Brought to you by Michael and Brian - take a Talk Python course or get Brian's pytest book

#411: TLS Client: Hello <<guitar solo>>

Published Mon, Nov 25, 2024, recorded Mon, Nov 25, 2024
Watch this episode on YouTube
Play on YouTube
Watch the live stream replay

About the show

Sponsored by us! Support our work through:

Connect with the hosts

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Michael #1: Talk Python rewritten in Quart

  • Rewrote all of talkpython.fm in Quart (10k lines of code total, 4k changed)
  • Considered
    • FastAPI
    • Litestar
    • Django
    • Hugo Static Site + Python
    • Flask
  • Discussed the multistage upgrade / conversion process
  • Automating tests for all 1,000 pages

Brian #2: PyPI now supports digital attestations

  • Dustin Ingram
  • Attestations provide a verifiable link to an upstream source repository: By signing with the identity of the upstream source repository, such as in the case of an upload of a project built with GitHub Actions, PyPI's support for digital attestations defines a strong and verifiable association between a file on PyPI and the source repository, workflow, and even the commit hash that produced and uploaded the file. Additionally, publishing attestations to a transparency log helps mitigate against both compromise of PyPI and compromise of the projects themselves.”
  • For maintainers
    • If using GH Actions and Trusted Publishing
      • make sure you use pypa/gh-action-pypi-publish, version v1.11.0 or newer
      • that’s it
    • If not
  • See also

Michael #3: Django Rusty Templates

  • by Lily Foote
  • An experimental reimplementation of Django's templating language in Rust.
  • Goals
    • 100% compatibility of rendered output.
    • Error reporting that is at least as useful as Django's errors.
    • Improved performance over Django's pure Python implementation.

Brian #4: PEP 639 is now supported by PYPI

  • from Brett Cannon
  • PEP 639 – Improving License Clarity with Better Package Metadata
  • For project metadata, use these fields: license and license-files:
  • Examples license field

    [project]
    license = "MIT"
    
    [project]
    license = "MIT AND (Apache-2.0 OR BSD-2-clause)"
    
    [project]
    license = "MIT OR GPL-2.0-or-later OR (FSFUL AND BSD-2-Clause)"
    
    [project]
    license = "LicenseRef-Proprietary"
    
  • Examples of license-files:

    [project]
      license-files = ["LICEN[CS]E*", "AUTHORS*"]
    
      [project]
      license-files = ["licenses/LICENSE.MIT", "licenses/LICENSE.CC0"]
    
      [project]
      license-files = ["LICENSE.txt", "licenses/*"]
    
      [project]
      license-files = []
    

Extras

Brian:

  • Playground Wisdom: Threads Beat Async/Await - interesting read from Armin Ronacher about different language abstractions around concurrency.
  • PythonTest.com Discord community is now live
    • Launched last week, as of this morning we’ve got 89 members
    • Anyone already a pythontest community member has received an invite
    • Anyone can join through courses.pythontest.com
  • Everything at pythontest.com is 20% off through Dec 2 with code turkeysale2024
  • “Python Testing with pytest” eBook 40% off through Dec 2, use code turkeysale2024

Michael:

  • Python 3.14.0a2 released
  • Starter packs:
    • Michael’s Python people: https://bsky.app/starter-pack/mkennedy.codes/3lbdnupl26e2x
    • Directory: https://blueskydirectory.com/starter-packs/all

Joke: curl - heavy metal style!


Want to go deeper? Check our projects