Brought to you by Michael and Brian - take a Talk Python course or get Brian's pytest book

Episode #263: It’s time to stop using Python 3.6

Published Wed, Dec 15, 2021, recorded Wed, Dec 15, 2021.



Watch the live stream:


About the show

Sponsored by us:

Special guest: Laís Carvalho

Michael #1: Django 4.0 released

  • Django is picking up speed:
  • 4.0 Dec 2021 (+1)
  • 3.0 Dec 2020 (+3)
  • 2.0 Dec 2017 (+7)
  • 1.0.1 May 2010
  • Feature highlights:
  • Django 3.2 has reached the end of mainstream support. The final minor bug fix release, 3.2.10, was issued today. Django 3.2 is an LTS release and will receive security and data loss fixes until April 2024.
  • Some backwards incompatible changes you’ll want to be aware of when upgrading from Django 3.2 or earlier.
  • They’ve begun the deprecation process for some features.
  • Django 4.0 supports Python 3.8, 3.9, and 3.10.

Brian #2: python-minifier

  • Suggested by Lance Reinsmith
  • My first thought was “we don’t need a minifier for Python”
  • The docs give one reason:
    • “AWS Cloudformation templates may have AWS lambda function source code embedded in them, but only if the function is less than 4KiB. I wrote this package so I could write python normally and still embed the module in a template.”
  • Lance has another reason:
    • “I needed it because the RAM on Adafruit boards using the common M0 chip is around 192KB to 256KB total--not all of which is available to your program. To get around this, you can either 1) compile your code to an .mpy file or 2) minify it. The second worked for me and allowed me to alter it without constantly re-compiling.”
  • Fair enough, what does it do?
  • All of these features are options you can turn off, and are documented well:
    • Combine Import statements
    • Remove Pass statements
    • Remove literal statements (docstrings)
    • Remove Annotations
    • Hoist Literals
    • Rename Locals, with preserved Locals list
    • Rename Globals, with preserved Globals list
    • Convert Positional-Only Arguments to Normal Arguments
  • Also looks like it replaces spaces with tabs
    • Begrudgingly, that makes sense in this context.
  • You can try it at python-minifier.com

    Laís #3: It’s time to stop using Python 3.6

  • Python 3.6 is reaching the end of it’s life in 1 week and 1 day (Dec 23rd), i.e. no more releases after it.

  • You should care because the Python dev team will no longer release security updates for 3.6 ⚠️
  • if you use Linux, you have a bit more time BUT security updates will be released and bug fixes will not.
  • also, Python 3rd party libraries and frameworks will drop support for 3.6 soon enough. See the log4j issue and Java.
  • Brian might like this one: Grype - a vulnerability scanner for container images and filesystems

Michael #4: How to Visualize the Formula 1 Championship in Python

Brian #5: nbdime: Jupyter Notebook Diff and Merge tools

  • Suggestion from Henrik Finsberg
  • “you recently covered ‘jut’ for viewing Jupyter notebooks from the terminal. Check out ‘mbdime’.” (that was episode 258)
  • So I did. And it looks cool.
  • nbdime provides tools for diffing and merging of Jupyter Notebooks.
    • nbdiff compare notebooks in a terminal-friendly way
    • nbmerge three-way merge of notebooks with automatic conflict resolution
    • nbdiff-web shows you a rich rendered diff of notebooks
    • nbmerge-web gives you a web-based three-way merge tool for notebooks
    • nbshow present a single notebook in a terminal-friendly way

Laís #6: Using AI to analyse and recommend software stacks for Python apps

  • thanks Fridolin!
  • Project Thoth: an open source cloud-based Python dependency resolver
    • ML (reinforcement learning) that solves dependency issues taking into consideration runtime envs, hardware and other inputs. Using Markov’s decision process.
    • “a smarter pip” that instead of using backtracking, precomputes the dependency information and stores it in a database that can be queried for future resolutions. Using pre-specified criteria by the developer.
  • In summary:
    • Thot’s resolver uses automated bots that guarantee dependencies are locked down to specific versions, making builds and deployments reproducible;
    • the aggregated knowledge (reinforcement learning from installed logs) helps the bots to lock the dependencies to the best libraries, instead of the latest.
    • They are in beta phase but welcoming feedback and suggestions from the community.

Extras

Brian:

Michael:

Laís:

Joke:


Want to go deeper? Check our projects