WEBVTT

00:00:00.001 --> 00:00:04.580
Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to

00:00:04.580 --> 00:00:11.260
your earbuds. This is episode 222, recorded February 24th, 2021. I'm Michael Kennedy.

00:00:11.260 --> 00:00:12.400
And I'm Brian Okken.

00:00:12.400 --> 00:00:13.520
And I'm Greg Herrera.

00:00:13.520 --> 00:00:16.260
Hey, Greg Herrera. Welcome, welcome. We have a special guest.

00:00:16.260 --> 00:00:16.940
Thank you.

00:00:16.940 --> 00:00:21.220
Welcome. Part of the Talk Python team and now part of the Python Bytes podcast. It's

00:00:21.220 --> 00:00:21.760
great to have you here.

00:00:21.760 --> 00:00:23.120
Happy to be here. Thank you.

00:00:23.120 --> 00:00:29.160
Yeah, it's great. Also making us happy and many users throughout the world is Linode.

00:00:29.160 --> 00:00:34.000
Linode is sponsoring this episode and you can get $100 credit for your next project at

00:00:34.000 --> 00:00:38.100
pythonbytes.fm/Linode. Check them out. It really helps support the show.

00:00:38.100 --> 00:00:42.000
So, Greg, you want to just tell people really quickly about yourself before we dive into the

00:00:42.000 --> 00:00:42.260
topics?

00:00:42.260 --> 00:00:49.400
Yeah. Before I joined the team at Python Bytes, I had run a data analytics consulting firm where

00:00:49.400 --> 00:00:56.080
we built data warehouses and did data science type things. It was called business intelligence at the

00:00:56.080 --> 00:01:04.200
time. And as I was learning, we started running into a lot of open source users, in particular,

00:01:04.200 --> 00:01:10.900
Python. And so I dove into the Python ecosystem when I sold that company to get up to speed on how

00:01:10.900 --> 00:01:13.260
things are going to be done in the future.

00:01:13.260 --> 00:01:16.200
That's awesome. One of those Wayne Gretzky moments, right?

00:01:16.460 --> 00:01:17.440
Yes, exactly.

00:01:17.440 --> 00:01:23.320
Cool. Well, awesome. It's great to have you here. So I want to jump right into our first topic. We

00:01:23.320 --> 00:01:29.280
have a lot of things to cover today. So I'll try to not delay too long. But I've got to tell you,

00:01:29.280 --> 00:01:37.240
I'm a big fan of AWS S3. I'm a big fan of some of the services of AWS in general, right? Don't run the

00:01:37.240 --> 00:01:42.620
main stuff over there. But many of the things, many of the services and APIs I use. That said,

00:01:42.620 --> 00:01:50.600
I feel like the S3 or the Boto API, the Boto 3 API rather, is one of the worst programming interfaces

00:01:50.600 --> 00:01:58.100
I've ever used in my life. I mean, it is so frustratingly bad. The way you work with it is

00:01:58.100 --> 00:02:03.580
you go through and you say, I'd like to talk to Amazon. And then you say, I would like to get a

00:02:03.580 --> 00:02:09.120
service. And instead of creating a class or a sub module or something like that, that would be

00:02:09.120 --> 00:02:13.120
very natural in Python. What you do is you go to a function and say, give me the service and you give

00:02:13.120 --> 00:02:20.040
it a string. Like I want quote S3, or I want quote EC2 or quote some other thing. And then you get a

00:02:20.040 --> 00:02:24.720
generic object back and you have no idea what you got back, what you can do to it. You start passing

00:02:24.720 --> 00:02:29.260
stuff over to it. Sometimes it takes keyword arguments, but sometimes you just put dictionaries,

00:02:29.260 --> 00:02:33.500
which are one of the values of a keyword. There's just all this weirdness around it.

00:02:33.500 --> 00:02:37.380
So every time I interact with them, I'm like, oh, I'm just probably doing this wrong. I have no

00:02:37.380 --> 00:02:43.360
idea of even what type I'm working with because it's like this bizarro API that is like levels of

00:02:43.360 --> 00:02:48.640
indirection. It's because it's generated at runtime or at least dynamically, right? There's not static

00:02:48.640 --> 00:02:54.240
Python that is it like looks at the service you're asking for and then like dynamic up thing. So I feel

00:02:54.240 --> 00:02:58.760
like there's a lot of work over there that could be done to just, you know, put a proper wrapper at a

00:02:58.760 --> 00:03:04.560
minimum on top of those types of things. That said, wouldn't it be nice if your editor knew better

00:03:04.560 --> 00:03:10.340
than AWS is willing to help you with? So we've got this really cool library that I want to talk about.

00:03:10.340 --> 00:03:17.540
This was sent over by Michael Lerner. And the idea is you can add type annotations as an add-on to the

00:03:17.540 --> 00:03:22.560
Bodo library. So then you get full-on autocomplete. So let me give you a little example here. For those

00:03:22.560 --> 00:03:26.340
who are in the live stream, you can see it, but those are not, you can just like, I'll just describe it.

00:03:26.340 --> 00:03:32.300
So for example, if I want to talk to S3, like I said, I say Bodo3.client, quote S3, as opposed to

00:03:32.300 --> 00:03:37.000
quote EC2. And what comes back is a base client, figure it out. It can do things. It can get a

00:03:37.000 --> 00:03:42.120
waiter and a paginator and it has the possibility to see exceptions about it. And that's it, right?

00:03:42.120 --> 00:03:47.900
That's all you know. And this is the API you get when you're working with things like PyCharm and VS Code

00:03:47.900 --> 00:03:54.580
and mypy and other type annotation validators, right? Lenters and whatnot. They get nothing.

00:03:54.840 --> 00:04:01.760
So if you go and use this Bodo library, this Bodo type annotations, there's no runtime behavior.

00:04:01.760 --> 00:04:07.040
It just reads, I think they're PYI files. I can't remember what the final letter is, but it's like

00:04:07.040 --> 00:04:11.560
these kind of like a C++ header file. It just says these things have these, these fields, but no

00:04:11.560 --> 00:04:16.820
implementation. They actually come from, you know, the Bodo library. So we just go and import, you know,

00:04:16.820 --> 00:04:24.240
from Bodo three type annotations dot S3 import client. And we say S3 colon client equals this

00:04:24.240 --> 00:04:30.060
weird factory thing. Boom. All of a sudden you get all the features of S3. You can say S3 dot and it

00:04:30.060 --> 00:04:34.940
says, create bucket, get object, create multi-part upload. Hey, guess what? Here's all the parameters

00:04:34.940 --> 00:04:38.620
that are super hard to find in the documentation. Thank you, Michael, for sending this over. I already

00:04:38.620 --> 00:04:44.840
rewrote one of my apps to use this. It's glorious. Nice. What do you guys think? So does it, you said

00:04:44.840 --> 00:04:50.720
you rewrote the app. Does it really change? No, I, well, let me rephrase that. I wanted to make a

00:04:50.720 --> 00:04:55.600
change in the way one of my apps that was extremely S3 heavy, it basically shuffles a bunch of stuff

00:04:55.600 --> 00:05:01.700
around and like on using S3 and some other stuff. And I wanted to change it. But before I changed it,

00:05:01.700 --> 00:05:07.560
I'm like, well, let me fancy it up with all these types. And then it'll tell me whether I'm doing it

00:05:07.560 --> 00:05:13.580
right or wrong and whatnot. So now if I have a function, I can say it takes an S3 dot client and my

00:05:13.580 --> 00:05:18.840
pie will say, no, no, no. You gave that an S3 service locator or whatever the heck. There's like all these

00:05:18.840 --> 00:05:24.660
different things you can sort of get that will do similar, but not the same stuff. So yeah, anyway, fantastic,

00:05:24.660 --> 00:05:30.360
fantastic addition, because this really should be coming from Bodo three. I just don't, I feel, you know,

00:05:30.360 --> 00:05:34.320
maybe it was a little bit harsh on them at the beginning, but the reason I, it's like one of

00:05:34.320 --> 00:05:38.800
these things where you, you write a function, you just say, well, take star arcs, star, star KW arcs,

00:05:38.800 --> 00:05:42.100
and you don't bother to write the documentation. You're like, well, how in the world am I supposed

00:05:42.100 --> 00:05:47.580
to know what to do with this? Like there's, it could so easily help me. And it's just like, not right.

00:05:47.580 --> 00:05:53.720
Like those could be keyword arguments with default values or whatever. So like, I feel like, you know,

00:05:53.720 --> 00:05:58.960
a company as large as Amazon, they could probably justify writing like typed wrappers around these things

00:05:59.020 --> 00:06:04.740
that really help people and help my pie and all these other like validation tools. But until then,

00:06:04.740 --> 00:06:11.700
Bodo three type annotations. Awesome. Yeah. Oh, and Dean also threw out really quick before we move on

00:06:11.700 --> 00:06:17.660
your next item, Brian, that Bodo types can literally, well, not literally save my life. Yes, I agree,

00:06:17.660 --> 00:06:23.280
Dean. It's like, Oh, sorry. Did I like take down that EC2 machine? I didn't mean that. I wanted something

00:06:23.280 --> 00:06:27.920
else. I want to delete the bucket. Sorry. Anyway. Awesome. Interesting. Literally.

00:06:27.920 --> 00:06:35.460
Translate transition. Yes. Yes. Indeed. So yeah. So I want to cover code reviews. Brian,

00:06:35.460 --> 00:06:44.660
you're such a romantic. So this was suggested by Milos, I think, and written by Michael Lynch. And it's

00:06:44.660 --> 00:06:51.980
an article called how to make your code reviewer fall in love with you. And just, oh my gosh,

00:06:52.140 --> 00:06:57.720
it's got great content, but the title, yuck. Maybe you're not a romantic. I mean, come on.

00:06:57.720 --> 00:07:06.460
Well, I mean, I like my coworkers, but you know, anyway, even in the, in the article, it says,

00:07:06.460 --> 00:07:13.540
it says even your reviewer will literally fall in love with you. Oh, they won't literally fall in love

00:07:13.540 --> 00:07:19.040
with you. They might figuratively appreciate your code review. I mean, they may, but it could be an HR issue.

00:07:19.040 --> 00:07:26.520
Yeah. Anyway. But I do want to cover it. There's, there's some really great tips in here. Cause

00:07:26.520 --> 00:07:33.860
actually being nice to your, being nice to your reviewers will help you immensely. And one of the

00:07:33.860 --> 00:07:39.140
things he covers is just value your reviewers time. And there's, and I just put a code review in this

00:07:39.140 --> 00:07:44.380
morning, just to try this out, try some of these techniques. And it only takes like an extra 30

00:07:44.380 --> 00:07:50.660
seconds, maybe a minute to do it right. And, and it saves everybody on your team time. So it's worth,

00:07:50.660 --> 00:07:58.360
worth it. So let's cover a few of these. One of them is don't just check for mistakes. Imagine that

00:07:58.360 --> 00:08:04.360
you're reading the code review for the first time. So you need to be the reviewer of your code first.

00:08:04.360 --> 00:08:09.280
So that's, that's actually really important. And I encourage that with everybody on my team,

00:08:09.280 --> 00:08:13.760
because there's times where the disc, you know, it just doesn't, there's stuff in there that's

00:08:13.760 --> 00:08:18.420
not, it doesn't make sense. And why is that, why is that related to the thing? I guess we're, we'll

00:08:18.420 --> 00:08:23.200
get there. Okay. Well, and you can also, you know, if you're in a rush, what you say can come across

00:08:23.200 --> 00:08:27.500
feeling unkind or inconsiderate. And you're just like, I didn't really mean to be inconsiderate.

00:08:27.500 --> 00:08:30.600
I just like, I've got four of these and I have 20 minutes. I just got to get it, you know,

00:08:30.600 --> 00:08:34.960
but it, that's not how it's received. You know, it may be received really differently. So,

00:08:34.960 --> 00:08:39.740
you know, from that perspective, right? Yeah. And even, even if the code review itself only takes

00:08:39.740 --> 00:08:45.040
somebody a few minutes to review your code change, it's interrupted their, their day by a half an hour,

00:08:45.040 --> 00:08:52.400
at least. So respect that entire time. one of the next suggestions is, write clear change

00:08:52.400 --> 00:08:58.760
log description. So, right. And, and, and he, he describes this a little bit. One of the

00:08:58.760 --> 00:09:05.280
things is, it's not just what you changed, but it it's what your change achieves and why you made

00:09:05.280 --> 00:09:09.640
the change. That's the, why is always way more important than what you did. I can look at the

00:09:09.640 --> 00:09:14.000
code change. I should be able to look at the code change and know, know what you changed. So don't

00:09:14.000 --> 00:09:19.980
describe that too much in the, in the list at the top. next, narrowly that I want to talk

00:09:19.980 --> 00:09:26.700
about narrowly scope your changes. So, they can skip down. Here's what I did this week. Yeah.

00:09:26.700 --> 00:09:32.020
Have a look. Yeah. now it's easy to do that. Like I haven't checked in for a while. So here's

00:09:32.020 --> 00:09:36.720
what I did. Yeah. No, no, no, no. And actually this is something that I even caught myself doing

00:09:36.720 --> 00:09:42.760
yesterday. I noticed that a test, really kind of needed refactored cause it, I needed

00:09:42.760 --> 00:09:49.200
to add a test to a, to a test module. And there was, there was some, there was the way the entire

00:09:49.200 --> 00:09:54.960
test module was arranged. I could rearrange the fixtures so that it would run like

00:09:54.960 --> 00:10:00.900
three times faster. if I changed the setup and common setup and stuff like that, I really wanted

00:10:00.900 --> 00:10:05.580
to do that, but that's not what I really needed to do. What I really needed to do was just add a test.

00:10:05.580 --> 00:10:11.980
So I added the test and that code review went through this morning. And then today I'm going to do a

00:10:11.980 --> 00:10:17.060
cleanup of trying to make things faster. So separating them is important. Also, another thing is,

00:10:17.060 --> 00:10:23.000
separating, functional and non-functional changes. So you're like, in this case, you're in a,

00:10:23.000 --> 00:10:29.540
you're adding a test to a module. You got like, you notice that the formatting is just a

00:10:29.540 --> 00:10:35.920
nightmare. just write that down on your to-do list, either do that merge first, clean it up and

00:10:35.920 --> 00:10:40.960
then merge it and then add your change or add your change and then clean it up. Do them in two merge

00:10:40.960 --> 00:10:46.380
requests. It'll be a lot easier for people to figure out, break up large change lists. If you've got,

00:10:46.380 --> 00:10:51.060
if you've been working for a while, maybe you should merge them in a few times, a few, you know,

00:10:51.060 --> 00:10:56.620
in pieces. If it's, if it's like a thousand lines of code and 80 files, that's too big. That's just

00:10:56.620 --> 00:11:02.060
way too big. and then there's, there's actually quite a few, chunks in there that talk about

00:11:02.060 --> 00:11:08.160
basically being a nice person. So, respond gracious. I'm just going to pick out one, respond

00:11:08.160 --> 00:11:13.000
graciously to critiques. And that's the hardest one for me. If somebody picks apart your code,

00:11:13.000 --> 00:11:17.420
they're not attacking you. They're talking about the code and they want to own the code also.

00:11:17.420 --> 00:11:24.540
So think about those as, as, as, as the reviewer wanting to, make the code theirs as

00:11:24.540 --> 00:11:30.640
well as yours and try to respond well and don't get too defensive about it because fights in code

00:11:30.640 --> 00:11:35.780
reviews are not fun. Yeah. And often there's a power differential, right? A senior person is reviewing

00:11:35.780 --> 00:11:40.460
junior person's type of work. So that's always true. Yeah. Yeah. Yeah. For sure. Greg is someone

00:11:40.460 --> 00:11:48.540
who's relative to say Brian and me a little bit newer at, at, at Python. what are your

00:11:48.540 --> 00:11:52.620
thoughts on this code review stuff? I mean, I know you don't necessarily write a lot of code in

00:11:52.620 --> 00:11:59.780
teams that gets reviewed, but you see this as helpful, stressful. Yeah. Yeah. It's, it's, it's important

00:11:59.780 --> 00:12:04.960
important to do the, if you have the interpersonal part of it, right? Like the, both they, they trust

00:12:04.960 --> 00:12:09.460
each other, the, the, you know, the reviewer and the reviewee, it's going to go a lot more smoothly.

00:12:09.460 --> 00:12:15.080
It's, it's, it's, we're in this together, a shared fate, and, and it'll go as opposed to,

00:12:15.080 --> 00:12:20.520
uh, conflict. it's going to, it's going to be much easier. Yeah, for sure. Brian, quick comment

00:12:20.520 --> 00:12:25.120
from Magnus, I believe a code review should really review the current code, not just the diff

00:12:25.120 --> 00:12:30.140
line. So the whole code comes out better after review. Yeah. Yeah, definitely. it depends

00:12:30.140 --> 00:12:34.460
on how big it is, right? Like maybe like that little sub module or, or something, right? It could be

00:12:34.460 --> 00:12:39.440
too massive, but yeah. Yeah. And actually this is, this is one of the times where I kind of put it on

00:12:39.440 --> 00:12:44.400
the brakes and just say, you're right. We do need to fix that and, and put it on the to-do list, but

00:12:44.400 --> 00:12:49.380
it shouldn't stop a merge just because, things are. Yeah. Brian, does your team do

00:12:49.380 --> 00:12:54.540
internal PRs or do you just, do you just make changes? No, everything goes through a PR. Yeah.

00:12:54.540 --> 00:12:59.120
I, I vary. Right. Sometimes I do some. All right. Greg, you're, you're up next on,

00:12:59.120 --> 00:13:03.440
yeah. Yeah. Thank you. Speaking of repos and merges and PRs and all that stuff.

00:13:03.440 --> 00:13:09.480
We thank Hector Munoz for sending, this suggestion in it, it started with a,

00:13:09.480 --> 00:13:17.160
response to a blog, on Tidelift, by Tidelift about, Hey, if I'm making a decision on,

00:13:17.160 --> 00:13:23.640
on which, library to use, how, how do, how could I, gauge the maturity of that library?

00:13:23.640 --> 00:13:28.560
So, yeah, that's a question I get all the time from people like, Hey, I'm new to Python. I want to

00:13:28.560 --> 00:13:34.120
know which library I should use. How do I know if the library is a good choice or a bad choice? And so

00:13:34.120 --> 00:13:37.140
there's a lot of different metrics you might use, but maybe they're hard to find, right?

00:13:37.440 --> 00:13:45.160
Exactly. So, Lawrence Malloy made, made this, library repo dash available so that you can,

00:13:45.160 --> 00:13:51.360
you can track, the metrics about, you know, that give a clear indication of the health of,

00:13:51.360 --> 00:13:57.960
of the, project. You got your open issues over any timeframe. this, this actually captures it,

00:13:57.960 --> 00:14:03.800
you know, with, within the time range that the user specifies. So how many items were open,

00:14:03.800 --> 00:14:09.760
how many issues are open, how many closed in that timeframe is still open. And, it will give you

00:14:09.760 --> 00:14:16.400
a much better feel for the level of maturity and, and, and, activity. yeah, this is cool.

00:14:16.400 --> 00:14:23.480
Like how long issues have been setting their open or, total number of open issues over time that,

00:14:23.480 --> 00:14:27.840
like how fast should it be enclosed versus being opened versus unassigned. Yeah. All those kinds of

00:14:27.840 --> 00:14:31.800
things are really important. Another one, probably in here somewhere, I just haven't seen it yet,

00:14:31.800 --> 00:14:38.480
is, the number of PRs that are open. Like a real red flag to me is I go to a project and there's,

00:14:38.480 --> 00:14:43.340
you know, significant number of PRs that are both open and maybe even not responded to. And they've

00:14:43.340 --> 00:14:46.920
been there for like six months. You're like, okay, whoever's working on this, they've kind of lost

00:14:46.920 --> 00:14:53.560
the love for it. Yeah. Yeah. And, yeah. And tying it together, it's, it's, might be the signal

00:14:53.560 --> 00:14:57.980
of where you need code reviews if you're, if you're stuck somewhere. Yeah, that's right. I mean,

00:14:57.980 --> 00:15:01.920
that's basically what a PR is. It's like a, it's waiting on a code review more or less. Yeah.

00:15:01.920 --> 00:15:05.980
Yep. Yeah. Awesome. All right. Well, this is really cool. And I think it'll, it'll help people

00:15:05.980 --> 00:15:11.980
who create repos or create projects, make sure that their repo is getting sort of the health of

00:15:11.980 --> 00:15:16.600
what they're doing. But then also for people who are new or new to a project, they could quickly look

00:15:16.600 --> 00:15:21.720
at it and go, red flags or, you know, green flags, which is it? Yeah. Yeah. Certainly. If

00:15:21.720 --> 00:15:26.420
you're doing the things that are making your prod, your, your, it's all part of transparency.

00:15:26.420 --> 00:15:31.600
This is, this is where we're the real deal over here on this team. Yeah. And they even have a cool

00:15:31.600 --> 00:15:36.080
little categorization bar chart of the types of issues that are open, like feature requests versus,

00:15:36.080 --> 00:15:40.600
uh, good first issue versus bugs and so on. That's cool. So Ryan, what do you think?

00:15:40.600 --> 00:15:44.960
Well, I guess I don't know if you covered this already, but I'm a little lost. is

00:15:44.960 --> 00:15:49.640
this a service or is that something I add to my repo? You know, I think it's something you

00:15:49.640 --> 00:15:55.280
run, you point it at a repo and you run it. Okay. But that's my understanding. I don't totally.

00:15:55.280 --> 00:16:01.420
Yeah. I haven't used it, but I believe so. Yeah. Yeah. So it's a command, a CLI thing. You

00:16:01.420 --> 00:16:05.440
just pointed at like some, some GitHub repo and you say, tell me how they're doing.

00:16:05.440 --> 00:16:10.000
What I want to depend on this thing. Yes or no. No, I think that's cool. Like it. Yeah. You know what

00:16:10.000 --> 00:16:14.920
else is cool? Sponsors. Sponsors that keep us going. Thank you. Thank you. And Linode is very

00:16:14.920 --> 00:16:20.140
cool because, not only are they sponsoring the show, but they're giving, everyone a bunch of

00:16:20.140 --> 00:16:25.060
credit, a hundred dollars credit for, just using our link. And, you know, you want to build

00:16:25.060 --> 00:16:29.100
something on Kubernetes. You want to build some virtual servers or something like that. Here you go.

00:16:29.100 --> 00:16:33.980
So you can simplify your infrastructure and cut your cloud bills in half. Linode's Linux virtual

00:16:33.980 --> 00:16:39.280
machines, develop, deploy, and scale your modern applications faster and easier. And whether you're

00:16:39.400 --> 00:16:44.220
working on a personal project or some of those larger workloads really should be thinking about

00:16:44.220 --> 00:16:50.180
something affordable and usable and just focused on the job like Linode. So as I said, you'll get a

00:16:50.180 --> 00:16:54.300
hundred dollars free credit. So be sure to use the link in your podcast player. You got data centers

00:16:54.300 --> 00:16:58.780
around the world. it's the same pricing, no matter where you are, line up, tell them where your

00:16:58.780 --> 00:17:03.360
customers are and you want to create your stuff there and that's pay the same price. You also get 24,

00:17:03.360 --> 00:17:08.800
seven, three 65 human support. Oh my gosh. I'm working on another, some, something else with someone else.

00:17:08.800 --> 00:17:13.620
Allison, this would be so appreciated right now, but not, and if it was a Linode, they'd be helping me

00:17:13.620 --> 00:17:18.280
out. But oh my gosh, don't get me on a rant about, other things. Anyway, do you can choose

00:17:18.280 --> 00:17:23.760
shared or dedicated compute and scale the price with your need and so on and use your a hundred dollars

00:17:23.760 --> 00:17:29.980
credit, even on S3 compatible storage. How about that? You could, you know, use Boto, Boto three and the

00:17:29.980 --> 00:17:34.580
type annotations that change where it's going to point it over there. So yeah, if it runs a Linode or if it

00:17:34.580 --> 00:17:39.320
runs a Linux, it runs a Linode. So use pythonbytes.fm/Linode. Click the create for your account

00:17:39.320 --> 00:17:44.380
button to get started. So, Brian, I'm not covering two topics this week, like normal,

00:17:44.380 --> 00:17:49.460
you know, because no, because I have so many, I can't even possibly deal with it. So it's all about

00:17:49.460 --> 00:17:55.500
extra, extra, extra, extra, extra here all about it. Okay. The first one, may know what a CVE is.

00:17:55.500 --> 00:18:01.200
If it applies to your software, you don't like that. So, this sounds more scary than I believe it is,

00:18:01.200 --> 00:18:07.780
but let me just do a quick little statement here. A reading from, nist.gov Python three up through

00:18:07.780 --> 00:18:13.940
three nine one, which was the latest version of Python until five days ago has a buffer overflow

00:18:13.940 --> 00:18:21.420
in pyCRG repper D types, which may lead to remote code execution. Remote code execution sounds

00:18:21.420 --> 00:18:26.800
bad. That sounds like the internet taking my things and my data and other bad stuff. When you're accepting

00:18:26.800 --> 00:18:31.860
a floating point number. Oh, wait a minute. a floating point number. Like I might get at a

00:18:31.860 --> 00:18:37.360
Jason API. Somebody posts some data and here's my floating point number, but this one hacks my Python

00:18:37.360 --> 00:18:43.020
web app with remote code execution. That sounds bad, right? Yeah. Yeah. Now it turns out the way it has

00:18:43.020 --> 00:18:47.780
to be used. It's like, it's, it's a very narrow thing. It shouldn't send people's like hair on fire

00:18:47.780 --> 00:18:52.620
running. Like, Hey, I've got to update the server. Right. But you should still probably update it. So

00:18:52.620 --> 00:18:58.900
what do I do? I've logged into the various servers, Linux servers, Ubuntu latest version of Ubuntu that I

00:18:58.900 --> 00:19:04.960
want. And I say, Oh my goodness. I heard about this. Please, date, you know, do an app update.

00:19:04.960 --> 00:19:10.240
There better be a update for Python three. Oh no, no. There's no update for Python three. In fact,

00:19:10.240 --> 00:19:15.260
it's still running three, eight, five where this was fixed in three, eight, eight or something like

00:19:15.260 --> 00:19:20.580
that. And a week's gone by and there's still no update for Python on Ubuntu by default. Now,

00:19:20.620 --> 00:19:24.600
what I can do is I can go to this like place that seems semi-official, but not really official

00:19:24.600 --> 00:19:29.520
called dead snakes and add that as a package manager endpoint for apps. But I don't really

00:19:29.520 --> 00:19:35.260
want to do that either. That sounds like maybe even worse than running old Python. So that sends me down

00:19:35.260 --> 00:19:41.020
item number two of my, of my extra, extra, extra, extra, extra. And that is building Python from source

00:19:41.020 --> 00:19:48.660
on Ubuntu. Because, I really don't want to be running the old Python in production,

00:19:48.660 --> 00:19:54.900
even if it is unlikely, you know, unlikely yourself over dead snakes. Okay. I, well,

00:19:54.900 --> 00:20:01.860
no, what I originally wanted to do maybe yes, but originally what I wanted to do was use pyenv because

00:20:01.860 --> 00:20:05.540
pyenv lets you install all sorts of different versions, right? Yeah. Yeah. Well, the only one

00:20:05.540 --> 00:20:09.380
available that was three, nine was three, nine, one, which was the one with the bug still.

00:20:09.380 --> 00:20:14.900
And then locally I use homebrew on my machine and it just updated yesterday. I think it was,

00:20:14.900 --> 00:20:19.300
uh, but it was a little bit behind, but that's updated. So yeah, I guess I do. anyway,

00:20:19.300 --> 00:20:24.520
so I've found a cool article that walks you through all the building, the stuff. And then, the thing

00:20:24.520 --> 00:20:29.380
that makes me willing to try this and trust this, but also related to the next extra, extra, extra is

00:20:29.380 --> 00:20:35.160
you can go instead of doing make install, which is the compile stuff takes a while, but then magic

00:20:35.160 --> 00:20:40.500
Python comes out the other side, you can say make alt install. And what it'll do is it'll install the

00:20:40.500 --> 00:20:48.220
version of Python under like a version name. So I can type Python 3.9 and get Python 3.9.2 with no

00:20:48.220 --> 00:20:52.460
vulnerabilities. But if I just type Python or Python 3, it's just the system one. So that one didn't seem

00:20:52.460 --> 00:20:57.840
too dangerous to me. Yeah. And then I just create a virtual environment for my stuff that runs on the

00:20:57.840 --> 00:21:04.320
server. Python 3.9.9-mvenv create that. And then off it goes. And then it's just running this,

00:21:04.320 --> 00:21:08.280
this one from here. So, pretty good. that worked out quite well. So anyway,

00:21:08.280 --> 00:21:12.180
I've been doing that for a week and the world hasn't thrashed or blown up or anything. So

00:21:12.180 --> 00:21:16.560
apparently this works. One has, yeah. One heads up though, is like, I have a bunch of machines that

00:21:16.560 --> 00:21:21.000
are all the same version of Linux. They all seem to have different dependencies and ways of dealing

00:21:21.000 --> 00:21:26.360
with this. Like one said, Oh, the SSL module is not installed as a system library, like apt install

00:21:26.360 --> 00:21:30.500
LibSSL type thing. Another one, it had that, but it didn't have some other thing,

00:21:30.500 --> 00:21:34.660
some other aspect that I forgot, but like, they all seem to have different stuff that you also got to

00:21:34.660 --> 00:21:38.780
add in. So that was a little bit, walkie in the beginning, but it's all good now. All right.

00:21:38.780 --> 00:21:44.540
That's extra number two. extra number three really probably should have preceded that because

00:21:44.540 --> 00:21:49.200
to make all that work, I wanted to make sure that I had it just right. And so I wanted to do this

00:21:49.200 --> 00:21:57.380
on Ubuntu 20, 20 Oh four LTS. And yet I cannot run Docker, which is exactly the place where you would

00:21:57.380 --> 00:22:03.380
do this sort of thing to test it out. I couldn't do Docker on my Apple M one. Oh no. Okay. Now Docker

00:22:03.380 --> 00:22:09.060
says it runs. Docker says you can run Apple, a Docker prototype on your M one, but I've installed it.

00:22:09.060 --> 00:22:12.500
And all that does is sit there and say, starting, starting, starting, starting, starting,

00:22:12.500 --> 00:22:16.680
indefinitely. And it will never run. I've uninstalled it. I've done different versions of

00:22:16.680 --> 00:22:20.140
it. Like it just won't run. people that were listening said, Oh, what you got to do is you

00:22:20.140 --> 00:22:24.160
probably installed parallels or this other thing. And it caused this problem and he could fix it this

00:22:24.160 --> 00:22:27.620
way. Like, Nope, the problem isn't there. Cause I didn't install any of those things. I can't change.

00:22:27.620 --> 00:22:33.440
So long story short. I, go ahead. No, I was just laughing. Yeah. Yeah. And so what I ended up doing

00:22:33.440 --> 00:22:39.580
is I saw a really cool trick, not trick technique. I put this in the show notes. You can just say,

00:22:39.580 --> 00:22:45.300
uh, basically two lines on the command line prompt or do a Docker to say, you know what,

00:22:45.300 --> 00:22:49.540
if you want to just do Docker stuff, don't do it here, do it over there. And so I have my Intel,

00:22:49.540 --> 00:22:55.240
uh, MacBook pro that can, that's running, Ubuntu and a virtual machine. So I just turned that on.

00:22:55.240 --> 00:22:59.980
And I just said, Docker context, create that thing over there. And then Docker context use. And after

00:22:59.980 --> 00:23:05.140
that, every Docker command without thinking about it, remember it just automatically runs over on that

00:23:05.140 --> 00:23:09.460
machine. And I know it's working because my Mac one, my Mac M one mini,

00:23:09.460 --> 00:23:13.160
is super quiet. You'd never hear it or anything. But when I work with Docker, I can hear the thing

00:23:13.160 --> 00:23:17.640
grinding away over in the corner. So that's, I know it's working. All right. Really quick. I know

00:23:17.640 --> 00:23:22.240
I'm running low on time. The last one is people have heard me whinge on about depend upon and how it's

00:23:22.240 --> 00:23:25.960
such a pain. And I'm sure they're thinking like, Oh, Michael, why are you whinging about this? Why are

00:23:25.960 --> 00:23:30.740
you like just complaining? You know, it's, it can't be that bad. Yeah. So look what is on the screen

00:23:30.740 --> 00:23:37.240
here. Depend upon merge conflict with itself. Like, so these are the things I have to do on Monday

00:23:37.240 --> 00:23:42.100
morning. I have to log in and it says there's a merge conflict. Depend about put cryptography

00:23:42.100 --> 00:23:49.140
equal, equal three, four, six, when it had unchanged for months, cryptography equal, equal three dot

00:23:49.140 --> 00:23:54.880
four dot three. It's like though it's one line. It it's, it's conflicting with itself. Like this is

00:23:54.880 --> 00:23:59.440
crazy. So anyway, this is not a big deal, but people are like, why does Michael keep complaining

00:23:59.440 --> 00:24:03.740
about depend upon merges? Like, cause I have to go like the one line. It changes merges with

00:24:03.740 --> 00:24:07.760
itself. Like this is not product. All right. Oh no, we're not looking at that one yet. That's

00:24:07.760 --> 00:24:11.520
for later. All right. I guess that's it. Oh, final shout out though. I'll put this in the link in the

00:24:11.520 --> 00:24:15.500
show notes. Anthony Shaw along with one of his coworkers, whose name I'm sorry, I forgot, built a

00:24:15.500 --> 00:24:20.140
GitHub bot that will automatically merge all those things for you or specifically for depend about.

00:24:20.140 --> 00:24:23.820
So I'll cover that more later when he writes it up, but he did it like a little shout out about it,

00:24:23.820 --> 00:24:29.060
Twitter. So link to that since it's related. Yeah. That was a lot of extras. Yeah. I got a short one.

00:24:29.060 --> 00:24:34.660
It's an extra tool also. So it's also about Docker. So yeah, yeah. This is quite related. Nice follow

00:24:34.660 --> 00:24:40.460
on. So, Josh peak suggested, and I'm not sure what he was listening to, but he just,

00:24:40.460 --> 00:24:45.860
or just wondering if we'd heard about it. that if one of the things people talk about with testing

00:24:45.860 --> 00:24:51.720
is whether or not they should, mock or stub act activities to the database. And even if,

00:24:51.720 --> 00:24:56.220
and then I've, you know, I've talked with a lot of people about that. And even if you've got a

00:24:56.220 --> 00:25:01.840
database that's, that has in memory set up, so you can, you can configure it to be in memory

00:25:01.840 --> 00:25:06.300
during your testing and stuff. It's still a different configuration. So, one of the

00:25:06.300 --> 00:25:10.640
suggestions that we've gotten from a lot of, a lot of people is stick your database in a Docker

00:25:10.640 --> 00:25:16.860
container and then test it. So, and then Josh peak suggested this, library called test

00:25:16.860 --> 00:25:23.060
containers dash Python. And this is slick. I mean, this thing really is, you've got,

00:25:23.060 --> 00:25:29.080
you just install this thing and you've, you can, so it covers what Selenium grid containers,

00:25:29.080 --> 00:25:36.140
standalone containers, my SQL database containers, my SQL Maria DB, Neo 4J, Oracle DB,

00:25:36.140 --> 00:25:41.020
Postgres, Microsoft SQL server, even wow. And then just normal Docker containers.

00:25:41.020 --> 00:25:45.680
Yeah. It also even does a MongoDB, even though it's not listed. I saw some of the examples that

00:25:45.680 --> 00:25:46.480
had Mongo as well.

00:25:46.480 --> 00:25:50.620
Oh, that's great. I was, I was curious about that. So after you install this thing,

00:25:50.620 --> 00:25:55.180
you can just, it provides context managers. It probably has other stuff too. I didn't read all

00:25:55.180 --> 00:26:01.740
of it, but this is just really not that much code to create a, a Docker container that you can

00:26:01.740 --> 00:26:05.180
throw your connect and fill your dummy data in or whatever.

00:26:05.180 --> 00:26:11.220
I love it. It's like, I want to, I want to use Docker to help test stuff in isolation,

00:26:11.220 --> 00:26:15.000
but I don't want to know about Docker or be able to use Docker or care about Docker. Right.

00:26:15.200 --> 00:26:23.220
Right. So what it gives you is, it gives you a SQLAlchemy friendly URL, that you can,

00:26:23.220 --> 00:26:31.480
uh, just, just connect to your connect SQLAlchemy or whatever, but you, you just get this

00:26:31.480 --> 00:26:37.900
URL out. So if you have, if you're configuring your, where your database is through URL, that you

00:26:37.900 --> 00:26:43.040
can throw that in whatever configuration environment or variable or whatever, and test as you run with

00:26:43.040 --> 00:26:47.580
that. And it's pretty neat. That's so cool. Yeah. Just with my SQL container, give it some

00:26:47.580 --> 00:26:53.160
connection string you want or some, like host, address or whatever as my SQL. And then you just

00:26:53.160 --> 00:26:57.380
off you go, right? Just the Docker thing exists while the context is open.

00:26:57.380 --> 00:27:02.680
Yeah. And I didn't specifically see any documentation in here talking about pytest, but if anybody's curious,

00:27:02.680 --> 00:27:07.740
um, I'm sure it'll work with that because, even if you have to write your own, fixture,

00:27:07.740 --> 00:27:13.720
you can, you can return a context manager items in a fixture. So that'll work.

00:27:13.720 --> 00:27:17.680
Yeah. Yeah. Yeah. Super cool. You know, I was, that's exactly what I was thinking when you were

00:27:17.680 --> 00:27:22.560
talking about as a pytest fixture that maybe loads it and then fills it with test data and then hands

00:27:22.560 --> 00:27:25.700
it off to the test or something like that. Yeah. Yeah. Greg, what do you think?

00:27:25.700 --> 00:27:26.400
I like it.

00:27:26.400 --> 00:27:30.960
Yeah. That's neat. Right. Hey, I got a quick, a quick follow-up from the last one. Magnus on the

00:27:30.960 --> 00:27:36.260
Livestream asks, will using Pydantic mitigate the floating point overflow bug? using Pydantic

00:27:36.260 --> 00:27:40.920
definitely makes exchanging JSON data really nice and does some validation, but I suspect it probably

00:27:40.920 --> 00:27:45.360
doesn't. That said, you know, people really wish I could find this conversation. There was a

00:27:45.360 --> 00:27:49.980
conversation with Dustin Ingram and I think Brett Cannon talking about this and how it's really not

00:27:49.980 --> 00:27:55.320
that severe because I believe you got to take the input and directly hand it off at the C layer in

00:27:55.320 --> 00:28:00.340
Python, like passing it to float parentheses in Python, I don't think is enough to trigger it. You've got to

00:28:00.340 --> 00:28:05.760
like go down into something like NumPy or something super low level. So it's not as dangerous, but you

00:28:05.760 --> 00:28:09.580
know, there's a lot of things that you see later. So who knows what's going on down there? so

00:28:09.580 --> 00:28:13.500
that's why I'm building from source for the moment. Anyway, I should also throw out there really quick.

00:28:13.500 --> 00:28:18.080
I was also just frustrated that the latest version I can get is three eight, which is over a year old.

00:28:18.080 --> 00:28:22.800
And I was like, why am I on a year old version of Python when I could just take an hour and be on

00:28:22.800 --> 00:28:26.540
the new version of Python? There's more to it than just the bug. All right. I guess, Greg,

00:28:26.540 --> 00:28:29.720
we'll throw it back to you for this last one. Don't have a graph. Yeah. Yeah.

00:28:29.720 --> 00:28:37.160
Thank you. the context on this was I had been in, in, data science in pretty much the

00:28:37.160 --> 00:28:44.400
proprietary world. So proprietary software using, SQL server and Tableau and, Cognos and

00:28:44.400 --> 00:28:49.300
those different tools. We started noticing we're Bay area based company. We started noticing that,

00:28:49.300 --> 00:28:55.940
um, customers were leaving that proprietary world and going to, Python. And that's,

00:28:56.060 --> 00:29:01.100
that actually is one of the things that led me to, to myself to start going in and understanding

00:29:01.100 --> 00:29:06.340
the industry. And it just in the time that I've been with talk Python, which is a bit just a shy,

00:29:06.340 --> 00:29:13.740
short of a year now, I'm seeing, a relentless March towards more and more adoption in, the

00:29:13.740 --> 00:29:21.720
Python ecosystem for businesses that had traditionally always relied on proprietary software. And, and

00:29:21.720 --> 00:29:28.840
it's, it's, it's reaching top of mind, to, to, a level that I didn't expect that it was

00:29:28.840 --> 00:29:33.720
going to happen so fast. You know, you followed the Jeffrey Moore, the, adoption, you know,

00:29:33.720 --> 00:29:40.200
the early adopters and then hitting the main street. This one is moving really fast. we're seeing

00:29:40.200 --> 00:29:47.300
like, some of the largest corporations in the world moving, looking at Python as a means of looking,

00:29:47.300 --> 00:29:54.820
moving away from Excel even. And, it's, it's, it's just, it's reaching top of mind because more

00:29:54.820 --> 00:29:59.180
and more decision makers are hearing from their technology teams that they can deliver solutions

00:29:59.180 --> 00:30:03.160
at unprecedented price performance. And, that's always going to talk.

00:30:03.160 --> 00:30:06.880
Well, you weren't, you were talking this realm, like we should talk Gartner, right? So there was

00:30:06.880 --> 00:30:12.260
a Gartner study, about why companies are moving to open source. And it was really interesting

00:30:12.260 --> 00:30:15.820
because a lot of people say, well, you've got to move to open source because it doesn't cost money.

00:30:15.820 --> 00:30:19.820
So it helps the bottom line. And so many of the companies that were interviewed by Gartner were

00:30:19.820 --> 00:30:24.660
like, it has nothing to do with price. I mean, price, it's a benefit. We'll take not paying less.

00:30:24.660 --> 00:30:29.740
That's fine. But this is about higher quality, higher visibility and so on. And I think that's a

00:30:29.740 --> 00:30:34.660
real interesting inherent advantage in the community. Right. And in the, in the case of,

00:30:34.660 --> 00:30:40.600
um, of Excel, you're hitting up against, limitations in Excel, you know, the size limitations,

00:30:40.600 --> 00:30:45.980
most notably, and now you're able to, to handle it with, it happens to be open source, the solution,

00:30:45.980 --> 00:30:51.200
but you really, the pain was the limitations and, now you're able to do without it.

00:30:51.200 --> 00:30:56.040
There's got to also be maintenance too, because we, I mean, sometimes I've heard Pearl referred to as a,

00:30:56.040 --> 00:31:00.900
a write only language, but, but it's got regular expressions. Yeah.

00:31:00.900 --> 00:31:07.040
Yeah. It's, it's got nothing over trying to edit somebody else's spreadsheet full of macros.

00:31:07.040 --> 00:31:11.380
Right. Oh yeah. Yeah. If they put some VBA in there, it's the kiss of death for sure.

00:31:11.380 --> 00:31:14.620
Yeah. That's like, those are like go-to statements. It's insane.

00:31:14.620 --> 00:31:20.500
Yeah. And, so what we're seeing is, you know, even though it, it feels like there's a heavy

00:31:20.500 --> 00:31:25.420
adoption, it's still relatively small in road compared to what we're going to see in the future.

00:31:25.420 --> 00:31:34.200
it's like, water rapidly collecting behind a weak dam. And, we've seen that happen in the industry before.

00:31:34.200 --> 00:31:38.600
I think that's a really great thing to highlight, Greg. I talked with Mahmoud Hashemi,

00:31:38.600 --> 00:31:43.980
who at the time was at PayPal about Python, soft Python for enterprise software development.

00:31:43.980 --> 00:31:48.920
As I think this is the fourth episode of talk Python. It was certainly right at the beginning in 2015.

00:31:48.920 --> 00:31:49.580
I remember that one.

00:31:49.580 --> 00:31:54.340
Yeah. And, it was like a big question. Like, well, does it make sense? Should people be using

00:31:54.340 --> 00:31:59.260
Python for these company stuff? Does that make it like now it just seems, yeah. I mean, it seems just

00:31:59.260 --> 00:32:03.560
like so obvious. there's one thing I was actually going to cover this and I'll cover it again,

00:32:03.560 --> 00:32:08.160
more depth because I had so many extras already. So I made room, but one of the interesting things that

00:32:08.160 --> 00:32:13.260
Google came on to sponsor the PSF at, they say, they probably don't say this is like a friendly one,

00:32:13.260 --> 00:32:17.580
but there was another, article. This is just the sort of fresh release from the PSF,

00:32:17.580 --> 00:32:23.460
but they came on and they're now sponsoring, the PSF as a visionary sponsor, which I think is

00:32:23.460 --> 00:32:30.260
over 300,000 in terms of how much there's, and they're also sponsoring a core developer,

00:32:30.260 --> 00:32:35.220
particularly for things around like security and PI PI and whatnot. So a lot of interesting stuff.

00:32:35.220 --> 00:32:39.760
I'll come back to that later, but, and another show, but yeah, it seems worth giving a little

00:32:39.760 --> 00:32:44.200
shout out about that. Yep. And then a quick comment, Greg, from Magnus. I read an

00:32:44.200 --> 00:32:49.220
article about the re, the reinsurance industry also moving in from Excel to Python. Yeah. I can

00:32:49.220 --> 00:32:53.720
imagine. Awesome. Thank you, Magnus. Yeah. All right. I guess that's it for our items. Now,

00:32:53.720 --> 00:32:59.400
Brian, how about some extras? Well, I know that you've been using, you've been using Firefox

00:32:59.400 --> 00:33:04.260
for a while, right? I did notice over on, your stream that looks a little Firefoxy over there.

00:33:04.260 --> 00:33:09.060
What happened, man? Yeah. So the thing that convinced me, is this announcement thing.

00:33:09.060 --> 00:33:15.360
They just released Firefox 86 and it's got this, enhanced cookie protection. And I don't

00:33:15.360 --> 00:33:21.220
understand the gist of it, but mostly it's, it seems like, they just said, you know,

00:33:21.220 --> 00:33:26.020
whatever site you're on, they can, you, cause you know, sometimes I've heard people say I turn off

00:33:26.020 --> 00:33:30.360
cookies. Well, like sites don't work without, cause some of them just don't. Yeah. You want to log in?

00:33:30.360 --> 00:33:35.160
Well, you're going to need a cookie. Yeah. So, or just saving stuff. I don't want,

00:33:35.160 --> 00:33:38.920
there's times where I just don't, there's nothing private there. I don't want to log in.

00:33:38.920 --> 00:33:42.220
Every time, but I don't want you to share it with other people either. So this, this,

00:33:42.220 --> 00:33:47.800
this enhancement is just, keep the sites cookies to themselves. So they have like a cookie jar or a

00:33:47.800 --> 00:33:54.180
storage area for cookies. That's individual to each site. And you can save as many as you want for your

00:33:54.180 --> 00:33:59.720
site. And then the, another site gets another one. And there's the obvious, like you

00:33:59.720 --> 00:34:05.320
were saying, login stuff. I used, you know, different login providers. There is an exception for that.

00:34:05.320 --> 00:34:11.520
So you can, you can use a login providers and it allows that, but these are, these are non tracking

00:34:11.520 --> 00:34:19.460
cookie uses. So yeah, I'm super excited about this as well. Basically, if you were to go to CNN.com

00:34:19.460 --> 00:34:24.800
and then you were to go, I'm not for sure about this, right. But likely then you were to go to

00:34:24.800 --> 00:34:30.780
the verge and then you're going to go to chewy.com and buy something for your pet. Like very likely they're

00:34:30.780 --> 00:34:35.140
using some ad network that's put a cookie that knows you did that sequence of events. And Oh,

00:34:35.140 --> 00:34:38.760
by the way, you're logged in as so-and-so over on that one. So, and all the other sites, we now know

00:34:38.760 --> 00:34:44.540
that so-and-so is really interested in chew toys for a medium-sized dog, but a puppy, not a, not a

00:34:44.540 --> 00:34:48.560
full-crow. Right. You know, and that's, it gets to the point where people think, Oh, well, all these

00:34:48.560 --> 00:34:54.260
things are listening to us on our phone, but they just like track us so insanely deeply. And so the idea

00:34:54.260 --> 00:35:00.000
is yeah. Let that third party thing, let it set a cookie. But when they get the chewy.com from CNN.com

00:35:00.000 --> 00:35:04.080
and they ask for the cookies there, like, yeah, sure. You can have your third party cookie, but it's a

00:35:04.080 --> 00:35:09.240
completely unrelated brand new one. As if you like deleted your history and started over it, which

00:35:09.240 --> 00:35:14.140
is beautiful. I'm super excited about this as well. Yeah. And, Robert Robinson says that CNN better

00:35:14.140 --> 00:35:22.140
not try to sell him. I'm with you, man. I'm with you. Doggy toys from the doggy toy site news from the

00:35:22.140 --> 00:35:26.000
news site. Sometimes they're hard to tell apart, but you never know. Stay in your lane.

00:35:26.000 --> 00:35:30.320
Stay in your lane. All right. yeah. So that was the one thing you wanted to cover, right?

00:35:30.320 --> 00:35:35.080
Yeah. Yeah. I did my extra, extra, extra, extra. So I've already covered that. So I feel like,

00:35:35.080 --> 00:35:38.060
Greg, anything you want to throw out there before we, move on to a joke?

00:35:38.060 --> 00:35:45.080
No, it can't get in the way of a joke. No, I know this is good. So sometimes we, we find an interesting

00:35:45.080 --> 00:35:51.300
joke or a funny thing out there. And sometimes we strike gold, right? Like Brian pie jokes. I mean,

00:35:51.300 --> 00:35:56.860
pip X install pie joke. Come on. Like the CLI is now full of dad developer jokes. Well,

00:35:56.860 --> 00:36:01.920
I kind of feel like I got one of those here as well. So there's this place called,

00:36:01.920 --> 00:36:06.920
article called 56 funny code comments that people actually wrote. Nice. I don't want to go through

00:36:06.920 --> 00:36:11.400
56, but I feel like we may revisit this. So I want to go through four here. Okay. I linked to the real

00:36:11.400 --> 00:36:16.580
article in there, but I pulled them out separately. So I'm showing on the screen here. Like I'll,

00:36:16.580 --> 00:36:20.680
I'll read the first one and we can take turns reading. There's only four or five here.

00:36:20.680 --> 00:36:24.900
So the first one is, is it a big like header at the top of a function in a comment? It says,

00:36:24.900 --> 00:36:29.600
dear maintainer, once you're done trying to optimize this routine and you've realized what a terrible

00:36:29.600 --> 00:36:35.460
mistake that was, please increment the following counter as a warning to the next guy. Total hours

00:36:35.460 --> 00:36:48.160
wasted here equals 73. Is that awesome or what? Yeah. Oh man. That's beautiful. Isn't it? Yeah. I've had,

00:36:48.160 --> 00:36:53.440
I've had code that were every like the next, like one out of five developer that gets to it says,

00:36:53.440 --> 00:36:58.040
Oh, I think we can make this cleaner. And they don't. Nope. They just make it stop working. Then

00:36:58.040 --> 00:37:01.100
they have to fix it. And then it goes back like it was. All right, Brian, you want to do the next one?

00:37:01.100 --> 00:37:05.760
Sure. sometimes I believe compiler ignores all my comments. Huh?

00:37:06.460 --> 00:37:15.900
That's a comment. Sometimes I believe the compiler ignores all your comments. Like probably all the

00:37:15.900 --> 00:37:22.180
time. Hopefully. Oh, this next one's my favorite. Yeah. All right. Greg, that was you. Great. Drunk,

00:37:22.180 --> 00:37:23.660
drunk. Fix later.

00:37:27.460 --> 00:37:35.020
I can totally see that one. Honesty. Honesty. also this one is nice. Probably this came from

00:37:35.020 --> 00:37:40.200
stack overflow and a partial level of understanding. The comment is magic. Do not touch. Yeah,

00:37:40.200 --> 00:37:45.060
definitely. Yeah. Brian, you want to round us out with this last one? Because sometimes the best part

00:37:45.060 --> 00:37:49.780
about comments is if they're accurate or not. Is there wrong? Yeah. I've heard people refer to

00:37:49.780 --> 00:37:56.380
comments as future lies. and this one, is there's a routine called, it's a Boolean returns

00:37:56.380 --> 00:38:02.440
a Boolean. It's called is available. And it returns false. It's just a single statement return false

00:38:02.440 --> 00:38:10.240
with a comment that says always returns true. I love it. I'm telling you, there's going to be a lot

00:38:10.240 --> 00:38:14.920
of good jokes coming from this, this article here. So yeah, pretty good. All right. Well,

00:38:14.920 --> 00:38:18.640
thank you, Brian, as always, Greg, thank you for being here. Thank you for having me. Yeah,

00:38:18.740 --> 00:38:19.400
It was definitely great.

00:38:19.400 --> 00:38:20.420
And thanks everyone for listening.