proposed changing its governance structure. Some projects are considering and actively pursuing alternative venues for fiscal sponsorship. Quite a bit more detail and discussion in the article. NumFOCUS covers a lot of projects NumPy, Matplotlib, pandas, Jupyter, SciPy, Astropy, Bokeh, Dask, Conda, and so many more. Michael #2: leaping pytest debugger llm You can ask Leaping questions like: Why am I not hitting function x? Why was variable y set to this value? What was the value of variable x at this point? What changes can I make to this code to make this test pass? Brian #3: Extra, Extra, Extra, 2024 Developer Summit Also suggested by Pamphile, related to Scientific Python The Second Scientific Python Developer Summit , June 3-5, Seattle, WA Lots of great work came out of the First Summit in 2023 pytest-regex - Use regexs to specify tests to run Came out of the ’23 summit I’m not sure if I’m super happy about this or a little afraid that I probably could use this. Still, cool that it’s here. Cool short example of using __init__ and __call__ to hand-roll a decorator. ruff got faster Michael #4: PyPI has completed its first security audit Trail of Bits spent a total of 10 engineer-weeks of effort identifying issues, presenting those findings to the PyPI team, and assisting us as we remediated the findings. Scope: The audit was focused on "Warehouse", the open-source codebase that powers pypi.org As a result of the audit, Trail of Bits detailed 29 different advisories discovered across both codebases. When evaluating severity level of each advisory, 14 were categorized as "informational", 6 as "low", 8 as "medium" and zero as "high". Extras Brian: pytest course community to try out Podia Communities. Anyone have a podia community running strong now? If so, let me know through Mastodon: @brianokken@fosstodon.org Want to join the community when it’s up and running? Same. Or join our our friends of the show list, and read our newsletter. I’ll be sure to drop a note in there when it’s ready. Michael: VS Code AMA @ Talk Python [video] Gunicorn CVE Talk submissions are now open for both remote and in-person talks at the 2024 PyConZA? The conference will be held on 3 and 4 October 2024 in Cape Town, South Africa. Details are on za.pycon.org. FlaskCon 2024 will be happening Friday, May 17 inside PyCon US 2024. Call for proposals are now live! Joke: Debugging with your eyes
#379 Constable on the debugging case
Topics covered in this episode: How to Set Up Pre-Commit Hooks A step-by-step guide to installing and configuring pre-commit hooks on your project. difftastic Quarto constable Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: How to Set Up Pre-Commit Hooks A step-by-step guide to installing and configuring pre-commit hooks on your project. by Stefanie Molin Pre-commit hooks are code checks that run as part of the “pre-commit” stage of the git commit process. If any of these checks fail, git aborts the commit Sometimes, we need to bypass the hooks temporarily. For these instances, we can pass the --no-verify option when we run git commit Brian #2: difftastic Found this a couple years ago, but really using it a lot now. Excellent structurally diff tool that compares code based on syntax, not line by line. Michael #3: Quarto via Mathias Johansson An open-source scientific and technical publishing system Transforming a notebook into a pdf / HTML / MS Word / ePub with minimal effort, or even all formats at once. Author using Jupyter notebooks or with plain text markdown in your favorite editor. Write using Pandoc markdown, including equations, citations, crossrefs, figure panels, callouts, advanced layout, and more. Brian #4: constable “inserts print statements directly into the AST at runtime “ “If you find yourself aimlessly adding print statements while debugging your code, this is for you. !” Add decorators like @constable.trace('a', 'b') to functions and you’ll get nice output showing when and how a and b changed. see also icecream for another fun debugging with print project. Extras Brian: pointers being added to the standard library A couple weeks old, but still worth covering Guido’s take on adding this, "Why the hell not?" Michael: Python 3.12.3 is out Joke: Hugo SciFi Award
#378 Python is on the edge
Topics covered in this episode: pacemaker - For controlling time per iteration loop in Python. PyPI suspends new user registration to block malware campaign Python Project-Local Virtualenv Management Redux Python Edge Workers at Cloudflare Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pacemaker - For controlling time per iteration loop in Python. Brandon Rohrer Good example of a small bit of code made into a small package. With speedups to dependencies, like with uv, for example, I think we’ll see more small projects. Cool stuff Great README, including quirks that need to be understood by users. “If the pacemaker experiences a delay, it will allow faster iterations to try to catch up. Heads up: because of this, any individual iteration might end up being much shorter than suggested by the pacemaker's target rate.” Nice use of time.monotonic() deltas are guaranteed to never go back in time regardless of what adjustments are made to the system clock. Watch out for pip install pacemaker-lite NOT pacemaker pacemaker is taken by a package named PaceMaker with a repo named pace-maker, that hasn’t been updated in 3 years. Not sure if it’s alive. No tests (yet). I’m sure they’re coming. ;) Seriously though, Brandon says this is “a glorified snippet”. And I love the use of packaging to encapsulate shared code. Realistically, small snippet like packages have functionality that’s probably going to be tested by end user code. And even if there are tests, users should test the functionality they are depending on. Michael #2: PyPI suspends new user registration to block malware campaign Incident Report for Python Infrastructure PyPi Is Under Attack: Project Creation and User Registration Suspended — Here’s the details I hate medium, but it’s the best details I’ve found so far Brian #3: Python Project-Local Virtualenv Management Redux Hynek Concise writeup of how Hynek uses various tools for dealing with environments Covers (paren notes are from Brian) In project .venv directories direnv for handling .envrc files per project (time for me to try this again) uv for pip and pip-compile functionality Installing Python via python.org Using a .python-version-default file (I’ll need to play with this a bit) Works with GH Action setup-python. (ok. that’s cool) Some fish shell scripting Bonus tip on using requires-python in .pyproject.toml and extracting it in GH actions to be able to get the python exe name, and then be able to pass it to Docker and reference it in a Dockerfile. (very cool) Michael #4: Python Edge Workers at Cloudflare What are edge workers? Based on workers using Pyodide and WebAssembly This new support for Python is different from how Workers have historically supported languages beyond JavaScript — in this case, we have directly integrated a Python implementation into workerd, the open-source Workers runtime. Python Workers can import a subset of popular Python packages including FastAPI, Langchain, numpy Check out the examples repo. Extras Michael: LPython follow up from Brian Skinn Featured on Python Bytes badge A little downtime, thanks for the understanding We were rocking a 99.98% uptime until then. :) Joke: C++ is not safe for people under 18 Baseball joke
#377 A Dramatic Episode
Topics covered in this episode: justpath xz back door LPython dramatic Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: justpath Inspect and refine PATH environment variable on both Windows and Linux. Raw, count, duplicates, invalids, corrections, excellent stuff. Check out the video Brian #2: xz back door In case you kinda heard about this, but not really. Very short version: A Microsoft engineer noticed a performance problem with ssh and tracked it to a particular version update of xz. Further investigations found a multi-year installation of a fairly complex back door into the xz by a new-ish contributor. But still contributing over several years. First commit in early 2022. The problem is caught. But if it had succeeded, it would have been bad. Part of the issue of how this happened is due to having one primary maintainer on a very widely used tool included in tons-o-Linux distributions. Some useful articles Everything I Know About the XZ Backdoor - Evan Boehs - recommended read Don’t think your affected? Think again if you use homebrew, for example: Update and upgrade Homebrew and xz versions Notes Open source maintenance burnout is real Lots of open source projects are maintained by unpaid individuals for long periods of time. Multi-year sneakiness and social bullying is pretty hard to defend against. Handing off projects to another primary maintainer has to be doable. But now I think we need better tools to vet contributors. Maybe? Or would that just suppress contributions? One option to help with burnout: JGMM, Just Give Maintainers Money: Software Needs To Be More Expensive - Glyph Michael #3: LPython LPython aggressively optimizes type-annotated Python code. It has several backends, including LLVM, C, C++, and WASM. LPython’s primary tenet is speed. Play with the wasm version here: dev.lpython.org Still in alpha, so keep that in mind. Brian #4: dramatic Trey Hunner More drama in the software world. This time in the Python. Actually, this is just a fun utility to make your Python output more dramatic. More fun output with terminaltexteffects suggested by Allan Extras Brian: Textual how has a new inline feature in the new release. Michael: My keynote talk is out: The State of Python in 2024 Have you browsed your github feed lately? 3.10, 3.9, 3.8 security updates Joke: Definition of terms
#376 Every dunder method in a Python Lockbox
Topics covered in this episode: 🤖 On Robots.txt niquests Every dunder method in Python Lockbox Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @mkennedy@fosstodon.org Brian: @brianokken@fosstodon.org Show: @pythonbytes@fosstodon.org Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too. Brian #1: 🤖 On Robots.txt Jeff Triplett “In theory, this file helps control what search engines and AI scrapers are allowed to visit, but I need more confidence in its effectiveness in the post-AI apocalyptic world.” Resources to get started Block the Bots that Feed “AI” Models by Scraping Your Website Go ahead and block AI web crawlers Dark Visitors Django Add robots.txt to a Django website How to add a robots.txt to your Django site Hugo Hugo robots.txt Podcast questions: Should content creators block AI from our work? Should’t we set up a standard way to do this? I still haven’t found a way to block GitHub repositories. Is there a way? Licensing is one thing (not easy), but I don’t think any bots respect any protocol for repos. Michael #2: niquests Requests but with HTTP/3, HTTP/2, Multiplexed Connections, System CAs, Certificate Revocation, DNS over HTTPS / TLS / QUIC or UDP, Async, DNSSEC, and (much) pain removed! Niquests is a simple, yet elegant, HTTP library. It is a drop-in replacement for Requests, which is under feature freeze. See why you should switch: Read about 10 reasons why Brian #3: Every dunder method in Python Trey Hunner Sure, there’s __repr__(), __str__(), and __init__(), but how about dunder methods for: Equality and hashability Orderability Type conversions and formatting Context managers Containers and collections Callability Arithmetic operators … and so much more … even a cheat sheet. Michael #4: Lockbox Lockbox is a forward proxy for making third party API calls. Why? Automation or workflow platforms like Zapier and IFTTT allow "webhook" actions for interacting with third party APIs. They require you to provide your third party API keys so they can act on your behalf. You are trusting them to keep your API keys safe, and that they do not misuse them. How Lockbox helps: When a workflow platform needs to make a third party API call on your behalf, it makes a Lockbox API call instead. Lockbox makes the call to the third party API, and returns the result to the workflow platform. Extras Brian: Django: Join the community on Mastodon - Adam Johnson No maintenance intended - Sent in from Kim van Wyk Michael: US sues Apple Good video on pluses and minuses The hot water just the day before [and this one] https://9to5mac.com/2024/03/25/app-store-proposals-rejected/ PyPI Support Specialist job VS Code AMA, please submit your question here PyData Eindhoven 2024 has a date and open CFP Joke: Windows Certified