#91: Will there be a PyBlazor?

Published Wed, Aug 15, 2018, recorded Thu, Aug 2, 2018

Brian #1: What makes the Python Cool

Michael #2: Django 2.1 released

The release notes cover the smorgasbord of new features in detail, the model “view” permission is a highlight that many will appreciate.
Django 2.0 has reached the end of mainstream support. The final minor bug fix release (which is also a security release), 2.0.8, was issued today.
Features
- model “view” feature: This allows giving users read-only access to models in the admin.
- The new [ModelAdmin.delete_queryset()](https://docs.djangoproject.com/en/2.1/ref/contrib/admin/#django.contrib.admin.ModelAdmin.delete_queryset) method allows customizing the deletion process of the “delete selected objects” action.
- You can now override the default admin site.
- Lots of ORM features
- Cache: The local-memory cache backend now uses a least-recently-used (LRU) culling strategy rather than a pseudo-random one.
- Migrations: To support frozen environments, migrations may be loaded from .pyc files.
- Lots more

Brian #3: Awesome Python Features Explained Using Harry Potter

Michael #4: Executing Encrypted Python with no Performance Penalty

Deploying Python in production presents a large attack surface that allows a malicious user to modify or reverse engineer potentially sensitive business logic.
This is worse in cases of distributed apps.
Common techniques to protect code in production are binary signing, obfuscation, or encryption. But, these techniques typically assume that we are protecting either a single file (EXE), or a small set of files (EXE and DLLs).
In Python signing is not an option and source code is wide open.
requirements were threefold:
1. Work with the reference implementation of Python,
2. Provide strong protection of code against malicious and natural threats,
3. Be performant both in execution time and in stored space
This led to a pure Python solution using authenticated cryptography.
Created a .pyce file that is encrypted and signed
Customized import statement to load and decrypt them
Implementation has no overhead in production. This is due to Python's in-memory bytecode cache.

Brian #5: icdiff and pytest-icdiff

icdiff: “Improved colored diff”
- Jeff Kaufman
pytest-icdiff: “better error messages for assert equals in pytest”
- Harry Percival

Michael #6: Will there be a PyBlazor?

The .NET guys, and Steve Sanderson in particular, are undertaking an interesting project with WebAssembly.
WebAssembly (abbreviated Wasm) is a binary instruction format for a stack-based virtual machine. Wasm is designed as a portable target for compilation of high-level languages like C/C++/Rust, enabling deployment on the web for client and server applications.
Works in Firefox, Edge, Safari, and Chrome
Their project, Blazor, has nearly the entire .NET runtime (AKA the CLR) running natively in the browser via WebAssembly.
This is notable because the CLR is basically pure C code. What else is C code? Well, CPython!
Includes Interpreted and AOT mode:
- Ahead-of-time (AOT) compiled mode: In AOT mode, your application’s .NET assemblies are transformed to pure WebAssembly binaries at build time.
Being able to run .NET in the browser is a good start, but it’s not enough. To be a productive app builder, you’ll need a coherent set of standard solutions to standard problems such as UI composition/reuse, state management, routing, unit testing, build optimization, and much more.
Mozilla called for this to exist for Python, but sadly didn’t contribute or kick anything off at PyCon 2018: https://www.youtube.com/watch?v=ITksU31c1WY
Gary Bernhardt’s Birth and Death of JavaScript video is required pre-reqs as well (asm.js).

Extras and personal info:

Michael:

Building data-driven web apps course is being well received
Guido van Rossum: Python 3 retrospective — Guido’s final presentation as BDFL

Full transcript