Brought to you by Michael and Brian - take a Talk Python course or get Brian's pytest book

Episode #237: Separate your SQL and Python, asynchronously with aiosql

Published Wed, Jun 9, 2021, recorded Wed, Jun 9, 2021.


Watch the live stream:


About the show

Sponsored by Sentry:

  • Sign up at pythonbytes.fm/sentry
  • And please, when signing up, click Got a promo code? Redeem and enter PYTHONBYTES

Special guest: Mike Groves

Michael #1: Textual

  • Textual (Rich.tui) is a TUI (Text User Interface) framework for Python using Rich as a renderer.
  • Rich TUI will integrate tightly with its parent project, Rich.
  • This project is currently a work in progress and may not be usable for a while.

Brian #2: Pinning application dependencies with pip-tools compile

  • via John Hagen
  • pip-tools has more functionality than this, but compile alone is quite useful
  • Start with a loose list of dependencies in requirements.in:
        typer
        rich
    
  • Can have things like >= and such if you have fixed dependencies.
  • Now pip install pip-tools, and pip-compile requirements.in
  • or python -m piptools compile requirements.in
    • both have same effect.
  • Now you’ll have a requirements.txt file with pinned dependencies:
        # autogenerated by: pip-compile requirements.in
        click==7.1.2
            # via typer
        colorama==0.4.4
            # via rich
        commonmark==0.9.1
            # via rich
        pygments==2.9.0
            # via rich
        rich==10.2.2
            # via -r requirements.in
        typer==0.3.2
            # via -r requirements.in
    
  • Now, do the same with a dev-requirements.ini to create dev-requirements.txt.
  • Then, of course:
        - `pip install -r requirements.txt`
        - `pip install -r dev-requirements.txt`
        - And test your application.
        - All good? Push changes.
    
  • To force pip-compile to update all packages in an existing requirements.txt, run pip-compile --upgrade.
  • John provided an example project that uses this workflow: python-blueprint

Mike #3: Pynguin

  • Automated test generation
  • Pynguin is a framework that allows automated unit test generation for Python. It is an extensible tool that allows the implementation of various test-generation approaches.

Michael #4: Python Advisory DB

  • via Brian Skinn
  • A community owned repository of advisories for packages published on pypi.org.
  • Much of the existing set of vulnerabilities are collected from the National Vulnerability Database CVE feed.
  • Vulnerabilities are integrated into the Open Source Vulnerabilities project, which provides an API to query for vulnerabilities.
  • Longer term, we are working with the PyPI team to build a pipeline to automatically get these vulnerabilities [listed] into PyPI.
  • Tracks known security issues with the packages, for example:
        PYSEC-2020-28.yaml
        id: PYSEC-2020-28
        package:
          name: bleach
          ecosystem: PyPI
        details: In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA
          and either svg or math tags are whitelisted and the keyword argument strip=False.
        affects:
          ranges:
          - type: ECOSYSTEM
            fixed: 3.1.2
          versions:
          - '0.1'
          - 0.1.1
          - 0.1.2
          - '0.2'
        ...
    

Brian #5: Function Overloading with singledispatch and multipledispatch

  • by Martin Heinz
  • I kinda avoid using the phrase “The Correct Way to …”, but you do you, Martin.
  • In C/C++, we can overload functions, which means multiple functions with the same name but different parameter types just work.
  • In Python, you can’t do that automatically, but you can do it.
  • It’s in the stdlib with functools and singledispatch:

        from functools import singledispatch
        from datetime import date, time
    
        @singledispatch
        def format(arg):
            return arg
    
        @format.register
        def _(arg: date):
            return f"{arg.day}-{arg.month}-{arg.year}"
    
        @format.register(time)
        def _(arg):
            return f"{arg.hour}:{arg.minute}:{arg.second}"
    
  • Now format works like two functions:

        print(format(date(2021, 5, 26)))
        # 26-5-2021
        print(format(time(19, 22, 15)))
        # 19:22:15
    
  • What if you want to switch on the type of multiple parameters? multipledispatch, a third party package, does the trick:

        from multipledispatch import dispatch
    
        @dispatch(list, str)
        def concatenate(a, b):
            a.append(b)
            return a
    
        @dispatch(str, str)
        def concatenate(a, b):
            return a + b
    
        print(concatenate(["a", "b"], "c"))
        # ['a', 'b', 'c']
        print(concatenate("Hello", "World"))
        # HelloWorld
    

Mike #6: Aiosql

  • Fast Async SQL Template Engine
  • Lightweight replacement for ORM libraries such as SQLAlchemy.

Extras

Michael

  • SoftwareX Journal, Elsevier has had an open-access software journal, via Daniel Mulkey. There's even a special issue collection on software contributing to gravitational wave discovery.
  • Python 3.10.0b2 is available
  • Django security releases issued: 3.2.4, 3.1.12, and 2.2.24
  • Talks on YouTube for PyCon 2021.
  • aicsimageio 4.0 released, lots of goodness for bio-image analysis and microscopy, thanks Madison Swain-Bowden.

Mike

Joke

Bank robbers


Want to go deeper? Check our projects