#293: And if I pull this open source Jenga block...

Play on YouTube

Watch the live stream replay

About the show

Sponsored by Microsoft for Startups Founders Hub.

Special guest: Ashley Anderson

Ashley #1: PSF security key giveaway for critical package maintainers

• Giving away 4000 2FA hardware keys
• Surely a team effort but I found it via @di_codes twitter (Dustin Ingram)
  • links to previous talks on PyPI/supply chain security
• Interesting idea for helping with supply-chain vulnerabilities
• At least one dev pulled a critical package in response
• Previously: <add some links to prior discussions>
• I don’t have any critical projects
• Armin Ronacher has an interesting take

Michael #2: PyLeft-Pad

• via Dan Bader
• Markus Unterwaditzer was maintaining atomicwrites
• More on how this relates to a project (Home Assistant)
• I wonder if PyPI will become immutable once an item is published

Brian #3: FastAPI Filter

• Suggested and created by Arthur Rio
• “I loved using django-filter with DRF and wanted an equivalent for FastAPI.” - Arthur
• Add query string filters to your api endpoints and show them in the swagger UI.
• Supports SQLAlchemy and MongoEngine.
• Supports operators: gt, gte, in, isnull, it, lte, not/ne, not_in/nin

Ashley #4:

• Tools for building Python extensions in Rust
  • PyO3
    • pyo3 - Python/Rust FFI bindings
      • nice list of examples people might recognize in the PyO3 README
      • Pydantic V2 will use it for pydantic-core
    • maturin - PEP 621 wheel builder (pyproject.toml)
      • pretty light weight, feels like flit for Rust or python/Rust
    • rust-numpy (+ndarray) for scientific computing
    • setuptools-rust for integrating with existing Python projects using setuptools
  • Rust project and community place high value on good tooling, relatively young language/community with a coherent story from early on
  • Rust macro system allows for really nice ergonomics (writing macros is very hard, using them is very easy)
  • The performance/safety/simplicity tradeoffs Python and Rust make are very different, but both really appeal to me
  -

Michael #5: AutoRegEx

• via Jason Washburn
• Enter an english phrase, it’ll try to generate a regex for you
• You can do the reverse too, explain a regex
• You must sign in and are limited to 100 queries / [some time frame]
• Related from Simon Willison: Using GPT-3 to explain how code works

Brian #6: Anaconda Acquires PythonAnywhere

• Suggested by Filip Łajszczak
• See also Anaconda Acquisition FAQs from PythonAnywhere blog
• From announcement: “The acquisition comes on the heels of Anaconda’s release of PyScript, an open-source framework running Python applications within the HTML environment. The PythonAnywhere acquisition and the development of PyScript are central to Anaconda’s focus on democratizing Python and data science.”
• My take:
  • We don’t hear a lot about PA much, even their own blog has had 3 posts in 2022, including the acquisition announcement.
  • Their home page boasts “Python versions 2.7, 3.5, 3.6, 3.7 and 3.8”, although I think they support 3.9 as well, but not 3.10 yet, seems like from the forum. Also, no ASGI, so FastAPI won’t work, for example.
  • Still, I think PA is a cool idea, and I’d like to see it stay around, and stay up to date. Hopefully this acquisition is the shot in the arm it needed.

Extras

Michael:

• Python becomes the most sought after for employers hiring (by some metric)

Ashley:

• PEP691 JSON Simple API for PyPI
• Rich Codex - automatic terminal “screenshots”

Joke: Neta is a programmer