Transcript #228: Supreme Court decides API copyright battle
Return to episode page view on github00:00 Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to
00:04 your earbuds. This is episode 228, recorded April 7th, 2021. I'm Michael Kennedy.
00:10 And I'm Brian Eakin.
00:11 And I'm Guy Royce.
00:13 Hey, Guy. Welcome. Special guest Guy Royce here to be part of the show this week.
00:17 Thanks for having me.
00:18 It's exciting.
00:19 I know that's what they all say, right?
00:20 It's great to have you here, though. You know, we met on a panel at the Python Web Conference,
00:27 and we recently had Calvin Hendricks-Parker here who was organizing that as well. So,
00:33 you know, a little more Python Web Conference going on.
00:36 Yeah, it was a good event.
00:37 Absolutely. You want to tell folks a bit about yourself before we jump into the topics?
00:41 Yeah, sure. You know, you can see my name right here on the screen, but for those listening to
00:45 the podcast, my name's Guy. Yes, it's my real name. I sometimes get asked if it's short for something.
00:51 It's not, in fact, short for Guy Tholomew. It's actually just my name, Guy.
00:56 I work for Redis Labs. I'm a developer advocate there, and I've been doing developer relations
01:01 type of work for, you know, I've been paid to do it for about five years. I've been doing it
01:05 unpaid, as an unpaid just fan of doing community things for about 10 years on top of that. So,
01:12 a lot of different tech stacks. I'm not really a Python person by trade. I tend to spend more time
01:18 in the vile, vile JavaScript space.
01:20 The other very popular language these days.
01:25 It is. But I know a lot of different things. I'm a bit of a generalist, so I do Python as well.
01:31 Fantastic. How do you enjoy being a developer evangelist? It seems like a really fun job.
01:35 Well, I like to joke that the best thing about being a developer advocate is that it lets me
01:40 monetize my narcissism. But the reality of it is, I mean, it's actually a lot more work than you would
01:48 think. It is fun, but there's a lot of challenge there. You know, I spent a lot of my time making
01:53 content, advocating with the product group for, you know, the ways that we should change Redis and our
01:59 clients and that kind of stuff. And also going out and speaking at events. This obviously has been a
02:04 very weird year for that.
02:05 Yeah, it has.
02:07 But, you know, that's a lot to balance. It's actually kind of a lot of hats to wear. And there's a degree
02:13 where we're being a generalist is very useful. Like today, I'm spending a lot of time working on a
02:18 .NET course, helping someone out with that because I've got some .NET experience. But, you know, it's,
02:23 but then I'm doing stuff in JavaScript and then, oh, let's look at graph databases. And so I'm just
02:27 looking at different things all the time.
02:28 And you got dragged to this Python podcast as well.
02:30 Yeah. And then someone thinks I know Python and put me on this podcast.
02:33 You've got a couple of good items to talk about. I think that'd be good.
02:36 Yeah.
02:37 All right. Well, cool. Welcome. Brian, you want to kick us off here?
02:41 I can't believe it's already March. I was going to say it's already March.
02:44 It's almost March and it's actually blown out. So.
02:46 Yeah. Yeah. Yeah. So here's an article called How to Make Awesome Python Package. How to Make an Awesome Python
02:54 Package in 2021. And this is, I really love this article because it's kind of my workflow.
03:01 I've just never written it down. And so I'm really grateful for Anton for writing it down.
03:06 I'm also grateful to John Mitchell on Twitter to post that so that I could see it. So it's great.
03:13 I really love it. Anyway. Well, so what is this? It isn't about how to make an awesome package.
03:18 It's all of the extra stuff. It's the workflow. So we, he starts and he starts just like at the basics,
03:25 just stubbing a package. And I really actually really liked that. This is, this is where you start. So
03:30 the start was in unique, just grabbing a directory and stubbing it out and then having an, a, a,
03:38 a dunder init file and a, an initial file that just does like, has one function you can call just so that
03:45 it's something there. And it actually throws a, a, not, not implemented yet exception, which is,
03:50 that's a great thing to throw. Right. And then pardon the birds. Like anyway,
03:57 Brian's recorded from Hawaii and he's didn't like the forest. So it's fine.
04:01 Yeah. He's got a virtual background to make it look more, more, more tropical birds. Yeah.
04:06 Yeah. So then using flit to, to, to package it up and then go ahead and publish, not publish for real
04:14 published to the test by PI repository, which I love this workflow of, if you're going to plan on
04:20 sharing something, just go ahead and do this right away. The one thing missing there is go ahead and
04:26 check the real PI PI to make sure your project name isn't taken already or else the test might work,
04:32 but your real one won't. So adding that in is a good step, but then I'm blown away at some of the
04:38 Python packages that are still available, like secure, right? I mean, that's not available now,
04:43 but there was a thing that got, got to just call it, call itself secure. Like a couple of years ago,
04:48 how is that still a thing? Right. Oh my God. Yeah. So one of the, one of the tricks with doing the test
04:53 PI PI PI though is getting your, is, getting the PI PI RC correct. So it, he talks about how to do
05:01 that. and then publishing using flip publish. and then, you know, adding, adding more detail,
05:08 like, now you actually have to implement it. So, an implementation of something and then push to
05:13 the real repository. And then, you know, then all the, everything else is like extras. And he lists them
05:20 as appendices almost, like adding a read me and a change log and, and then, you know,
05:26 linters and tests testing, you should maybe test earlier than this, but, setting up talks and make
05:32 files and cloud building and the whole gamut. So this is a really great, comprehensive article.
05:38 And you can, what I like is you can start at the beginning. And if you're not even publishing publicly,
05:44 if you're just publishing in-house, this still makes sense up to, up to a certain point. So this is great.
05:49 Yeah. It looks like really good advice. I love having a well-structured projects where,
05:53 you know, if I have a problem or there's something I want to do, I know right where to go. I don't
05:57 need to go through all the coders. Like here's the 50 lines of code that could possibly be about this.
06:01 Let me go find it and get started. Guy, what do you do?
06:03 I, this is, I like that it's an awesome Python package and it's not about the contents. It's about
06:09 the stuff around it, right? This is the kind of stuff that is just noobs need this, right?
06:15 Yeah. It's just, these are exactly the sorts of resources I like to find. It's the, here's the
06:19 canonical way to do this thing. well, right. And a lot of times the tutorials are like, well,
06:24 create the one file and that's what you do. And then off you go. And I feel like that kind of leads
06:28 people down the wrong path a lot of times. So, yeah, love it. All right. Well, I think I got the
06:33 next one here, Brian. Okay. Cube striker as in Kubernetes. So this is a security tool for anyone
06:41 who is running or being a tenant on a Kubernetes cluster. So it's really fast way to audit an
06:48 existing Kubernetes clusters for best practices. And like all beautiful repositories, it has an
06:54 animated gift. So you don't have to read anything. You just watch it for a little like, oh, this is
06:57 what it does. That's kind of cool. Maybe I'll use this. Yes. We love those who are listening.
07:02 There's an animated GIF on the screen right now. That's right. Absolutely. You should totally see
07:07 it. It's amazing. Yeah. Yeah. Guy, I mean, sometimes we cover, there'll be like UI frameworks,
07:11 like, oh, we built this whole UI framework. We do this thing. And there's like no screenshot or no way
07:15 to see what it looks like. Well, if it's about the UI, we should probably see some pictures. So,
07:19 Brian and I are always on a bit of a kick about this. Yeah. Yeah. So it performs a bunch
07:24 of in-depth analysis, self-hosted Kubernetes on Amazon EKS, Azure EKS, I suspect pretty much
07:31 you name it the EKS and it'll do it. Let's see if I can find where it talks about the things that it
07:36 does. Yeah. So it scans, your infrastructure. Like I said, it checks for various services and open
07:44 ports, tells you that they should or shouldn't be open. it looks for insecure things or,
07:50 read, right. Or you can even set it up to be read only and it can check, you know, give it like
07:54 lower permissions and it'll still do that. It'll look for misconfigured IAM, settings, identity
08:00 from Azure, sorry, AWS, misconfigured containers, pod security policies, network policies,
08:06 and extra privileges, all that kind of stuff. So running containers is pretty easy. Running containers
08:12 in Kubernetes is pretty easy. Running a Kubernetes cluster, not easy. There's a lot going on if you're
08:18 the one running the Kubernetes cluster. And so here's a really nice tool that you just point at
08:22 your cluster and say, how am I doing? Right. Give it a quick check to see if anything's wrong.
08:27 Yeah. Yeah. Yeah. Thanks. You guys, guy, you do anything with Kubernetes or Docker or things like
08:33 that? I do basic developer things that developers tend to do with Docker. I'm, containerization
08:39 isn't necessarily my jam. I mean, you know, I, I certainly will spin up a Redis instance, for example,
08:44 using Docker or something like that, because that's super convenient, but, beyond using
08:49 some basic Docker compose, I don't do much of anything. Yeah. Same, same here. I feel like
08:53 every time I start to work with them, I go, this is really neat, but it feels like I'm just moving
08:57 code complexity to DevOps complexity and I'm better at code than I'm at DevOps. So let me not do that.
09:02 You got to write it down somewhere, right? Yeah. At the end of the day.
09:07 Exactly. Exactly. All right. So, guy, you got this next one here. This is something I'm,
09:11 I'm pretty excited about. I'm a big fan of the possibility of WebAssembly. Sounds like you are
09:17 as well. Yeah, I'm an enormous fan of WebAssembly. and I mean, there's a couple of reasons for
09:21 that. Some of it's that it kind of reminds me of the early days, like, like in the eighties,
09:26 when I was learning programming, I got into 6502 assembly language. So that low level,
09:32 machine level coding has got a, it's got a, nostalgic joy to it. And so WebAssembly has
09:38 drawn me in. if you don't know much about WebAssembly, just to put context around it,
09:43 WebAssembly is byte code for the browser. That's where it started. the idea is,
09:47 is you can take some code, write it in C or rust or some higher level compiled language.
09:50 And then you get a, bunch of byte code, a binary file that can be downloaded and run
09:55 from the browser. So that's WebAssembly in 30 seconds.
09:59 People, you have been done really crazy stuff with things like asm.js, where they're like,
10:03 Oh, let's take some code and send it over to some fancy JavaScript that then we'll compile it in
10:08 Java. And there's just all this wild stuff that you can do. And it's really, really impressive.
10:12 But this is like, you know, if you're going to do that, let's make this an actual thing.
10:16 That's actually expected to be this runtime, this low level runtime. And yeah, it's cool.
10:21 Well, and it turns out it's actually a lot more performant too. I mean, I've seen benchmarks say as much as 20% faster, all the way up to 20 times faster, but regardless,
10:30 they always say faster, which is good.
10:33 And smaller probably coming down as binary bits and probably loads faster. It doesn't have to jet it.
10:37 Yeah.
10:38 It gets there.
10:38 Well, and it's, it's just another file that could be served from the file server. So,
10:41 or from the web server. So it can be cached and all the other things that you would do with any web
10:45 content. So, lots of advantages and optimizations to be had.
10:49 All right. So what's this thing that you're, you're telling us.
10:51 So, so wasm time, you know, it says, Hey, we built this bike code for the browser.
10:56 wasm time said, you know, what if we put the bike code wherever we want it?
11:00 And instead, so in much the way that node, brought JavaScript to the server side, wasm time,
11:07 wasm time brings a WebAssembly to the server side by adding, IO capabilities.
11:12 And by adding a command line tool that can run it, by adding, run times that you can load up
11:18 in other languages. So, wasm time, it is simplest is, is you've got a WebAssembly module
11:23 and you say wasm time space in that module on the command line, and it just runs it and does whatever
11:28 it does.
11:28 Fantastic. And there's different languages supported, right?
11:31 Right. So, and this isn't language support from a, take that language and compile it to web
11:36 assembly. This is take WebAssembly modules and run it in those environments.
11:40 So in rust, python, go.net and in C, although it's not listed here on the screen, there
11:45 are run times that you can load up, load a WebAssembly module from whatever, you
11:51 know, read it from the file system, read it out of whatever. Right. and instantiate that
11:56 WebAssembly module and run it. And so, yeah. So if I found like a cool library, it happened
12:00 to be written in rust and it has a WebAssembly version. I could then use that in Python.
12:05 Absolutely. I've actually done, WebAssembly text format, which is the assembly language to go with WebAssembly. I've used
12:14 that to compile simple modules and just like add numbers and stuff like that. And then loaded
12:19 that up from Python code. And I actually even run it inside of Redis. but yeah, so now
12:25 all of a sudden it brings that those compiled chunks of code that's that are really just data.
12:30 You can handle them around any way you want and bring them into, all these different
12:34 platforms. That's pretty cool.
12:36 Yeah. This is really neat. Brian, what do you think? just the, the, the intermediate
12:40 part to where you can, you can have, a group of people, like even if it's not some
12:45 third-party package, it's just within one company that can write in whatever language they want to
12:50 write in and then have an intermediate language that, you can, you can glue it all together
12:55 down the pipeline. I think that just makes people more efficient. I'd like to see that,
13:00 that sort of take off. I think it's a neat, neat place to go.
13:03 Yeah. Guy, could I use this to say if I had like a .NET library, a go library and a rust library,
13:09 and I was writing in Python. Could I bring those all together to interoperate with this thing?
13:12 in theory, I mean, there's a lot of, a lot of work to be involved to do that.
13:17 and there are limitations, out of the box WebAssembly, just like out of the box, JavaScript
13:23 didn't have any kind of IO because you don't need IO in a browser that you have fetch, right? You know,
13:29 that's, that's all the IO you get. WebAssembly is the same way, but, web,
13:34 as some time is support supports the WASI standard. all these things start with W. They're actually
13:39 kind of hard to say. and what I see is the WebAssembly systems interface, which gives you a file IO
13:46 and, we'll eventually give us network IO right now. It will support reading and writing a sockets,
13:52 but it won't support opening a socket, which is tantitizingly frustrating.
13:57 That extra ability though, that actually kind of scares me a little bit. And I'm,
14:01 I'm concerned about the security part since you're grabbing some binary blob or it's a sem WebAssembly
14:08 blob. It's still not human readable. Right. So how do I know it's not going to be a virus or something
14:13 like that? Yeah, that's, that's actually a totally legitimate concern. it's, it's honestly echoes
14:19 the same concerns that we had with a node, JS when it first came out. It's like, cause, cause in the
14:25 browser, it's all nice and neat and sandboxed. Right. and as soon as JavaScript escaped the
14:29 browser and got under your server side, everyone's like, well, but we can pull JavaScript code and call
14:33 you Val on it from anywhere. It's like, well, yeah, you could. and so it's the same, I think we end
14:38 up in the same situation where, it's got the same caveats once we go there. you know, I, you know,
14:45 I guess the advice is don't run strange code, right? Yeah. But, these are particularly like
14:52 a JavaScript. You can look at it and say, you know, I, I see what's going here. And I suppose if it's
14:57 minified, that's not that easy, but, with WebAssembly, it's actually just bytes and it's even
15:01 hard. It's even more opaque. Yeah. Yeah. I mean, there's so much stuff going on in the supply chain
15:06 space now, right? IPI, there was the PHP itself got a backdoor put into it, but luckily never got
15:15 into any of their releases. But yeah, I mean, it's a good concern, Brian, or a valid. Certainly it is.
15:20 It's still cool. Yeah, absolutely. You know what else is cool, Brian? This episode is brought to you
15:26 by you and me this time. So all of the cool things we're doing, I want to tell people if they want to
15:30 take some Python courses, they can check out talkpython.fm and just click on courses. And we've got a
15:36 and about to release a brand new free course that people will be able to check out as well.
15:41 Probably I'll be able to talk about that next time, but it's on the data science side and that'll be a
15:44 lot of fun. And then, people want to test things. They should probably test it with a pie test so they
15:49 can check out your book as well. Yeah. Yeah. That'd be great. I can't wait to get the best sponsors.
15:54 Thanks. Yeah. And I can't wait to get back to conferences so I can get back to handing out
15:59 stickers and stuff. That was so great. Yeah. I know. Imagine that with other people. So crazy. Yeah.
16:06 I hand them to myself, but you know, I'm a risk of becoming agoraphobic at this point. Yeah.
16:12 Yeah. so I wanted to talk about something cool that Anthony shop put together. So, he, he,
16:20 I just saw about this. I think don't you use a dependent bot? I, Oh yeah. I, my,
16:27 my Monday morning means go in and like close 20 PRs and about four of them are conflicting with depend,
16:33 a bot where depend a bot was the other PR that also did the PR that I conflict with. So yeah,
16:39 I've got this special relationship, but I'm still very glad to have it there. Cause it's fantastic to
16:43 know there's a security problem for this thing. Fix it now. that's really good to know.
16:47 Yeah. So, okay. So I probably am a bad one to introduce the depend a bot side. So this is,
16:52 we're actually talking about depend a lot bot, but depend a bot. If people haven't heard it,
16:58 like the 90 times we've talked about it. it, it, it, tell me what it does. It goes out and
17:04 checks to, so it looks at, it supports different languages. The Python world. That means, it,
17:10 if it sees a requirements.txt or it sees like a pyproject.toml or whatever, it will look in there
17:16 for pinned versions. If they're not pinned, it will pin it to the current version and then submit that
17:21 change to the requirements.txt as a PR. Yeah. If they are there and it sees there's a new version
17:26 of that library, it will do a PR and in the PR, it'll say things like, here's the change log and
17:31 all the commits since the last time you use this library. Here's the release notes around this
17:36 library. Click this button to apply the new, you know, upgrade your pinning. So, you know,
17:42 requests equal, equal something higher than it is currently automatically to your system. So that's
17:48 the job of depend a bot. The thing, the complaint is that if I've got a requirements.txt file with 30
17:55 packages in it, I, and 10 of them change, I get 10 PRs instead of one PR with 10 changes. Yeah.
18:02 It's anyway. Yeah. And they conflict with each other cause they're like all like right by each
18:06 other. And you like, as you accept them, they start to like get merge requests. You got to
18:10 merge conflicts. You got to resolve. And anyway, that's, that's the deal, but that's what it does.
18:15 So this depend a lot bot is a bot that looks at all of this and decides, and you create a list to say,
18:24 certain, some of my dependencies can be automatically figured out. and then like,
18:29 say talks. So you're not, you're using talks, but you're not really using it. You're using it to test
18:35 and stuff. You're not using it for everything. So, like that's an example and the depend a lot bot
18:43 makes sure that the PR request from dependent bot, if it passes the tests, it goes ahead and merges it.
18:50 So that's really all it does. And I think that's cool to just, because that's what I would do. If I
18:56 got one of those PR requests, I would make sure it all works fine. And then probably in some of them,
19:01 I would probably just push through if I trust the, where it comes from and stuff. So yeah,
19:05 exactly. But it's a well-known package. The chances are it's going to be fine, right? Like Bodo from
19:10 AWS, there's fine to take it. Yeah. And especially the tools around your project or, or you're,
19:16 you're only using a little part of something. As long as your test pass, it's probably going to be
19:20 fine. Things like updating Django. You may want to have some more manual procedures for that,
19:26 but something, something, some minor thing, like I'm only using, you know, a fraction of a package,
19:32 go ahead and update it and see if the test passes. Yeah, exactly. I totally agree. Guy, if one space
19:38 has more dependencies than Python, it's gotta be JavaScript.
19:41 Ain't that the truth? yeah. you know, my, my interaction would depend about, the vast
19:48 majority of my repos online are sample codes to go with talks and, and, and videos and that kind of stuff.
19:53 And, I always get depend about notifications for, Hey, this project that you did a year and a
19:57 half ago that you forgot about, that tends to be my interaction with depend about. I can see
20:03 how something like this would be very useful. I don't know that, I don't know. It might be something
20:07 I could use to just, I have to think about those old packages anymore. It seems like this could be
20:10 really helpful. Yeah. I do like the other guys, the developer's name is Tony baloney. That's a
20:14 fantastic username, by the way.
20:15 Yeah. He's, he's been on the show. He's a great friend of the show. yeah, it's a good,
20:21 I don't, I've, I've never met him. I just think that's really funny. Kudos.
20:25 Yeah. This is really cool. I want to check this. I'm, I've definitely think I'm putting this,
20:30 putting this on. I'll probably do it. Like, for example, things like talks and pie test
20:34 and my testing tools and the linters and stuff like that. I definitely want to just update those
20:40 like and try. And if it doesn't, if I'm always going to update those, if there, if there's a new
20:46 one in it and everything passes. So yeah. Yeah. Just roll it back. It doesn't work.
20:50 Yeah. And tangentially related Dean out there says he can't seem to be able to pip install dash
20:54 E dot bracket extra, but then he quickly posted his own little fix that, Oh, in a Z shell,
21:00 you got to escape the brackets. Anyone else there's trying to do that. That's, that's great. But yeah,
21:05 well done on this Tony, Anthony, this is really, this could be a dream. If this works the way I
21:12 see it working, I will be so happy. My Mondays won't be like, well, here's the next hour emerging
21:17 PRs and resolving its own self-conflict. So I'm excited. Very cool. All right. Well,
21:23 what is the next one? I want to take us a little bit, like take a step back just a little bit
21:28 from low level tech and talk about the Supreme court of the United States, Brian.
21:33 I want to talk about this too. I also want to take you back to the early two thousands.
21:38 I mean, this is like early days in my programming career, honestly, but here we are with a ruling
21:43 about something that happened in the early two thousands. And what it is, is that way, way back
21:49 son created Java, Google, when they created, I actually, whoever created Android, I think before
21:54 Google bought them created Android and said, you know, what would be cool is if we could program
21:58 this with Java and use the API of Java. So the common ways to like write files and open
22:05 sockets, all that kind of stuff, it just may get exactly what the Java runtime libraries do,
22:12 but they did not actually take Java. They actually re-implemented it from scratch. So none of the
22:17 runtime details had anything to do with Java, but the API, the way you talk to it looked just like
22:23 the Java base class library library. So Oracle buys Java, Oracle thinks that's not super cool.
22:30 We want part of that action. Sues Google for copyright infringement by using the Java APIs.
22:36 And so then this throws a huge uncertainty into the space of basically all these libraries,
22:42 right? What if, what if I want to create a new web framework and the way it works is a little bit
22:47 like Flask, but it turns out that Flask copyrighted, you know, the way it uses decorators, you know,
22:53 app.route or whatever. And then I get sued. That seems, I don't know, that seems weird, right?
22:57 Yeah.
22:58 So does this mean that, yeah, go ahead, guy.
23:00 So does this mean that this ruling mean that you can't copyright an interface in essence?
23:05 Yes. Well, the ruling is interesting because it didn't actually address the copyright ability
23:12 of APIs. They said potentially they still could be copyrighted, but the use of the API, as I described
23:19 it in the beginning of like, this is the way you talk to it, not the implementation, but the,
23:23 the way you speak to the thing, they said that that is fair use. So when things are copyrighted,
23:29 you're allowed to speak about them in limited ways. You're not allowed to take a movie and publish it,
23:34 republish it, but you're allowed to take a scene of it and analyze it and, and maybe have that
23:39 soundtrack, that 30 second soundtrack or something like that.
23:41 Right. So that'd be fair use. And so they said the way in which they're using APIs is like fair use.
23:47 And they, they talked about the knowledge, having a thing, you might copyright the thing,
23:52 but having knowledge, how to operate the thing that you can't copyright. So like knowing how to drive a
23:57 car, you can't copyright that. And so having the API without the implementation is kind of like
24:03 the knowledge of how to operate the thing that the API goes to, but the API itself is fair use,
24:09 which is pretty interesting. So I guess just to sort of put the bow on it is the Supreme Court ruled
24:14 that Oracle suit is dismissed. They cannot sue Google. And it stopped actually a huge wave of
24:23 lawsuits that would have followed around all sorts of different things for all different sorts of
24:26 people. So I think I'm happy with this.
24:28 I think I am too, actually. I mean, if I, if I were to sum up everything I just heard,
24:33 what I heard is reverse engineering is fair use.
24:35 Yes. That sounds about right.
24:37 So for example, the Twitter version of this ruling.
24:41 Yeah.
24:42 You know, the example that came to mind for me, and it, this is the thing, like this exact
24:48 example that was the lawsuit, it seems really clear to me that it shouldn't really, I don't think that
24:53 should be a thing. But on the other hand, you know, AWS was hosting, like reselling the open source
24:59 free version of MongoDB as a service without paying any money to the MongoDB folks who actually
25:05 created and maintained it. They changed their license. And so what AWS did was kept the API for
25:11 MongoDB identical, but re-implemented the database server in their own version. I feel like that's a
25:18 real interesting example. That's a little more close to the edge. It's like, well, here's an open source
25:21 project that built something neat. Here's somebody who was literally running it and taking profits off
25:27 of it exactly. And then, then they sort of changed it to this mode and it now, now it's okay. And I think
25:33 it probably is okay. Although I feel like Redis could get itself into the same situation, probably,
25:38 unless the license already explicitly says that you can't do that.
25:43 The only licenses we have that's specifically explicit that are the ones for the modules, which extend it,
25:50 extend Redis. Redis itself is open source. And so, and Amazon does have an implementation of Redis that they sell.
25:58 Okay. Yeah. Tal out there in the live stream says, you know, another example would be AWS could sue all the other places like Linode and DigitalOcean and stuff that offer S3 compatible storage.
26:11 That's such a good point.
26:13 Yeah. Right. Like they, they both, both Linode and DigitalOcean have something that's like,
26:18 like S3 and you literally can talk to it with a Bodo 3 API because it, on the surface, it is S3. And so there's another example of something that is spared being destroyed.
26:30 Yeah. In the courts.
26:31 I hope this holds up. I really want APIs to be something that you, you can't copyright.
26:37 I think this is it. I think this is it. I mean, this, it actually Google won and then it was overturned by a higher court and then Google won again.
26:46 Then it was overturned by a higher court and it like literally worked its way all the way to the Supreme court.
26:50 And then this is it. And the Supreme court operates so much on prior, prior rulings and precedent and stuff that it's very unlikely that it could be changed at this point.
27:00 And the entire, the entire like story of Java is just riddled with these gross lawsuits. And it's just, I just have to shake my head about it.
27:11 It really would be nice if it had a nicer history. I think people would be, you know, trashing Java a lot less at this point.
27:19 Yeah. We come up with other reasons. It wouldn't be a problem.
27:21 Ben Thompson from strategy had a really interesting analysis, taking apart what the Supreme court said.
27:29 And one of the things they focused on was the, the meaning and the essence of copyrights.
27:35 Like the reason to have copyrights is so that somebody might invest 10 years in something that could easily be copied, copied, but doesn't yet exist and sort of drive innovation.
27:43 And they talked a lot about the Supreme court talked about, does this application of copyright actually benefit or restrict innovation?
27:51 And it was interesting that they were actually thinking in those terms, not just like, well, what is the legal definition of copyright?
27:55 But they're like, this would be very harmful to so many people if it went the other way.
28:00 And so we got to consider that as well.
28:02 And, let's see, Dean says, so, Java lost this closed case.
28:07 I guess the case is now public static void.
28:09 It's final.
28:10 Yeah.
28:12 Exactly.
28:13 Exactly.
28:16 Cool.
28:17 All right.
28:17 Apparently we have a Supreme court factory.
28:19 So, you know, yeah, yeah.
28:21 We've got an eye Supreme court and the Supreme court factory generates eye Supreme court implementations.
28:27 And we got a Supreme court manager.
28:29 Yeah.
28:29 Oh gosh.
28:30 Yeah.
28:31 That's, no, I don't know.
28:33 That's, that's going to be down too far, too far down.
28:36 It's a bridge too far, isn't it?
28:38 Yeah.
28:38 It definitely is.
28:39 It definitely is.
28:40 All right.
28:41 guy, you got the last one here and I'm not sure I pulled it up.
28:44 Let me make sure I, I got it pulled up here.
28:46 Here we go.
28:47 Yeah.
28:48 So, you already talked about how you work for Redis and, machine learning is absolutely
28:54 front and center in the Python world.
28:55 And you guys are doing some interesting stuff there.
28:57 You want to tell us about it?
28:58 Yeah.
28:58 So, I, I, I sort of mentioned this earlier, but, it's kind of a good segue is Redis
29:04 has modules, which are, you know, things you can use.
29:07 They're like plugins to extend what Redis can do.
29:08 So you can, there's like a module.
29:10 It's a graph database.
29:10 And so now boom, we got new, some new types and some new functionality.
29:14 We can do graph databases or time series or whatever.
29:16 And, one of the modules that, Redis lab, and, and this is part of Redis.
29:22 It's standard.
29:22 Anyone can create a module.
29:23 You know, any, there are lots of open source ones out there.
29:26 Redis labs has a few that we've created.
29:28 One of those is Redis AI and Redis AI turns Redis into a model server.
29:33 So the idea is, is that, I can take the binary output of a model, in there's TensorFlow or whether it's a PyTorch or whether it's an Onyx model.
29:44 And for those who don't know what Onyx is, that's the open neural network exchange, which is a standard Microsoft put together for, models.
29:51 so it's sort of like a universal model standard.
29:54 And just like in, in, in, XKCD, it's like, there's too many standards.
29:59 We need a new one to bring these all together.
30:00 Onyx has created yet another standard.
30:03 yeah, exactly.
30:05 This is what always happens.
30:06 Right.
30:07 but Redis supports those three, model types.
30:09 So you can take an Onyx model, for example, and load it into Redis, and then you can use Redis commands to, to execute that model.
30:15 And, so it, it provides a nice little abstraction.
30:18 And the thing that's cool here, I think, is that, normally if you want to bring AI into your application as a developer, you got the data science team.
30:26 They build, they do their thing.
30:27 They build their, models and you get, these binary files out and then you need to bring them into your application some way.
30:33 And there's a few ways to do that, right?
30:35 You can, you can just wrap it up in a, in a, you could containerize it and make a little flask app around it, which is a really common solution.
30:41 there are, other model servers.
30:44 You can just put it right in your application, but then you have to use Python.
30:48 which, is well, not a terrible problem.
30:50 It can sometimes be a problem.
30:51 Yeah.
30:52 If you're not using Python, you might see it as a, like, wait a minute, this is going to be a big change.
30:56 And so, the thing that gets me excited about Redis AI, which is kind of not the thing that gets my bosses excited, but it's the thing that gets me excited.
31:02 Is that, because we support Onyx, the data science team can build their model and convert it to Onyx.
31:08 And they sort of have a universal standard so they can pick whatever tech stack they want, as long as they can spit out an Onyx model.
31:14 And then Redis, Redis being Redis, it's got a client for every language under the sun.
31:18 So if you're, you know, using Haskell, for example, you know, there's a, there's a Redis client for, I don't know that there's a Redis client for Haskell, but I would assume there is.
31:26 It's, it's, it's, it's, odds are there is.
31:28 then you can get to that model from whatever language you're at, regardless of what that data science, you know, how amenable to data science tooling that platform is.
31:39 And so it creates a nice architectural layer of abstraction.
31:42 And so that's actually what I think is kind of cool about Redis AI.
31:45 it just provides that, that, that abstraction that makes the developers and the data science folks both not have to, well, speak the same language in a lot of ways.
31:53 Yeah.
31:53 That that's really neat.
31:54 And it sounds to me a lot like what ACP APIs did previously.
31:59 Right.
31:59 And if you wanted to talk, talk to somebody instead of directly, you know, plugging in that library or exchanging some binary data, you like, all right, everybody's going to just agree on JSON.
32:09 Why didn't they agree on dates?
32:10 But come on, other than that, it's working out just fine.
32:13 We're just going to exchange this and, and that'll be the way we can talk to it.
32:16 And nobody worries about what language you're using to consume the API.
32:20 It's like, that's your problem.
32:21 Hopefully your language has a nice way to do that.
32:23 Yeah.
32:24 It's, it's, it's a similar thing.
32:26 the other thing it does, which I think is kind of interesting is that it introduces a new data type.
32:31 So the models as inputs and outputs take tensors.
32:34 They can put in a couple of tensors as input, your model or one or however many you need.
32:37 And then your output would be whatever tensors make sense.
32:40 And, and a tensor is just a, you know, I don't know.
32:44 I think, I think the word tensor is, I'm going to say pretentious.
32:46 I'm probably going to anger a lot of people by saying that, but cause really what a tensor is in practical terms.
32:54 It's just a multi-dimensional array, right?
32:56 You know, you got a tensor that's got a particular shape.
32:59 It's just like, well, this is an array that's 10 by five by three and it's made up of ints.
33:04 And that's all a tensor is.
33:06 And so it sounds all mystical, but it's really just a multi-dimensional array that's being handed in.
33:10 but because tensors tend to be the things that are put into and taken out of machine learning models, Redis AI has a tensor data type.
33:18 And so you could use that capability in Redis as well.
33:21 If you needed to store multi-dimensional arrays in Redis, you've got a type that does that now.
33:25 And so even if you didn't care about the data science, the, the, the, the predictive capabilities, the model hosting, that's the word I'm looking for in Redis AI, you can still use the tensors for various data storage uses.
33:36 Yeah.
33:37 So.
33:37 Yeah.
33:38 Okay.
33:38 Interesting.
33:38 Yeah.
33:39 So you kind of hijack the data type as well.
33:40 Yeah.
33:41 So this looks really interesting.
33:42 I think it's, yeah, people should check it out if they're doing machine learning and sharing their models across different technologies or processes.
33:49 Yeah.
33:50 I mean, I'm obviously excited about it.
33:52 Yeah.
33:52 So I'm excited because I'm, I use multi-dimensional arrays and now I can call myself a data scientist.
33:58 That's right.
33:59 There you go.
33:59 Awesome.
34:03 All right.
34:03 Quick follow-up before we get to the extras and the joke.
34:06 I'm more, more of a mad data scientist.
34:09 Yeah.
34:09 Yeah.
34:09 Dune Army Captain says, sorry, I'm late.
34:13 It doesn't depend upon optionally auto merge.
34:15 If CI passes.
34:16 Yes.
34:17 But you got to have CI running on that project.
34:20 And so like, if you've got, you have a 30, 40 repositories that have courses.
34:26 I don't set up CI for the course.
34:28 Like what does it even mean to have CI for the courses?
34:30 But I get depend about stuff all the time on that because, you know, it's checking the repository for the requirements file.
34:36 So, you know, sometimes you can get it to auto merge, but you know, there's certainly circumstances where it doesn't.
34:42 If it would just put it in one PR, here's the 10 changes.
34:45 Like I put that actually as a issue on the pin to bot itself and people upvoted it.
34:50 Comment it like, yes, this please.
34:52 But apparently not yet.
34:53 Anyway, what Anthony's done is pretty excellent.
34:56 Hi, Brian.
34:57 That's it for all of our main items, right?
34:58 Unless I lost track.
34:59 Yeah.
35:00 Got any extras you want to throw out there?
35:02 I don't.
35:03 I've just been working a lot.
35:04 How about you?
35:05 I've got extras.
35:05 I've got plenty.
35:06 So recently did a cool episode over on Talk Python about diving into the get, the dot get folder and like all the internals of what get does there.
35:15 And what all those pieces mean, if you want to go in there and look and see how basically understand how get itself works and then all the storage stuff, like how they all come together.
35:22 And one of the things that got a nice shout out there is get for windows at get for windows.org.
35:27 There's like a special version to install for get.
35:31 I think this actually might have come from Chris Moffitt even as a sort of follow on conversation or something.
35:36 But wherever it came from, if you're doing windows and you want to install get, this is kind of a cool way to do it as well.
35:41 If you're not doing something like choppy.
35:42 I use it every day and it's get for windows.
35:45 Yeah, it's a requirement.
35:46 Yeah.
35:46 Nice.
35:47 Yeah.
35:47 Very cool.
35:48 JupyterLab three is released.
35:51 So this one comes to us from Alan Hanson.
35:54 And thanks for pointing this out.
35:56 It's a little bit, a little bit old, a couple, a couple months, but still very cool that JupyterLab three is out.
36:01 You can check it out and see all the new changes that come along, including a debugger.
36:06 A debugger.
36:06 How about that?
36:07 Table of contents, multiple languages, all sorts of cool stuff.
36:11 So this looks like a major release.
36:12 And if people who love JupyterLab should check it out.
36:15 We'll be too long until it's PyCharm.
36:17 Yeah, that's right.
36:19 It's not, it's on its way.
36:20 And speaking of PyCharm, I've got some on that.
36:23 Brian skin also did a follow-up to not the previous episode, maybe the one before that,
36:29 where we were talking about like, you know, really it's great that I think this is when we had Sebastian Ramirez on
36:35 and we were talking about Google becoming a visionary sponsor of Python, which is great.
36:41 And it's really cool that a couple of companies have done that.
36:43 But then we also pointed out that, you know, Bank of America has like insane amounts of stuff that they depend upon.
36:50 JP Morgan Chase, their core trading engine.
36:53 Some of it is all by like some of these companies that make huge amounts of money and fundamentally depend upon Python itself.
37:01 I generally don't support Python.
37:02 I mean, I don't know the degree to which those two companies do, but you don't see them like at the top of those sponsorship lists.
37:07 And, you know, like Google's was something like $300,000 a year.
37:11 That's the biggest corporate sponsor in the world.
37:14 Right.
37:14 Can we do more?
37:15 So Brian skin said, Hey, I wrote a letter for people.
37:18 And he shared it where it just is mere recipient.
37:23 Given the appreciable business value that we derive from Python and its related scientific tooling over the last few years,
37:29 at no direct cost to the company, would there be room for bracket company to contribute financially to the 501c3 organizations that support these tools?
37:39 Here's a list.
37:40 Here's how.
37:41 And basically it wrote like a template letter that you can send to your company decision makers to help encourage them to support Python and other open source projects.
37:50 Yeah, this is great.
37:51 So well done, Brian.
37:53 That was pretty cool.
37:53 All right.
37:54 Django 3.2 long term support releases out.
37:57 So if you're on a slow roll with Django, you're ready to roll on the new version.
38:03 So this is something you can safely adopt for the next three years and stay happy, but on a brand new version of Django.
38:10 So check that out.
38:10 PyCharm.
38:11 There you go, guy.
38:12 I told you it'd come out.
38:13 PyCharm 2021.1 is out.
38:16 And they've got some really cool stuff in here.
38:19 Really neat things, including the Code With Me stuff is now out.
38:23 So Code With Me is I fire up PyCharm or any of the IntelliJ based things.
38:28 And I say, hey, I would like to say program with Brian.
38:31 Brian, can you help me work on the Python Bytes website?
38:33 So I could send you a link.
38:34 And then we would both have like Google Docs, but in PyCharm, like where we see each other typing.
38:39 We can follow each other along.
38:41 You can debug the code, but it's running on my machine, for example, even as voice call, video call built into PyCharm alongside that.
38:48 Really?
38:48 It's like a Skype client?
38:49 It actually looks like Skype.
38:52 I couldn't be sure because I haven't tried it yet, but I looked at the UI that you get.
38:55 It's like a little in a panel.
38:56 It looks like an embedded Skype.
38:58 Interesting.
38:59 Yeah.
38:59 Yeah.
39:00 All right.
39:00 Well, those are all the extra things for me as well.
39:03 Well, I wanted to bring up, so you reminded me of that, the Google fund thing that when adding, you know, Google give PSF a bunch of money.
39:13 Well, what the PSF is doing with it is they're hiring a developer.
39:17 So I'll drop the link.
39:19 So PSF is hiring a developer in residence to support CPython.
39:23 So this is a good thing.
39:24 Yeah.
39:25 Awesome.
39:25 That's really cool.
39:26 Ding Langsam also says PyCon IL is in a month.
39:33 So, yeah.
39:33 Awesome.
39:34 Check that out.
39:34 And then he also asks about what about the in-browser PyCharm, which we did cover, but that was in some kind of experimental phase.
39:41 I would definitely, if possible, recommend this Code With Me thing over that because then you get the real PyCharm.
39:46 It just happens to be like this live exchange.
39:49 Whereas the other one, there's a lot of setup and whatnot.
39:51 And it had the, this is a private, not necessarily private, but this isn't a beta, don't depend on it sort of way.
39:57 But this is officially this other thing is released.
39:59 Guy, anything else you want to throw out there for the world, for the listeners while you're here?
40:03 Nothing really comes to mind.
40:05 But thanks for having me.
40:07 I see on our schedule we have a joke coming next.
40:10 Is that true?
40:11 We do have a joke coming next.
40:12 We actually have two, I believe.
40:14 I'm going to fire up mine first.
40:16 I have a joke as well, if you don't mind.
40:18 Don't worry, it's safe.
40:19 That was perfect.
40:21 All right.
40:21 So, Brian, you're a fan of Vim, right?
40:23 Yes.
40:24 Okay.
40:25 So, Anthony Shaw, same Anthony Shaw as the depend a lot bot we were just talking about, wrote a little one-liner that fits nicely in Twitter.
40:34 Vim, colon, the original escape room.
40:36 That's an old joke.
40:39 I love it, though.
40:41 I love it.
40:42 And, of course, you put it out on April 1st because you've got to do something funny then, right?
40:45 Yeah.
40:45 And how about you?
40:46 You got one here?
40:47 Oh, yeah.
40:48 We just added it.
40:49 So, this is awesome.
40:52 So, the H in software development stands for happiness.
40:55 Nice.
41:02 Yeah.
41:02 Dean also just wants to point out that IL is Israel, which I did think that was, but I wasn't 100% sure.
41:08 So, I wasn't sure if that was Israel or Illinois.
41:10 Yeah, yeah.
41:12 Israel.
41:12 Perfect.
41:13 I would love to go there, but probably not traveling right now.
41:15 I will get to go there eventually.
41:17 That's actually where Redis Labs is headquartered.
41:19 Oh, is it?
41:20 Interesting.
41:21 I've had some really great vacations in Tel Aviv hanging on the beach that I can't wait to get back.
41:25 All right.
41:25 God, how about you?
41:26 I thought you were excited to go to Illinois.
41:28 Yes.
41:30 You know, Chicago would be nice, maybe.
41:32 Yeah.
41:32 Oh, yeah.
41:33 Nice place.
41:33 I just can't wait to get to Peoria.
41:35 Yeah.
41:35 Well, I've spent a lot of time in Peoria.
41:39 Yeah.
41:40 But I probably hit my lifetime limit.
41:43 I don't need to go.
41:44 I wouldn't take a vacation there.
41:45 It's a nice place, but I wouldn't go travel to it.
41:48 Yeah, yeah.
41:48 So, my joke is, well, it's for you, for you all.
41:53 What would be a pirate's favorite programming language?
41:57 Pirate's favorite programming language?
41:59 See?
42:00 Ah, you ruined it.
42:01 You had to ask me.
42:06 I'm sorry.
42:06 So, the way it's supposed to go is, I say, what would be a pirate's favorite programming
42:10 language?
42:10 And you both, in simultaneous, I go, arrr, right?
42:13 Arr.
42:14 Right.
42:14 Because, or incident.
42:15 Oh, yeah.
42:16 And then the response for me is, you might think it'd be R or maybe, but his first love
42:21 be the C.
42:22 Oh, man.
42:23 Oh, and the audience of the chorus is calling out R.
42:26 Should have looked down.
42:28 It works great live, because, you know, you get an audience, they'll shout back the answer.
42:33 Yeah.
42:34 Because they just can't help themselves, and then you surprise them with the twist.
42:39 Well, it was a trick question, because R is not a programming language.
42:42 Well, it's been nice talking with you, Brian.
42:49 I saw one I would want to work in, honestly.
42:56 I mean, I know it's popular, was popular in a data science stack, but it's, I mean, it's
43:01 got one-based arrays.
43:02 I mean, that's right up there with BB6.
43:04 I've never even tried it.
43:07 I just, I haven't made anybody mad today, so I needed to fill my quota.
43:11 It does have, like, web clients and stuff like that, so you can build web servers.
43:15 It's a full-fledged language.
43:16 But I've never done anything more than attend a one-hour talk on the language.
43:21 Yeah.
43:21 Yeah, I haven't either.
43:22 All right.
43:23 Well, Guy, thanks so much for being here with us.
43:26 And Brian, as always, great to get by them with you.
43:29 Good to talk.
43:29 Yeah, thanks for having me.
43:30 Yep.
43:31 Thanks.
43:31 Thanks everyone for the live stream as well.
43:33 Bye, all.