#237: Separate your SQL and Python, asynchronously with aiosql

Watch the live stream:

Play on YouTube

Watch the live stream replay

About the show

Sponsored by Sentry:

• Sign up at pythonbytes.fm/sentry
• And please, when signing up, click Got a promo code? Redeem and enter PYTHONBYTES

Special guest: Mike Groves

Michael #1: Textual

• Textual (Rich.tui) is a TUI (Text User Interface) framework for Python using Rich as a renderer.
• Rich TUI will integrate tightly with its parent project, Rich.
• This project is currently a work in progress and may not be usable for a while.

Brian #2: Pinning application dependencies with pip-tools compile

• via John Hagen
• pip-tools has more functionality than this, but compile alone is quite useful
• Start with a loose list of dependencies in requirements.in:

      typer
      rich
  

• Can have things like >= and such if you have fixed dependencies.
• Now pip install pip-tools, and pip-compile requirements.in
• or python -m piptools compile requirements.in
  • both have same effect.
• Now you’ll have a requirements.txt file with pinned dependencies:

      # autogenerated by: pip-compile requirements.in
      click==7.1.2
          # via typer
      colorama==0.4.4
          # via rich
      commonmark==0.9.1
          # via rich
      pygments==2.9.0
          # via rich
      rich==10.2.2
          # via -r requirements.in
      typer==0.3.2
          # via -r requirements.in
  

• Now, do the same with a dev-requirements.ini to create dev-requirements.txt.
• Then, of course:

      - `pip install -r requirements.txt`
      - `pip install -r dev-requirements.txt`
      - And test your application.
      - All good? Push changes.
  

• To force pip-compile to update all packages in an existing requirements.txt, run pip-compile --upgrade.
• John provided an example project that uses this workflow: python-blueprint

Mike #3: Pynguin

• Automated test generation
• Pynguin is a framework that allows automated unit test generation for Python. It is an extensible tool that allows the implementation of various test-generation approaches.

Michael #4: Python Advisory DB

• via Brian Skinn
• A community owned repository of advisories for packages published on pypi.org.
• Much of the existing set of vulnerabilities are collected from the National Vulnerability Database CVE feed.
• Vulnerabilities are integrated into the Open Source Vulnerabilities project, which provides an API to query for vulnerabilities.
• Longer term, we are working with the PyPI team to build a pipeline to automatically get these vulnerabilities [listed] into PyPI.
• Tracks known security issues with the packages, for example:

      PYSEC-2020-28.yaml
      id: PYSEC-2020-28
      package:
        name: bleach
        ecosystem: PyPI
      details: In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA
        and either svg or math tags are whitelisted and the keyword argument strip=False.
      affects:
        ranges:
        - type: ECOSYSTEM
          fixed: 3.1.2
        versions:
        - '0.1'
        - 0.1.1
        - 0.1.2
        - '0.2'
      ...
  

Brian #5: Function Overloading with singledispatch and multipledispatch

• by Martin Heinz
• I kinda avoid using the phrase “The Correct Way to …”, but you do you, Martin.
• In C/C++, we can overload functions, which means multiple functions with the same name but different parameter types just work.
• In Python, you can’t do that automatically, but you can do it.

• It’s in the stdlib with functools and singledispatch:

      from functools import singledispatch
      from datetime import date, time
  
      @singledispatch
      def format(arg):
          return arg
  
      @format.register
      def _(arg: date):
          return f"{arg.day}-{arg.month}-{arg.year}"
  
      @format.register(time)
      def _(arg):
          return f"{arg.hour}:{arg.minute}:{arg.second}"
  

• Now format works like two functions:

      print(format(date(2021, 5, 26)))
      # 26-5-2021
      print(format(time(19, 22, 15)))
      # 19:22:15
  

• What if you want to switch on the type of multiple parameters? multipledispatch, a third party package, does the trick:

      from multipledispatch import dispatch
  
      @dispatch(list, str)
      def concatenate(a, b):
          a.append(b)
          return a
  
      @dispatch(str, str)
      def concatenate(a, b):
          return a + b
  
      print(concatenate(["a", "b"], "c"))
      # ['a', 'b', 'c']
      print(concatenate("Hello", "World"))
      # HelloWorld
  

Mike #6: Aiosql

• Fast Async SQL Template Engine
• Lightweight replacement for ORM libraries such as SQLAlchemy.

Extras

Michael

• SoftwareX Journal, Elsevier has had an open-access software journal, via Daniel Mulkey. There's even a special issue collection on software contributing to gravitational wave discovery.
• Python 3.10.0b2 is available
• Django security releases issued: 3.2.4, 3.1.12, and 2.2.24
• Talks on YouTube for PyCon 2021.
• aicsimageio 4.0 released, lots of goodness for bio-image analysis and microscopy, thanks Madison Swain-Bowden.

Mike

• Postponement of PEP 563 in 3.10

Joke

Bank robbers

• A book about Rich