
- * pypistats.org was down, is now back, and there’s a CLI*
- * State of Python 2025*
- * wrapt: A Python module for decorators, wrappers and monkey patching.*
- pysentry
- Extras
- Joke
About the show
Sponsored by us! Support our work through:
Connect with the hosts
- Michael: @[email protected] / @mkennedy.codes (bsky)
- Brian: @[email protected] / @brianokken.bsky.social
- Show: @[email protected] / @pythonbytes.fm (bsky)
Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.
Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.
Brian #1: pypistats.org was down, is now back, and there’s a CLI
- pypistats.org is a cool site to check the download stats for Python packages. 
- It was down for a while, like 3 weeks? 
- A couple days ago, Hugo van Kemenade announced that it was back up. 
- With some changes in stewardship - “pypistats.org is back online! 🚀📈 - Thanks to @jezdez for suggesting the @ThePSF takes stewardship and connecting the right people, to @EWDurbin for migrating, and of course to Christopher Flynn for creating and running it for all these years!” 
 
- Hugo has a CLI version, pypistats - You can give it a command for what you want to search for
- recent,overall, python_major, python_minor, system
 
- Then either a package name, a directory path, or if nothing, it will grab the current directory package via pyproject.toml or setup.cfg
- very cool
 
- You can give it a command for what you want to search for
Michael #2: State of Python 2025
- Michael’s Themes
- Python people use Python: 86% of respondents use Python as their main language
- We are mostly brand-new programmers: Exactly 50% of respondents have less than two years of professional coding experience
- Data science is now over half of all Python
- Most still use older Python versions despite benefits of newer releases: Compelling math to make the change.
- Python web devs resurgence
 
- Forward-looking trends
- Agentic AI will be wild
- Async, await, and threading are becoming core to Python
- Python GUIs and mobile are rising
 
- Actionable ideas
- Action 1: Learn uv
- Action 2: Use the latest Python
- Action 3: Learn agentic AI
- Action 4: Learn to read basic Rust
- Action 5: Invest in understanding threading
- Action 6: Remember the newbies
 
Brian #3: wrapt: A Python module for decorators, wrappers and monkey patching.
- “The aim of the wrapt module is to provide a transparent object proxy for Python, which can be used as the basis for the construction of function wrappers and decorator functions. - An easy to use decorator factory is provided to make it simple to create your own decorators that will behave correctly in any situation they may be used.” 
- Why not just use functools.wraps()? - “The wrapt module focuses very much on correctness. It therefore goes way beyond existing mechanisms such as functools.wraps() to ensure that decorators preserve introspectability, signatures, type checking abilities etc. The decorators that can be constructed using this module will work in far more scenarios than typical decorators and provide more predictable and consistent behaviour.”
 
- There’s a bunch of blog posts from 2014 / 2015 (and kept updated) that talk about how wrapt solves many issues with traditional ways to decorate and patch things in Python, including “How you implemented your Python decorator is wrong”. 
- Docs are pretty good, with everything from simple wrappers to an example of building a wrapper to handle thread synchronization 
Michael #4: pysentry
- via Owen Lamont 
- Install via uv tool install pysentry-rs 
- Scan your Python dependencies for known security vulnerabilities with Rust-powered scanner. 
- PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (uv.lock, poetry.lock, Pipfile.lock, pyproject.toml, Pipfile, requirements.txt) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options. 
- Key Features: - Multiple Project Formats: Supports uv.lock, poetry.lock, Pipfile.lock, pyproject.toml, Pipfile, and requirements.txt files 
- External Resolver Integration: Leverages uv and pip-tools for accurate requirements.txt constraint solving 
- Multiple Data Sources: - PyPA Advisory Database (default)
- PyPI JSON API
- OSV.dev (Open Source Vulnerabilities)
 
- Flexible Output for different workflows: Human-readable, JSON, SARIF, and Markdown formats 
- Performance Focused: - Written in Rust for speed
- Async/concurrent processing
- Multi-tier intelligent caching (vulnerability data + resolved dependencies)
 
- Comprehensive Filtering: - Severity levels (low, medium, high, critical)
- Dependency scopes (main only vs all [optional, dev, prod, etc] dependencies)
- Direct vs. transitive dependencies
 
- Enterprise Ready: SARIF output for IDE/CI integration 
- I tried it on pythonbytes.fm and found only one issue, sadly can’t be fixed: PYSENTRY SECURITY AUDIT ======================= SUMMARY: 89 packages scanned • 1 vulnerable • 1 vulnerabilities found SEVERITY: 1 LOW UNFIXABLE: 1 vulnerabilities cannot be fixed VULNERABILITIES --------------- 1. PYSEC-2022-43059 aiohttp v3.12.15 [LOW] [source: pypa-zip] AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE:... Scan completed
 
Extras
Michael:
- I’ve been rumbling with rumdl.
- Ruben fixed one of my complaints about it with issue #58.
- Config seems like it might be off. Here’s mine .rumdl.toml.
- I’ve been using it on the upcoming Talk Python in Production book
- Read the first third online and get notified when its out.
- 20 or so Markdown files
- 45,000 words of content
 
 
- I asked if 3.13.6 would be the last 3.13 release? No.
Joke: Marked for destruction
Flere episoder fra "Python Bytes"
 
 
 - Gå ikke glip af nogen episoder af “Python Bytes” - abonnér på podcasten med gratisapp GetPodcast. 
 
 
 
 
 
 
 
 
