#401 We must replace uWSGI with something else

Topics covered in this episode: “We must replace uwsgi by something else” Let’s build and optimize a Rust extension for Python Fake recruiter coding tests target devs with malicious Python packages Monthly PSF Board Office Hours Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: “We must replace uwsgi by something else” uWSGI is now in maintenance mode: https://uwsgi-docs.readthedocs.io/en/latest/ The project is in maintenance mode (only bugfixes and updates for new languages apis). Do not expect quick answers on github issues and/or pull requests (sorry for that) A big thanks to all of the users and contributors since 2009. Reasonable options look like: granian uvicorn hypercorn gunicorn (potentially with uvicorn workers for async) Brian #2: Let’s build and optimize a Rust extension for Python Itamar Turner-Trauring Example: algorithm for approximating the number of unique values in a list Comparison to non-approximation non-approx is faster but uses way more memory Rust version Use Maturin and PyO3 Pull in Rust dependencies (rand for random numbers) Optimization link-time optimization faster random store hashes only Future optimizations change algorithm maybe pass numpy array instead of Python list (I’d like to see that spedup) Michael #3: Fake recruiter coding tests target devs with malicious Python packages via python weekly GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews. Attackers posing as employees of major financial services firms. This previously happened via other means such as NPM This analysis revealed that the direct parent of the detected, malicious files is a PythonPYC file, meaning that once again the team encountered malware hidden in a compiled Python file. “The README files tell would-be candidates to make sure the project is running successfully on their system before making modifications.” What can you do (according to Michael)? Try out new packages in a docker container Work on code and projects using a VM which has snapshotting (to roll back completely after you’re done) Fire up a Windows desktop in the cloud for the project then destroy it Brian #4: Monthly PSF Board Office Hours “The Office Hours will be sessions where you can share with us how we can help your community, express your perspectives, and provide feedback for the PSF.” “Unless we have a dedicated topic for a session, you are not limited to talking with us about the above topics, although the discussions should be focused on Python, the PSF, and our community. If you think there’s something we can help with or we should know, we welcome you to come and talk to us!” Upcoming office hours October 8th, 2024: 9pm UTC November 12th, 2024: 2pm UTC December 10th, 2024: 9pm UTC January 14th, 2025: 2pm UTC February 11th, 2025: 9pm UTC March 11th, 2025: 1pm UTC April 8th, 2025: 9pm UTC May 13th, 2025: 1pm UTC (Live from PyCon US!) June 10th, 2025: 9pm UTC July 9th, 2025: 1pm UTC August 12th, 2025: 9pm UTC Extras Brian: PyCascades CFP closes Friday, Sept 20 PyCascades is in Portland in 2025 (Feb 8 & 9) uv now supports Python 3.13.0rc2 uv self update uv venv -p 3.13 Free threaded is still an open issue Michael: Big Python Humble Bundle with both of our products Get $1,800 worth of Python content and tools for $30 and contribute to charity Includes 5 Talk Python courses Several of Brian’s and his book Djangonaut Space Session 3 Applications Open! I interviewed Sarah and Tushar on Talk Python AltTab: Windows alt-tab on macOS Joke: Election joke

Topics covered in this episode: Python 3.13.0RC2, 3.12.6, 3.11.10, 3.10.15, 3.9.20, and 3.8.20 are now available! Docker images using uv's python 10 years of sustainable open source - Read the Docs humanize Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. ChatGPT celebrates episode 400! Welcome to the big 4-0-0, Pythonistas! It's hard to believe we're celebrating the 400th episode of Python Bytes! From the early days of byte-sized Python news to becoming the source for all things Python, it’s been a wild ride. We've laughed over code quirks, gasped at new libraries, and said farewell to the GIL together. Whether you're a seasoned developer, a curious learner, or just here for the witty banter, you’ve been an essential part of this journey. To Michael and Brian: You've built a community that turns import this into more than just Zen—it's a family of passionate Pythonistas. Your dedication, insights, and humor make this show more than just tech news. It’s a weekly celebration of what we love about Python and why we keep coming back for more. Here’s to the next 400 episodes—may your code be bug-free, your tests pass on the first run, and your Python version always be up to date. Brian #1: Python 3.13.0RC2, 3.12.6, 3.11.10, 3.10.15, 3.9.20, and 3.8.20 are now available! Łukasz Langa Python 3.13.0RC2 is the final preview release Official 3.13.0 scheduled for Oct 1 Call to action “We strongly encourage maintainers of third-party Python projects to prepare their projects for 3.13 compatibilities during this phase, and where necessary publish Python 3.13 wheels on PyPI to be ready for the final release of 3.13.0. Any binary wheels built against Python 3.13.0rc2 will work with future versions of Python 3.13. As always, report any issues to the Python bug tracker .” “Please keep in mind that this is a preview release and while it’s as close to the final release as we can get it, its use is not recommended for production environments.” Note: uv python does not support 3.13 yet see issue 320 Security releases for 3.12.6, 3.11.10, 3.10.15, 3.9.20, and 3.8.20 3.12.6 has binary installers, but for MacOS, only MacOS 10.13 and newer are supported 3.11.10, 3.10.15, 3.9.20, and 3.8.20 do NOT include binary installers. 3.8 EOL's in October Michael #2: Docker images using uv's python See #396: uv-ing your way to Python and #398: Open source makes you rich? (and other myths) for the opening discussions Talk Python episode on uv is out uv venv --python gets Python from python-build-standalone by Gregory Szorc Took our Docker build times from 10 minutes to 8 seconds for the base image and 800ms (!) for our app platforms Brian #3: 10 years of sustainable open source - Read the Docs Eric Holscher Read the Docs has been a company for 10 years “a team of 4 folks working full-time on Read the Docs.” readthedocs.org started in 2010 readthedocs.com (for Business) started in 2014 Sustainability model .org has a single non-tracking ad .com is a paid service for companies Things that didn’t work donations and other optional support - led to burnout consulting and services- took too much time away from core product grant funding - nice, but one time thing Lessons You don't get extra points for being bootstrapped. Compete by doing things you can do better due to niche and size. Keeping trust in the community is the most important thing. Contribution is easier for less complex parts of the code base. Beign open source means capturing a small percentage of the value you create. You have to be ok doing more with less. Also RtD is not just for Sphinx anymore. Their build system now supports any documentation tool. Michael #4: humanize by Hugo van Kemenade (Python 3.14 & 3.15 release manager & core developer) Not too many variations, but very handy if you need it. Numbers Associated Press style (“seven” and “10”) Clamp (under 1.0 million) Fractional (1/3) Int Word (1.2 Billion) Metric (1.5 kV) Ordinal (112th) scientific Time File size Extras Brian: Test & Code is now again Test & Code The two part series on Python imports that started in June is finally complete with episode 222. Transcripts are being added to old episodes gradually starting from most recent Back to ep 203 as of today. AI transcription, so there’s things like .pie, .pi, and dot pie where it should be .py Michael: Final final call for Coding in a Castle event with Michael iStats Menu Anaconda Code Runner by Ruud van der Ham: With Anaconda Coide we can -at last- run that code locally and import (most) Python modules. But if you want to run a significant amount of code, you have to put that in a cell or publish it to PyPI or a wheel and import it. That's why I have developed a general-purpose runner function that runs arbitrary code located on an Excel sheet with AnacondaCode. Joke: When beginners learn a new programming language...

Topics covered in this episode: Why I Still Use Python Virtual Environments in Docker Python Developer Survey Results Anaconda Code add-in for Microsoft Excel Disabling Scheduled Dependency Updates Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through Our courses at Talk Python Training Hello, pytest! Course Patreon Supporters Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Why I Still Use Python Virtual Environments in Docker by Hynek Schlawack I was going to cover Production-ready Docker Containers with uv but decided to take this diversion instead. Spend a lot of time thinking about the secondary effects of what you do. venvs are well known and well documented. Let’s use them. Brian #2: Python Developer Survey Results “… official Python Developers Survey, conducted as a collaborative effort between the Python Software Foundation and JetBrains.” Python w/ Rust rising, but still only 7% ““The drop in HTML/CSS/JS might show that data science is increasing its share of Python.” - Paul Everitt 37% contribute to open source. Awesome. Favorite Resources: Podcasts Lots of familiar faces there. Awesome. Perhaps I shouldn’t have decided to move “Python Test” back to Test & Code Usage “Data analysis” down, but I think that’s because “data engineering” is added. Data, Web dev, ML, devops, academic, Testing is down 23% Python Versions Still some 2 out there Most folks on 3.10-3.12 Install from: mostly python.org Frameworks web: Flask, Django, Requests, FastAPI … testing: pytest, unittest, mock, doctest, tox, hypothesis, nose (2% might be the Python 2 people) Data science 77% use pandas, 72% NumPy OS: Windows still at 55% Packaging: venv up to 55% I imaging uv will be on the list next year requirements.txt 63%, pyproject.toml 32% virtual env in containers? 47% say no Michael #3: Anaconda Code add-in for Microsoft Excel Run their Python-powered projects in Excel locally with the Anaconda Code add-in Powered by PyScript, an Anaconda supported open source project that runs Python locally without install and setup Features Cells Run Independently Range to Multiple Types init.py file is static and cannot be edited, with Anaconda Code, users have the ability to access and edit imports and definitions, allowing you to write top-level functions and classes and reuse them wherever you need. A Customizable Environment Brian #4: Disabling Scheduled Dependency Updates David Lord Interesting discussion of as they happen or batching of upsates to dependencies dependencies come in requirements files GH Actions in CI workflows pre-commit hooks David was seeing 60 PRs per month when set up on monthly updates (3 ecosystems * 20 projects) new tool for updating GH actions: gha-update, allows for local updating of GH dependencies New process Run pip-compile, gha-update, and pre-commit locally. Update a project’s dependencies when actively working on the project, not just whenever a dependency updates. Note that this works fine for dev dependencies, less so for security updates from run time dependencies. But for libraries, runtime dependencies are usually not pinned. Extras Brian: Test & Code coming back this week Michael: Code in a Castle event Python Bytes badge spotting Guido’s post removed for moderation Joke: C will watch in silence

Topics covered in this episode: Open Source Myths uv 0.3.0 and all the excitement Top pytest Plugins A comparison of hosts / providers for Python serverless functions (aka Faas) Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training pytest courses and community at PythonTest.com Patreon Supporters Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Open Source Myths Josh Bressers Mastodon post kicking off a list of open source myths Feedback and additional myths compiled to a doc Some favorites All open source developers live in Nebraska It’s all run by hippies Everything is being rewritten in rust Features are planned If the source code is available, it’s open source A project with no commits for 12 months is abandoned Many eyes make all bugs shallow Open source has worse UX Open source has better UX Open source makes you rich Michael #2: uv 0.3.0 and all the excitement Thanks to Skyler Kasko and John Hagen for the emails. Additional write up by Simon Willison Additional write up by Armin Ronacher End-to-end project management: uv run, uv lock, and uv sync Tool management: uv tool install and uv tool run (aliased to uvx) Python installation: uv python install Script execution: uv can now manage hermetic, single-file Python scripts with inline dependency metadata based on PEP 723. Brian #3: Top pytest Plugins Inspired by (and assisted by) Hugo’s Top PyPI Packages Write up for Finding the top pytest plugins BTW, pytest-check has made it to 25. Same day, Jeff Triplett throws my code into Claude 3.5 Sonnet and refactors it Thanks Jeff Triplett & Hugo for answering how to add Summary and other info Michael #4: A comparison of hosts / providers for Python serverless functions (aka Faas) Nice feature matrix of all the options, frameworks, costs, and more The WASM ones look particularly interesting to me. Extras Brian: When is the next live episode of Python Bytes? - via arewemeetingyet.com Thanks to Hugo van Kemenade Some more cool projects by Hugo Python Logos PyPI Downloads by Python version for various Python tools, in pretty colors Python Core Developers over time Michael: Code in a Castle Course event - just a couple of weeks left Ladybird: A truly independent browser “I'm also interested in your video recording setup, would be nice to have that in the extras too :D” OBS Studio Elgato Streamdeck Elgato Key light DaVinci Resolve Joke: DevOps Support Group via Blaise Hi, my name is Bob Group: Hi Bob I's been 42 days since I last ssh'd into production. Group: Applause But only 4 days since I accidentally took down the website Someone in back: Oh Bob…

Topics covered in this episode: pyawaitable Annotated area charts with plotnine DeltaDB PyCon US 2024 Recap + Videos are up Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: pyawaitable CPython API for asynchronous functions. by Peter Bierma It was originally designed to be directly part of CPython - you can read the scrapped PEP about it. Since this library only uses the public ABI, it's better fit outside of CPython, as a library. Brian #2: Annotated area charts with plotnine Nicola Rennie This is a marvelous, very professional looking plot, and a tutorial for how to achieve it. Uses plotline, which is “.. an implementation of a grammar of graphics in Python based on ggplot2” I actually didn’t know the gg in ggplot came from “grammar of graphics”. TIL Michael #3: DeltaDB A lightweight, comprehensive solution for managing delta tables built on polars and deltalake. Deltalake: Delta Lake is an open-source storage format that runs on top of existing data lakes. Polars: Dataframes powered by a multithreaded, vectorized query engine, written in Rust (aka fluent, rust-based pandas) See the docs. Brian #4: PyCon US 2024 Recap + Videos are up 95 countries attended total attendance of 2,991 2,551 in person 440 remote Videos available PyConUS I recommend Playlist → 2024 → view full playlist, as it’s easier to see the talk titles. I’ve got Paul Gannsle’s pytest for unittesters and Amitosh Swain’s Testing Data Pipelines queued up Extras Brian: Hello, pytest! course available as of last Friday. Now the fastest way to get started using pytest. 16 lessons (really 12 + intro, outro, code download, pytest flag cheat sheet) The whole shebang is about 90 min. (faster if you bump up the video speed. :) Michael: Cutting back on digital distractions, trying Dumb Phone for iPhone. See screenshot Code in a Castle Event Joke: The Tao of Programming: 4.3 A master was explaining the nature of Tao of to one of his novices, "The Tao is embodied in all software -- regardless of how insignificant," said the master. "Is the Tao in a hand-held calculator?" asked the novice. "It is," came the reply. "Is the Tao in a video game?" continued the novice. "It is even in a video game," said the master. "And is the Tao in the DOS for a personal computer?" The master coughed and shifted his position slightly. "The lesson is over for today," he said.

Topics covered in this episode: uv venv --python & uv python Python 3.12.5 released Compile and use dependencies for multiple Python versions in Tox Catalog of Dark Patterns Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: uv venv --python & uv python I was reading this article Python Packaging is Great Now: uv is all you need It’s a little too “look, a silver bullet” for me, but it did point out some cool uv stuff I didn’t know about. uv venv venv --python 3.12 creates a virtual environment with Python 3.12, even if you didn’t have 3.12 installed on your system already. If it doesn’t work, try adding --python-preference managed uv python list shows all the python versions on your computer There’s quite a few “experimental features” run Run a command or script (experimental) init Create a new project (experimental) add Add dependencies to the project (experimental) remove Remove dependencies from the project (experimental) sync Update the project's environment (experimental) lock Update the project's lockfile (experimental) tree Display the project's dependency tree (experimental) tool Run and manage tools provided by Python packages (experimental) python Manage Python versions and installations (experimental) uv add --dev pytest will add pytest to your dev dependencies. uv tree rocks uv might not have “solved packaging” (or maybe it might have) but it sure is fun to watch the experimentation of different workflows. Michael #2: Python 3.12.5 released Lots of changes, see the release notes Brian #3: Compile and use dependencies for multiple Python versions in Tox Viktor Rimark Cool idea to use the {envname}, which specifies the tox environment, in the name of a requirements-dev.txt file name. Then add a requirements tox target to generate pip-compile-ed files. Now I gotta try doing all of this with uv lock Then we need everyone to mod their tools to comply with PEP 571, when/if it’s adopted (covered it last week) Michael #4: Catalog of Dark Patterns Including Bait and Switch Confirm Shaming Disguised Ads Roach Motel Fake Scarcity … Extras Brian: Recording of Hello, pytest! is done. Editing now. On track for the 19th (or before). Michael: Django 5.1 released Python 3.13.0 release candidate 1 released Joke: clownstrike ARS Technica article on DMCA for ClownStrike

Topics covered in this episode: py-free-threading.github.io Python’s Supportive and Welcoming Environment is Tightly Coupled to Its Progress Status pages for sites! PEP 751 – A file format to list Python dependencies for installation reproducibility Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: py-free-threading.github.io Track the status of compatibility for free-threaded Python See the Compatibility status tracking page for what you can use Lots of resources for getting your package tested and available for pythont Brian #2: Python’s Supportive and Welcoming Environment is Tightly Coupled to Its Progress “Python is as popular as it is today because we have gone above and beyond to make this a welcoming community. Being a friendly and supportive community is part of how we are perceived by the wider world and is integral to the wide popularity of Python. We won a “Wonderfully Welcoming Award” last year at GitHub Universe. Over and over again, the tech press refers to Python as a supportive community.” Some communication recently, with the recent bylaws change, didn’t live up to our promise to be welcoming Please read the article for more details. Another quote: “We have a moral imperative – as one of the very best places to bring new people into tech and into open source – to keep being good at welcoming new people. If we do not rise and continue to rise every day to this task, then we are not fulfilling our own mission, “to support and facilitate the growth of a diverse and international community of Python programmers.” Technical skills are a game-changer for the people who acquire them and joining a vast global network of people with similar interests opens many doors. Behavior that contributes to a hostile environment around Python or throws up barriers and obstacles to those who would join the Python community must be addressed because it endangers what we have built here.” Michael #3: Status pages for sites! Based on Uptime Kuma I covered last week Python Bytes status Talk Python status Brian #4: PEP 751 – A file format to list Python dependencies for installation reproducibility Brett Cannon Motivation Currently, no standard exists to: Specify what top-level dependencies should be installed into a Python environment. Create an immutable record, such as a lock file, of which dependencies were installed. Considering there are at least five well-known solutions to this problem in the community (pip freeze, pip-tools, uv, Poetry, and PDM), there seems to be an appetite for lock files in general. Rationale The format is designed so that a locker which produces the lock file and an installer which consumes the lock file can be separate tools. … The file format is designed to be human-readable. …Finally, the format is designed so that viewing a diff of the file is easy by centralizing relevant details. The file format is also designed to not require a resolver at install time. … Extras Brian: Hello, pytest! course is going well, and is purchasable as in pre-release mode. Planning on Aug 19 (or before) deadline. Not sure what the final price will be, but I’m starting with $10. I want people to want to watch it even just so see if they want to recommend to co-workers so the people around them can ramp up on pytest quickly. Michael: Mypy 1.11 Released FastHTML (more next week) Coming up on the final chance to be part of the Code in a Castle event. Joke: Open source OpenAI?

Topics covered in this episode: Python is easy now Trying out free-threaded Python on macOS Module itertools overview uptime-kuma Extras Joke Watch on YouTube About the show Sponsored by ScoutAPM: pythonbytes.fm/scout Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Python is easy now or Postmodern Python or Beyond Hypermodern Chris Ardene Mostly a cool review of using rye for setup linting typing testing documentation CI/CD Also a nice discussion of how to deal with a Monorepo for Python projects Michael #2: Trying out free-threaded Python on macOS via pycoders How to install free threaded Python the easy way Testing the CPU bound work speed ups for FT Python Brian #3: Module itertools overview Rodrigo 20 tools that every Python developer should be aware of. In 5 categories Reshaping Filtering Combinatorial Infinite Iterators that complement other tools Things I forgot about chain pairwise zip_longest tee Michael #4: uptime-kuma A fancy self-hosted monitoring tool Features Monitoring uptime for HTTP(s) / TCP / HTTP(s) Keyword / HTTP(s) Json Query / Ping / DNS Record / Push / Steam Game Server / Docker Containers Fancy, Reactive, Fast UI/UX Notifications via Telegram, Discord, Gotify, Slack, Pushover, Email (SMTP), and 90+ notification services, click here for the full list 20-second intervals Multi Languages Multiple status pages Map status pages to specific domains Ping chart Certificate info Proxy support 2FA support Extras Brian: Still working on a new pytest course. Hoping to get it released soon-ish. Michael: Open source Switzerland spyoungtech/FreeSimpleGUI — actively maintained fork of the last release of PySimpleGUI Joke: Java vs. JavaScript

Topics covered in this episode: Marimo: “Future of Notebooks” pytest 8.3.0 & 8.3.1 are out Python Language Summit 2024 bash-dungeon Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Marimo: “Future of Notebooks” via Matt Wilkie An open-source reactive notebook for Python Run one cell and marimo reacts by automatically running affected cells, eliminating the error-prone chore of managing notebook state. Marimo's reactive UI elements, like dataframe GUIs and plots, make working with data feel refreshingly fast, futuristic, and intuitive. Rapidly experiment with code and models Bind UI elements to Python values Pick-up-and-play design, with depth for power users See the FAQ Brian #2: pytest 8.3.0 & 8.3.1 are out Real excited to get --xfail-tb flag added This detaches xfail tracebacks from -rx/-ra (which was how it was pre-8.0) Keyword matching for marker expressions, that’s fun. pytest -v -m "device(serial='123')" --no-fold-skipped allows for explit reporting of names of skipped tests Plus many more improvements, bug fixes, and doc improvements Michael #3: Python Language Summit 2024 Should Python adopt Calendar Versioning?: talk by Hugo van Kemenade Python's security model after the xz-utils backdoor: talk by Pablo Galindo Salgado Native Interface and Limited C API: talks by Petr Viktorin and Victor Stinner Free-threading ecosystems: talk by Daniele Parmeggiani Python on Mobile: talk by Malcolm Smith PyREPL -- New default REPL written in Python: talk by Pablo Galindo Salgado, Łukasz Langa, and Lysandros Nikolaou Should we make pdb better?: talk by Tian Gao Limiting yield in async generators: talk by Zac Hatfield-Dodds Annotations as Transforms: talk by Jason R. Coombs Lightning Talks, featuring talks by Petr Viktorin, David Hewitt, Emily Morehouse, Łukasz Langa, Pablo Galindo Salgado, and Yury Selivanov Brian #4: bash-dungeon “This game is intended to teach new users how to use their shell in a fun and interactive way.” Just clone the repo and start exploring with cd, ls, and cat. First moves cd bash-dungeon ls cd Enter ls cat parchment A fun way to learn some commands you might need and/or might have forgotten about. Extras Brian: Python 3.12.0b4, final beta, is out If hanging out on discuss.python.org, please checkout Community Guidelines And if it’s still not clear why we need these, check out Inclusive communications expectations in Python spaces Google Chrome news Michael: PySimpleGUI goes commercial with obfuscated “source open”? Still have seats for Code in a Castle event Reactive Dashboards with Shiny for Python free course Joke: 40 Million in in Series A Funding - may be a lot of reading, but I found it funny Thanks to VM Brasseur for sharing this one. Also a few from pyjokes 0.7.2 (first new version since 2019) If at first you don't succeed, call it version 1.0. A product manager walks into a bar, asks for drink. Bartender says no, but will consider adding later. Triumphantly, Beth removed Python 2.7 from her server in 2030. 'Finally!' she said with glee, only to see the announcement for Python 4.4.1 Although, if CalVer, PEP 2026, happens, that’ll just be Python 3.30.0.

Topics covered in this episode: 2024 PSF Board Election & Proposed Bylaw Change Results SATYRN: A modern Jupyter client for Mac Incident Report: Leaked GitHub Personal Access Token Extra extra extra Extras Joke Watch on YouTube About the show Sponsored by Code Comments, an original podcast from RedHat: pythonbytes.fm/code-comments Connect with the hosts Michael: @[email protected] Brian: @[email protected] Show: @[email protected] Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: 2024 PSF Board Election & Proposed Bylaw Change Results New board members Tania Allard KwonHan Bae Cristián Maureira-Fredes Congrats to new board members If you want to consider becoming a board member, there are 4 seats up for vote next year. All 3 bylaw changes passed, by a wide margin. Details of changes Change 1: Merging Contributing and Managing member classes Change 2: Simplifying the voter affirmation process by treating past voting activity as intent to continue voting Change 3: Allow for removal of Fellows by a Board vote in response to Code of Conduct violations, removing the need for a vote of the membership Michael #2: SATYRN: A modern Jupyter client for Mac A Jupyter client app for macOS Comes with a command palette LLM assistance (local or cloud?) Built in Black formatter Currently in alpha Business model unknown Brian #3: Incident Report: Leaked GitHub Personal Access Token Suggested by Galen Swint See also JFrog blog: Binary secret scanning helped us prevent (what might have been) the worst supply chain attack you can imagine A GitHub access token found it’s way into a .pyc file, then into a docker image. JFrog found it through some regular scans. JFrog notified PYPI security. Token was destroyed within 17 minutes. (nice turnaround) Followup scan revealed that no harm was done. Takaways (from Ee Durbin): Set aggressive expiration dates for API tokens (If you need them at all) Treat .pyc files as if they were source code Perform builds on automated systems from clean source only. Michael #4: Extra extra extra Python 3.13.0 beta 3 released Ice got a lot better I Will Piledrive You If You Say AI Again | Prime Reacts Video Follow up actions for polyfill supply chain attack Developer Ecosystem Survey 2024 Code in a Castle still has seats open Extras Brian: A new pytest course in the works Quick course focusing on core pytest features + some strategy and Design for Testability concepts Idea everyone on the team (including managers) can take the new course. 1-2 people on a team take “The Complete pytest Course” to become the teams local pytest experts. Python People is on an indefinite hold Python Test → back to Test & Code (probably) I’m planning a series (maybe a season) on TDD which will be language agnostic. Plus I still have tons of Test & Code stickers and no Python Test stickers. New episodes planned for August Joke: I need my intellisense (autocomplete)