Brought to you by Michael and Brian - take a Talk Python course or get Brian's pytest book

Episode #293: And if I pull this open source Jenga block...

Published Wed, Jul 20, 2022, recorded Mon, Jul 11, 2022.

Watch the live stream:

About the show

Sponsored by Microsoft for Startups Founders Hub.

Special guest: Ashley Anderson

Ashley #1: PSF security key giveaway for critical package maintainers

  • Giving away 4000 2FA hardware keys
  • Surely a team effort but I found it via @di_codes twitter (Dustin Ingram)
    • links to previous talks on PyPI/supply chain security
  • Interesting idea for helping with supply-chain vulnerabilities
  • At least one dev pulled a critical package in response
  • Previously: <add some links to prior discussions>
  • I don’t have any critical projects
  • Armin Ronacher has an interesting take

Michael #2: PyLeft-Pad

Brian #3: FastAPI Filter

  • Suggested and created by Arthur Rio
  • “I loved using django-filter with DRF and wanted an equivalent for FastAPI.” - Arthur
  • Add query string filters to your api endpoints and show them in the swagger UI.
  • Supports SQLAlchemy and MongoEngine.
  • Supports operators: gt, gte, in, isnull, it, lte, not/ne, not_in/nin

Ashley #4:

  • Tools for building Python extensions in Rust
    • PyO3
      • pyo3 - Python/Rust FFI bindings
        • nice list of examples people might recognize in the PyO3 README
        • Pydantic V2 will use it for pydantic-core
      • maturin - PEP 621 wheel builder (pyproject.toml)
        • pretty light weight, feels like flit for Rust or python/Rust
      • rust-numpy (+ndarray) for scientific computing
      • setuptools-rust for integrating with existing Python projects using setuptools
    • Rust project and community place high value on good tooling, relatively young language/community with a coherent story from early on
    • Rust macro system allows for really nice ergonomics (writing macros is very hard, using them is very easy)
    • The performance/safety/simplicity tradeoffs Python and Rust make are very different, but both really appeal to me
    • -

Michael #5: AutoRegEx

  • via Jason Washburn
  • Enter an english phrase, it’ll try to generate a regex for you
  • You can do the reverse too, explain a regex
  • You must sign in and are limited to 100 queries / [some time frame]
  • Related from Simon Willison: Using GPT-3 to explain how code works

Brian #6: Anaconda Acquires PythonAnywhere

  • Suggested by Filip Łajszczak
  • See also Anaconda Acquisition FAQs from PythonAnywhere blog
  • From announcement: “The acquisition comes on the heels of Anaconda’s release of PyScript, an open-source framework running Python applications within the HTML environment. The PythonAnywhere acquisition and the development of PyScript are central to Anaconda’s focus on democratizing Python and data science.”
  • My take:
    • We don’t hear a lot about PA much, even their own blog has had 3 posts in 2022, including the acquisition announcement.
    • Their home page boasts “Python versions 2.7, 3.5, 3.6, 3.7 and 3.8”, although I think they support 3.9 as well, but not 3.10 yet, seems like from the forum. Also, no ASGI, so FastAPI won’t work, for example.
    • Still, I think PA is a cool idea, and I’d like to see it stay around, and stay up to date. Hopefully this acquisition is the shot in the arm it needed.




  • PEP691 JSON Simple API for PyPI
  • Rich Codex - automatic terminal “screenshots”

Joke: Neta is a programmer

Want to go deeper? Check our projects