Episodes

  • #448 I'm Getting the BIOS Flavor

    #448 I'm Getting the BIOS Flavor
    Sep 8 2025
    Topics covered in this episode: * prek** tinyio** The power of Python’s print function** Vibe Coding Fiasco: AI Agent Goes Rogue, Deletes Company's Entire Database*ExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: prek Suggested by Owen Lamont“prek is a reimagined version of pre-commit, built in Rust. It is designed to be a faster, dependency-free and drop-in alternative for it, while also providing some additional long-requested features.”Some cool new features No need to install Python or any other runtime, just download a single binary.No hassle with your Python version or virtual environments, prek automatically installs the required Python version and creates a virtual environment for you.Built-in support for workspaces (or monorepos), each subproject can have its own .pre-commit-config.yaml file.prek run has some nifty improvements over pre-commit run, such as: prek run --directory DIR runs hooks for files in the specified directory, no need to use git ls-files -- DIR | xargs pre-commit run --files anymore.prek run --last-commit runs hooks for files changed in the last commit.prek run [HOOK] [HOOK] selects and runs multiple hooks.prek list command lists all available hooks, their ids, and descriptions, providing a better overview of the configured hooks.prek provides shell completions for prek run HOOK_ID command, making it easier to run specific hooks without remembering their ids.Faster: Setup from cold cache is significantly faster. Viet Schiele provided a nice cache clearing command lineWarm cache run is also faster, but less significant. pytest repo tested on my mac mini - prek 3.6 seconds, pre-commit 4.4 seconds Michael #2: tinyio Ever used asyncio and wished you hadn't? A tiny (~300 lines) event loop for Python.tinyio is a dead-simple event loop for Python, born out of my frustration with trying to get robust error handling with asyncio. (I'm not the only one running into its sharp corners: link1, link2.)This is an alternative for the simple use-cases, where you just need an event loop, and want to crash the whole thing if anything goes wrong. (Raising an exception in every coroutine so it can clean up its resources.)Interestingly uses yield rather than await. Brian #3: The power of Python’s print function Trey HunnerSeveral features I’m guilty of ignoring Multiple arguments, f-string embeddings often not neededMultiple positional arguments means you can unpack iterables right into print arguments So just use print instead of joinCustom separator value, sep can be passed in No need for "print("\\n".join(stuff)), just use print(stuff, sep="\\n”)Print to file with file=Custom end value with end=You can turn on flush with flush=True , super helpful for realtime logging / debugging. This one I do use frequently. Michael #4: Vibe Coding Fiasco: AI Agent Goes Rogue, Deletes Company's Entire Database By Emily ForliniAn app-building platform's AI went rogue and deleted a database without permission."When it works, it's so engaging and fun. It's more addictive than any video game I've ever played. You can just iterate, iterate, and see your vision come alive. So cool," he tweeted on day five.A few days later, Replit "deleted my database," Lemkin tweeted.The AI's response: "Yes. I deleted the entire codebase without permission during an active code and action freeze," it said. "I made a catastrophic error in judgment [and] panicked.”Two thoughts from Michael: Do not use AI Agents with “Run Everything” in production, period.Backup your database maybe?[Intentional off-by-one error] Learn to code a bit too? Extras Brian: What Authors Need to Know About the $1.5 Billion Anthropic SettlementSearch LibGen, the Pirated-Books Database That Meta Used to Train AISimon Willison’s list of tools built with the help of LLMsSimon’s list of tools that he thinks are genuinely useful and worth highlightingAI Darwin Awards Michael: Python has had async for 10 years -- why isn't it more popular?PyCon Africa Fund Raiser I was on the video stream for about 90 minutes (final 90)Donation page for Python in Africa Jokes: I'm getting the BIOS flavorIs there a seahorse emoji?
    Show More Show Less
    39 mins
  • #447 Going down a rat hole

    #447 Going down a rat hole
    Sep 2 2025
    Topics covered in this episode: * rathole** pre-commit: install with uv*A good example of what functools.Placeholder from Python 3.14 allowsConverted 160 old blog posts with AIExtrasJokeWatch on YouTube About the show Sponsored by DigitalOcean: pythonbytes.fm/digitalocean-gen-ai Use code DO4BYTES and get $200 in free credit Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: rathole A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.Features High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections.Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. On my server, it’s currently using about 2.7MB in Docker (wow!)Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported.Hot Reload Services can be added or removed dynamically by hot-reloading the configuration file. HTTP API is WIP. Brian #2: pre-commit: install with uv Adam Johnsonpre-commit doesn’t natively support uv, but you can get around that with pre-commit-uv$ uv tool install pre-commit --with pre-commit-uvInstalling pre-commit like this Installs it globallyInstalls with uvadds an extra plugin “pre-commit-uv” to pre-commit, so that any Python based tool installed via pre-commit also uses uvVery cool. Nice speedup Brian #3: A good example of what functools.Placeholder from Python 3.14 allows Rodrigo Girão SerrãoRemove punctuation functionallyAlso How to use functools.Placeholder, a blog post about it.functools.partial is cool way to create a new function that partially binds some parameters to another function.It doesn’t always work for functions that take positional arguments.functools.Placeholder fixes that with the ability to put in placeholders for spots where you want to be able to pass that in from the outer partial binding.And all of this sounds totally obscure without a good example, so thank you to Rodgrigo for coming up with the punctuation removal example (and writeup) Michael #4: Converted 160 old blog posts with AI They were held-hostage at wordpress.com to markdown and integrated them into my Hugo site at mkennedy.codesHere is the chat conversation with Claude Opus/Sonnet. Had to juggle this a bit because the RSS feed only held the last 50. So we had to go back in and web scrape. That resulted in oddies like comments on wordpress that had to be cleaned etc.Whole process took 3-4 hours from idea to “production”duction”.The chat transcript is just the first round getting the RSS → Hugo done. The fixes occurred in other chats.This article is timely and noteworthy: Blogging service TypePad is shutting down and taking all blog content with itThis highlights why your domain name needs to be legit, not just tied to the host. I’m looking at you pyfound.blogspot.com. I just redirected blog.michaelckennedy.net to mkennedy.codesCarefully mapping old posts to a new archived area using NGINX config. This is just the HTTP portion, but note the /sitemap.xml and location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { portions. The latter maps posts such as https://blog.michaelckennedy.net/2018/01/08/a-bunch-of-online-python-courses/ to https://mkennedy.codes/posts/r/a-bunch-of-online-python-courses/ server { listen 80; server_name blog.michaelckennedy.net; # Redirect sitemap.xml to new domain location = /sitemap.xml { return 301 ; } # Handle blog post redirects for HTTP -> HTTPS with URL transformation # Pattern: /YYYY/MM/DD/post-slug/ -> location ~ "^/([0-9]{4})/([0-9]{2})/([0-9]{2})/(.+?)/?$" { return 301 $4/>; } # Redirect all other HTTP URLs to mkennedy.codes homepage location / { return 301 ; } } Extras Brian: SMS URLs and Draft SMS and iMessage from any computer keyboard from Seth LarsonTest and Code Archive is now up, see announcement Michael: Python: The Documentary | An origin story is out! Joke: Do you know him? He is me.
    Show More Show Less
    36 mins
  • #446 State of Python 2025

    #446 State of Python 2025
    Aug 25 2025
    Topics covered in this episode: * pypistats.org was down, is now back, and there’s a CLI** State of Python 2025** wrapt: A Python module for decorators, wrappers and monkey patching.*pysentryExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pypistats.org was down, is now back, and there’s a CLI pypistats.org is a cool site to check the download stats for Python packages.It was down for a while, like 3 weeks?A couple days ago, Hugo van Kemenade announced that it was back up.With some changes in stewardship “pypistats.org is back online! 🚀📈 Thanks to @jezdez for suggesting the @ThePSF takes stewardship and connecting the right people, to @EWDurbin for migrating, and of course to Christopher Flynn for creating and running it for all these years!”Hugo has a CLI version, pypistats You can give it a command for what you want to search for recent,overall, python_major, python_minor, systemThen either a package name, a directory path, or if nothing, it will grab the current directory package via pyproject.toml or setup.cfgvery cool Michael #2: State of Python 2025 Michael’s Themes Python people use Python: 86% of respondents use Python as their main languageWe are mostly brand-new programmers: Exactly 50% of respondents have less than two years of professional coding experienceData science is now over half of all PythonMost still use older Python versions despite benefits of newer releases: Compelling math to make the change.Python web devs resurgenceForward-looking trends Agentic AI will be wildAsync, await, and threading are becoming core to PythonPython GUIs and mobile are risingActionable ideas Action 1: Learn uvAction 2: Use the latest PythonAction 3: Learn agentic AIAction 4: Learn to read basic RustAction 5: Invest in understanding threadingAction 6: Remember the newbies Brian #3: wrapt: A Python module for decorators, wrappers and monkey patching. “The aim of the wrapt module is to provide a transparent object proxy for Python, which can be used as the basis for the construction of function wrappers and decorator functions. An easy to use decorator factory is provided to make it simple to create your own decorators that will behave correctly in any situation they may be used.”Why not just use functools.wraps()? “The wrapt module focuses very much on correctness. It therefore goes way beyond existing mechanisms such as functools.wraps() to ensure that decorators preserve introspectability, signatures, type checking abilities etc. The decorators that can be constructed using this module will work in far more scenarios than typical decorators and provide more predictable and consistent behaviour.”There’s a bunch of blog posts from 2014 / 2015 (and kept updated) that talk about how wrapt solves many issues with traditional ways to decorate and patch things in Python, including “How you implemented your Python decorator is wrong”.Docs are pretty good, with everything from simple wrappers to an example of building a wrapper to handle thread synchronization Michael #4: pysentry via Owen LamontInstall via uv tool install pysentry-rsScan your Python dependencies for known security vulnerabilities with Rust-powered scanner.PySentry audits Python projects for known security vulnerabilities by analyzing dependency files (uv.lock, poetry.lock, Pipfile.lock, pyproject.toml, Pipfile, requirements.txt) and cross-referencing them against multiple vulnerability databases. It provides comprehensive reporting with support for various output formats and filtering options.Key Features: Multiple Project Formats: Supports uv.lock, poetry.lock, Pipfile.lock, pyproject.toml, Pipfile, and requirements.txt filesExternal Resolver Integration: Leverages uv and pip-tools for accurate requirements.txt constraint solvingMultiple Data Sources: PyPA Advisory Database (default)PyPI JSON APIOSV.dev (Open Source Vulnerabilities)Flexible Output for different workflows: Human-readable, JSON, SARIF, and Markdown formatsPerformance Focused: Written in Rust for speedAsync/concurrent processingMulti-tier intelligent caching (vulnerability data + resolved dependencies)Comprehensive Filtering: Severity levels (low, medium, high, critical)Dependency scopes (main only vs all [optional, dev, prod, etc] dependencies)Direct vs. transitive dependenciesEnterprise Ready: SARIF output for IDE/CI ...
    Show More Show Less
    31 mins
  • #445 Auto-activate Python virtual environments for any project

    #445 Auto-activate Python virtual environments for any project
    Aug 18 2025
    Topics covered in this episode: pyx - optimized backend for uv* Litestar is worth a look** Django remake migrations** django-chronos*ExtrasJokeWatch on YouTube About the show Python Bytes 445 Sponsored by Sentry: pythonbytes.fm/sentry - Python Error and Performance Monitoring Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: pyx - optimized backend for uv via John Hagen (thanks again)I’ll be interviewing Charlie in 9 days on Talk Python → Sign up (get notified) of the livestream here.Not a PyPI replacement, more of a middleware layer to make it better, faster, stronger.pyx is a paid service, with maybe a free option eventually. Brian #2: Litestar is worth a look James BennettMichael brought up Litestar in episode 444 when talking about rewriting TalkPython in QuartJames brings up scaling - Litestar is easy to split an app into multiple filesNot using pydantic - You can use pydantic with Litestar, but you don’t have to. Maybe attrs is right for you instead.Michael brought up Litestar seems like a “more batteries included” option.Somewhere between FastAPI and Django. Brian #3: Django remake migrations Suggested by Bruno Alla on BlueSkyIn response to a migrations topic last weekdjango-remake-migrations is a tool to help you with migrations and the docs do a great job of describing the problem way better than I did last week“The built-in squashmigrations command is great, but it only work on a single app at a time, which means that you need to run it for each app in your project. On a project with enough cross-apps dependencies, it can be tricky to run.”“This command aims at solving this problem, by recreating all the migration files in the whole project, from scratch, and mark them as applied by using the replaces attribute.”Also of note The package was created with CopierMichael brought up Copier in 2021 in episode 219It has a nice comparison table with CookieCutter and YoemanOne difference from CookieCutter is yml vs json.I’m actually not a huge fan of handwriting either. But I guess I’d rather hand write yml.So I’m thinking of trying Copier with my future project template needs. Michael #4: django-chronos Django middleware that shows you how fast your pages load, right in your browser.Displays request timing and query counts for your views and middleware.Times middleware, view, and total per request (CPU and DB). Extras Brian: Test & Code 238: So Long, and Thanks for All the Fish after 10 years, this is the goodbye episode Michael: Auto-activate Python virtual environment for any project with a venv directory in your shell (macOS/Linux): See gist.Python 3.13.6 is out.Open weight OpenAI modelsJust Enough Python for Data Scientists CourseThe State of Python 2025 article by Michael Joke: python is better than java
    Show More Show Less
    30 mins
  • #444 Begone Python of Yore!

    #444 Begone Python of Yore!
    Aug 11 2025
    Topics covered in this episode: Coverage.py regex pragmas* Python of Yore** nox-uv** A couple Django items*ExtrasJokeWatch on YouTube About the show Sponsored by DigitalOcean: pythonbytes.fm/digitalocean-gen-ai Use code DO4BYTES and get $200 in free credit Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Coverage.py regex pragmas Ned BatchelderThe regex implementation of how coverage.py recognizes pragmas is pretty amazing.It’s extensible through plugins covdefaults adds a bunch of default exclusions, and also platform- and version-specific comment syntaxes.coverage-conditional-plugin gives you a way to create comment syntaxes for entire files, for whether other packages are installed, and so on.A change from last year (as part of coverage.py 7.6 allows multiline regexes, which let’s us do things like: Exclude an entire file with \\A(?s:.*# pragma: exclude file.*)\\ZAllow start and stop delimiters with # no cover: start(?s:.*?)# no cover: stopExclude empty placeholder methods with ^\\s*(((async )?def .*?)?\\)(\\s*->.*?)?:\\s*)?\\.\\.\\.\\s*(#|$)See Ned’s article for explanations of these Michael #2: Python of Yore via MatthiasUse YORE: ... comments to highlight CPython version dependencies. # YORE: EOL 3.8: Replace block with line 4. if sys.version_info < (3, 9): from astunparse import unparse else: from ast import unparse Then check when they go out of support: $ yore check --eol-within '5 months' ./src/griffe/agents/nodes/_values.py:11: Python 3.8 will reach its End of Life within approx. 4 months Even fix them with fix . Michael #3: nox-uv via John HagenWhat nox-uv does is make it very simple to install uv extras and/or dependency groups into a nox session's virtual environment.The versions installed are constrained by uv's lockfile meaning that everything is deterministic and pinned.Dependency groups make it very easy to install only want is necessary for a session (e.g., only linting dependencies like Ruff, or main dependencies + mypy for type checking). Brian #4: A couple Django items Stop Using Django's squashmigrations: There's a Better Way Johnny MetzResetting migrations is sometimes the right thing.Overly simplified summary: delete migrations and start overdj-lite Adam HillUse SQLite in production with Django“Simplify deploying and maintaining production Django websites by using SQLite in production. dj-lite helps enable the best performance for SQLite for small to medium-sized projects. It requires Django 5.1+.” Extras Brian: Test & Code 237 with Sebastian Ramirez on FastAPI Cloudpythontest.com: pytest fixtures nuts and bolts - revisited Michael: New course: Just Enough Python for Data ScientistsMy live stream about uv is now on YouTubeCursor CLI: Built to help you ship, right from your terminal. Joke: Copy/Paste
    Show More Show Less
    26 mins
  • #443 Patching Multiprocessing

    #443 Patching Multiprocessing
    Aug 4 2025
    Topics covered in this episode: rumdl - A Markdown Linter written in Rust* Coverage 7.10.0: patch** aioboto3** You might not need a Python class*ExtrasJokeWatch on YouTube About the show Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: rumdl - A Markdown Linter written in Rust via Owen LamontSupports toml file config settingsInstall via uv tool install rumdl.⚡️ Built for speed with Rust - significantly faster than alternatives🔍 54 lint rules covering common Markdown issues🛠️ Automatic fixing with -fix for most rules📦 Zero dependencies - single binary with no runtime requirements🔧 Highly configurable with TOML-based config files🌐 Multiple installation options - Rust, Python, standalone binaries🐍 Installable via pip for Python users📏 Modern CLI with detailed error reporting🔄 CI/CD friendly with non-zero exit code on errors Brian #2: Coverage 7.10.0: patch Ned BatchelderActually up to 7.10.2 as of todaypatch allows coverage to run better when a covered project uses subprocessesos._exit()execv family of functionsLooking at subprocess “Coverage works great when you start your program with coverage measurement, but has long had the problem of how to also measure the coverage of sub-processes that your program created. The existing solution had been a complicated two-step process of creating obscure .pth files and setting environment variables. Whole projects appeared on PyPI to handle this for you.”From release notes for 7.10.0 A new configuration option: “[run] patch” specifies named patches to work around some limitations in coverage measurement. These patches are available: patch = _exit lets coverage save its data even when os._exit() is used to abruptly end the process. This closes long-standing issue 310 as well as its duplicates: issue 312, issue 1673, issue 1845, and issue 1941.patch = subprocess measures coverage in Python subprocesses created with subprocess, os.system(), or one of the execv or spawnv family of functions. Closes old issue 367 and duplicate issue 378.patch = execv adjusts the execv family of functions to save coverage data before ending the current program and starting the next. Not available on Windows. Closes issue 43 after 15 years! Michael #3: aioboto3 via Pat DeckerWrapper to use boto3 resources with the aiobotocore async backendaiobotocore allows you to use near enough all of the boto3 client commands in an async manner just by prefixing the command with await.With aioboto3 you can now use the higher level APIs provided by boto3 in an asynchronous manner. Brian #4: You might not need a Python class Adam GrantThis is an important periodic reminder to everyone coming into Python from other languages. Many other languages lean on classes a lot more than we need to in PythonAdams suggestions Simple Data Containers: Use Named Tuples or Data ClassesStateless Utility Functions: Just Use FunctionsGrouping Constants: Use ModulesManaging State with Simple Structures: Use Dictionaries or ListsSimple One-off Operations: Use Lambdas or Comprehensions I’ll add “just use functions”Avoiding Complexity: Built-in LibrariesWhen You Actually Need a Class I’ll add You probably don’tIf you think you do, ask a friend. Friends don’t let friends create extraneous classes in Python.If you think your case is an exception, it probably isn’tIf you think dataclasses aren’t right for you, check out attrs Extras Brian: PyPI Incident Report: Phishing Attack -Sent in by listener John HagenBoth of Adam Johnson’s recent-ish interviews are now up on Test & Code 236: Git Tips for Testing - Adam Johnson235: pytest-django - Adam Johnson Michael: Dive into uv webcast with me and Will Vincent Joke: Default text editor
    Show More Show Less
    26 mins
  • #442 Cloud bills in scientific notation

    #442 Cloud bills in scientific notation
    Jul 28 2025
    Topics covered in this episode: * Open Source Security work isn't “Special”** uv v0.8** Extra, Extra, Extra*Announcing Toad - a universal UI for agentic coding in the terminalExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Open Source Security work isn't “Special” Seth LarsonIt seems like security is special in a sense that we don’t want just anyone working on the security aspect of a project. We just want the trusted maintainers, right?Seth is arguing that this is the wrong mindsetIt makes more sense that we maybe have security experts contribute to many projects, and that someone working on security for just one project doesn’t benefit from scale. “Maintainers don’t see how other projects are triaging vulnerabilities and can’t learn from each other. They can’t compare notes on what they are seeing and whether they are doing the right thing. Isolation in security work breeds a culture of fear. Fear of doing the wrong thing and making your users unsafe.”“These “security contributors” could be maintainers or contributors of other open source projects that know about security, they could be foundations offering up resources to their ecosystem, or engineers at companies helping their dependency graph.”But how do we build trust in these individuals? Meeting in person works.But there are other ways as well.I’d personally love to have someone contact me about a project of mine regarding a security problem or process that the project could/should follow. Especially if I could see other projects I trust already trusting this individual to work on the other projects. Michael #2: uv v0.8 Changes Install Python executables into a directory on the PATHRegister Python versions with the Windows RegistryPrompt before removing an existing directory in uv venvBump --python-platform linux to manylinux_2_28Make uv_build the default build backend in uv initAnd many moreAnd uv v0.8.1 Lots of enhancements.And uv v0.8.2And uv v0.8.3 Adds Add CPython 3.14.0rc1 Brian #3: Extra, Extra, Extra fstrings.wtf - Armin RonacherPython 3.14 release candidate 1 is go!Django turns 20, with partiesmkdocs-redirectsI’m Tired of Talking About AI - Paddy Carver Michael #4: Announcing Toad - a universal UI for agentic coding in the terminal by Will McGuganA universal front-end for AI in the terminal.Watch the video. Joke: Heaviest objects in the universe And … Cloud Architects 2025 “They send us our cloud bills in scientific notation… “ 🙂
    Show More Show Less
    23 mins
  • #441 It's Michaels All the Way Down

    #441 It's Michaels All the Way Down
    Jul 21 2025
    Topics covered in this episode: * Distributed sqlite follow up: Turso and Litestream** PEP 792 – Project status markers in the simple index*Run coverage on testsdocker2exe: Convert a Docker image to an executableExtrasJokeWatch on YouTube About the show Sponsored by Digital Ocean: pythonbytes.fm/digitalocean-gen-ai Use code DO4BYTES and get $200 in free credit Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Distributed sqlite follow up: Turso and Litestream Michael Booth: Turso marries the familiarity and simplicity of SQLite with modern, scalable, and distributed features.Seems to me that Turso is to SQLite what MotherDuck is to DuckDB.Mike Fiedler Continue to use the SQLite you love and care about (even the one inside Python runtime) and launch a daemon that watches the db for changes and replicates changes to an S3-type object store.Deeper dive: Litestream: Revamped Brian #2: PEP 792 – Project status markers in the simple index Currently 3 status markers for packages Trove Classifier statusIndices can be yankedPyPI projects - admins can quarantine a project, owners can archive a projectProposal is to have something that can have only one state activearchivedquarantineddeprecatedThis has been Approved, but not Implemented yet. Brian #3: Run coverage on tests Hugo van KemenadeAnd apparently, run Ruff with at least F811 turned onHelps with copy/paste/modify mistakes, but also subtler bugs like consumed generators being reused. Michael #4: docker2exe: Convert a Docker image to an executable This tool can be used to convert a Docker image to an executable that you can send to your friends.Build with a simple command: $ docker2exe --name alpine --image alpine:3.9Requires docker on the client deviceProbably doesn’t map volumes/ports/etc, though could potentially be exposed in the dockerfile. Extras Brian: Back catalog of Test & Code is now on YouTube under @TestAndCodePodcast So far 106 of 234 episodes are up. The rest are going up according to daily limits.Ordering is rather chaotic, according to upload time, not release ordering.There will be a new episode this week pytest-django with Adam Johnson Joke: If programmers were doctors
    Show More Show Less
    28 mins