Brought to you by Michael and Brian - take a Talk Python course or get Brian's pytest book


Transcript #268: Wait, you can Google that?

Return to episode page view on github
Recorded on Wednesday, Jan 26, 2022.

00:00 Hey there, thanks for listening.

00:01 Before we jump into this episode, I just want to remind you that this episode is brought to you by us over at TalkBython Training, and Brian through his pytest book.

00:10 So if you want to get hands on and learn something with Python, be sure to consider our courses over at TalkBython Training.

00:17 Visit them via pythonbytes.fm/courses.

00:21 And if you're looking to do testing and get better with pytest, check out Brian's book at pythonbytes.fm/pytest.

00:28 Enjoy the episode.

00:29 - Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to your earbuds.

00:34 This is episode 268, recorded January 26th, 2022.

00:39 I'm Michael Kennedy.

00:40 - And I'm Brian Aiken.

00:42 - And I'm Madison Swain-Bowden.

00:44 - Hey Madison, great to have you here.

00:46 - So fantastic to be here.

00:48 - Yeah, yeah, we talked to you before PyCascades, where you were on the hosting side.

00:53 - That's right, tables are turned a little bit, yeah.

00:55 - They absolutely have.

00:57 So why don't you tell folks about yourself before we jump into the news.

00:59 - Thanks, yeah, I am a senior data engineer at a company called Automatic.

01:04 We do WordPress, which is surprisingly, I recently heard that it backs 40% of the internet.

01:14 And so that was really surprising.

01:15 - So much of the world is on WordPress.

01:16 It's unbelievable. - I know, I know.

01:19 Yeah, and I work with the Openverse team there, which I'll talk about a little bit later in the show.

01:23 - Yeah, fantastic.

01:24 - Cool. - Yeah.

01:25 So Brian, shall you kick us off on the first thing?

01:29 - Yeah, sure.

01:30 - Something about parentheses.

01:31 I like Python 'cause it generally doesn't have that many parentheses, but you were gonna tell us that it should have more.

01:36 - Yes, well, we have more function calls, right?

01:39 And tuples.

01:40 So actually, because there's function calls and tuples, both use parentheses, there's a confusion that happens.

01:46 And so I just saw this the other day, a pep 679 was added, submitted by Pablo Salgado.

01:54 Salgado to allow parentheses in the assert statements.

01:59 So what happens like currently, I don't know if there's examples in here, but what happens currently is if you call assert, you're not supposed to use parentheses.

02:10 Actually you can't right now.

02:12 You can, but it's wrong.

02:14 So if you--

02:14 - It's one of those princess bride things, like that doesn't mean what you think it means.

02:18 - It doesn't mean what you think it means.

02:20 So what happens is you give assert, asserts a statement within Python, you give it an expression to evaluate, and you can also give it a comment, like a string to add a message if the failure happens.

02:36 But what happens is sometimes people think it's like a function and put those within parentheses, and it looks like a function call, and it looks visually fine, but what happens is it doesn't matter what the expression evaluates to, because it's a two value tuple, and especially if you got a string in there, the string's not non-zero.

03:00 - Yeah.

03:01 - So the tuple evaluates to a true value, and your assert never fails.

03:05 And--

03:07 - The tuple is never none, and so you're good to go.

03:10 - Yeah.

03:11 - Well, it's a good way to have some passing tests.

03:12 - Yeah, I feel like this is one of those Python gotchas.

03:16 Like if you have one, and if you assign a variable to one comma, then you get a tuple instead of just the one, right? - Yes.

03:24 - And particularly with print being changed from a statement to a function, I think it like makes a lot of sense for people to assume that assert is also a function.

03:34 And it's kind of an odd duckling in the language because it is just a keyword.

03:39 - So this pep is just to say, let's allow both.

03:42 Let's go ahead, because right now there's no real reason to pass in a tuple as a full expression.

03:51 It just doesn't, it's always gonna be true.

03:53 It's a no op.

03:54 So let's go ahead and add that to the language and allow people to call it as a function if they want to.

03:59 And there's ASTs around it to make it basically be the same thing.

04:06 I think this is a no brainer.

04:07 I think we should just get it done as soon as possible.

04:10 Hopefully we can get it in to then 3.11 or 3.12 or something like that.

04:14 I wonder too if having it as a function might help with autocomplete and some IDEs.

04:21 Because I think right now when you do the assert, you don't get that suggested arguments or suggested parameters that you do with a function.

04:30 So it might help there.

04:31 >> Yeah.

04:33 >> If you're trying to put too many things in there, it won't tell you.

04:36 >> Exactly.

04:36 >> That it's wrong, all those things.

04:37 >> Yeah. Hopefully, this will go through.

04:40 >> I hope so as well.

04:42 So let's talk about LocalGhost.

04:44 So LocalGhost is a blog by, let me get the name right here, by Sophie Kunin.

04:52 And she blogged or wrote about everything I Googled in a week as a professional software engineer.

04:59 >> Oh, cool.

04:59 >> So I wanted to highlight this because there's a lot of folks out there who listen to the show and just are in the industry who feel like they don't quite add up, or they don't belong, or whatever, because they feel like they get stuck and lost and banging off things, you know?

05:13 And I can tell you, we were just talking about it last time with a joke, right, Brian?

05:17 Like, I hate programming, I hate programming, I hate programming, it works, I love programming.

05:20 But the hate part, there's a lot of searching, a lot of Googling and bouncing around from that.

05:25 And so here's just another pro software developer, pro in the sense it's her job, and she's been doing it for a while.

05:32 And it just talks about like, okay, what did I do?

05:35 So what she searches is slightly different than what we would search because she mostly is a front end and node, mostly JavaScript type of developer, but it doesn't really matter.

05:45 You can sort of see there's some basic stuff.

05:48 NPM React testing library.

05:50 And what's nice is she puts a little comment behind a lot of these like, why did she search for this?

05:55 Not just the word.

05:56 Like during a React upgrade, looking at dependencies to see the latest versions and checking for breaking changes.

06:01 And then React Apollo release notes, totally normal.

06:04 And then undo a rebase, oops.

06:09 I think we've all been there.

06:11 - Yeah, exactly.

06:12 Or just silence warning.

06:13 Or maybe it's undo commit.

06:15 No, what did I do?

06:16 I can't push this.

06:19 Just silence warning.

06:20 Don't judge me, okay?

06:22 So there's a bunch of interesting things and it kind of goes along there.

06:26 So you all can look through it.

06:27 I don't want to go through all the details because there's just a lot of stuff.

06:30 What were you going to point out there, Madison?

06:32 - No, it's just a lot of fun and interesting searches.

06:35 And I think like if we were all to do this sort of analysis for ourselves, it would be kind of an interesting retrospective.

06:40 >> It would be super interesting, yeah.

06:42 Like what surprised you most about your search history?

06:44 Let's see, there's a few, I think one on Friday down here at the end of the week.

06:49 That was, yeah, I put my notes, I'll pull it up down here.

06:53 So one that I thought was interesting was she searched for expecting a parsed GraphQL document.

07:01 Perhaps you need to wrap the query in a string, quote, GQL tag.

07:06 And the content of that's not super interesting, but what that is is exactly an exception message, right?

07:13 In some sort of code.

07:14 And for people who don't do this, you should take the error messages and put them straight into Google or straight into DuckDuckGo or wherever you put search things.

07:22 And it is so good.

07:23 - With quotes. - With finding the problems.

07:25 With, yeah, exactly.

07:26 And maybe quotes on the really important bits, right?

07:28 Like I really wanna make sure it's GraphQL and not some other document or something.

07:31 - I would say half the time when I do that, it takes me exactly to the GitHub issue that describes the problem that I'm experiencing.

07:38 - It's surprisingly effective, isn't it?

07:42 - Absolutely.

07:43 - It's like, why is this work so well?

07:44 The thing that blew my mind most once is I had a friend, this is way back, I mean, we're talking like early 2000s.

07:50 He was using Outlook, don't judge him, it was a long time ago and he was using Outlook and it was just stopped working.

07:56 It gave him some weird error that had almost no message, just a number.

07:59 So I just searched Outlook, that number and boom, here's the exact fix.

08:03 It's just like, are you kidding me?

08:04 - Absolutely.

08:05 - Yeah, I love it so much.

08:07 A couple others, semantic HTML contact details.

08:10 Wanted to check if address tag was relevant here.

08:13 I highlight that because here's somebody who's a professional HTML developer, basically doing front end stuff.

08:19 And still they're Googling to see, does this address tag match here?

08:22 Like, should I use this block, this HTML tag in this situation, right?

08:27 So it's, even if you work in stuff day to day, there's stuff that you just go, like, I'm just gonna leave that to the search engine and distributed cognition and not have to, you know, memorize every detail of what I'm working in.

08:39 And then finally, I just thought this was fun.

08:41 Editing host file.

08:42 This was the search, not the action.

08:44 Desperate times and it didn't even work.

08:46 (laughing)

08:46 Was the comment.

08:47 - No.

08:48 - Anyway, I think this is fun and I thought I'd just share it because I think it's interesting for people to compare notes.

08:55 - One of the things I've noticed recently was I, I don't remember the exact way you're supposed to get to GitHub repos.

09:04 So I usually just Google GitHub and then my repo name just to get to the repo.

09:09 - Exactly that, yeah.

09:10 (laughing)

09:12 - Nice.

09:14 - Well, and a lot of times I search for like a project and then it brings up like PyPI or some other, like the read the docs.

09:20 I was like, no, I want GitHub, take me to GitHub.

09:24 - Yeah, I'm always like, all right, fine, I'll click the PyPI so I can click on the source code.

09:27 - Exactly, exactly.

09:28 How many links do I have to go through just to get to the repo?

09:30 - Exactly.

09:31 I know I'm two clicks away.

09:32 That's good enough. Let's do this.

09:34 >> Yeah. I have a couple of thoughts on this.

09:36 >> Yeah. Tell us.

09:37 >> First of all, localghost.dev is an amazing domain name.

09:41 I absolutely adore that.

09:42 The second is, it's really great seeing articles and posts like this.

09:48 I see a lot of seniors, particularly senior women and others underrepresented minorities talking about this sort of thing.

09:56 I think it really helps to dispel the myth that you have to be an expert who has every command for every utility memorized in order to be a senior dev.

10:05 A lot of us are doing these sorts of Googles, right? We're looking up the function signature for something that's in the standard library. We're all doing this. And so I think it's really valuable to share something like this, particularly for people who are new.

10:23 Yeah. Some of the best skill acquisition isn't memorizing things, it's remembering that the the feature was there.

10:29 - Exactly.

10:30 - So you could look for it.

10:31 - Yes, yes.

10:32 - Right, exactly.

10:33 I need to know just enough that I can Google it to get to where I wanna be, absolutely.

10:38 And Johnny out in the audience also thinks this is interesting, yeah, we all think this is great, fantastic.

10:43 All right, I did give a quick shout out to PyCascades previously, Madison, you wanna tell us about your first?

10:47 - Yeah, I wanted to share about it.

10:49 So PyCascades is coming up in less than two weeks, which is really exciting.

10:53 We have another year of just excellent and diverse talks from an array of different subjects and expertise levels.

11:01 Last year we were online and we're going to be online again this year using the same platform that we did last year and a lot of people really enjoyed that platform.

11:10 So we're excited to use it again.

11:11 We're hoping to do some watch parties in Seattle, Portland and Vancouver, but unfortunately reality wanted us not to do that.

11:21 We opted against that.

11:22 - Reality intruded, yeah.

11:24 But we're so excited to be doing this again this year.

11:27 And one of the things that I'm really excited about is that we have the PSF's Diversity, Equity, and Inclusion Working Group doing a meet and greet as sort of our first event on Saturday.

11:40 And so they have a form that they are sharing for just trying to understand the landscape around diversity in the Python community.

11:50 And so we have that linked in the show notes if you would like to fill that out.

11:54 And we're gonna have socials on Friday and Saturday night.

11:58 And we had a DJ last year.

12:00 We're hoping to have a DJ again this year on Friday night.

12:03 And then we'll be doing sprints on Sunday.

12:05 And tickets are still available.

12:08 We'll be selling them throughout the event too.

12:11 So, 'cause it's a virtual event, it's not like NFTs.

12:14 There's no digital scarcity with these.

12:17 So please feel free to buy a ticket whenever you have a chance.

12:20 And we hope to see you there.

12:22 on yeah that's a fun commerce I've enjoyed going to it when it was in person so it's cool it's all going I can't wait for it to get back to being actually in person I know I know we were hoping we're hoping to dip our toes into it this year but just wasn't going to happen and I should also mention too we're having talks from um some well-known folks in the in the Python community like Thursday Prom and Jay Miller who I know you had on um talk Python to me recently yeah just - Yeah, very recently.

12:49 - Yeah, yeah, and we have some first-time speakers as well, like Joseph Riddle and Isaac Na.

12:53 So there's a lot of really great talks that we're looking forward to.

12:59 - Yeah, super.

13:00 - Cool, cool.

13:00 - All right, Brian, back to parentheses and stuff?

13:04 - Yeah, well, maybe not parentheses.

13:06 - Sort of.

13:07 - But yeah, kind of.

13:08 - Stuff that happens between parentheses.

13:10 - So this interesting article by Seth Larson that I ran across that says strict Python function And I thought strict, what do we mean by strict Python function parameters?

13:21 And the idea is, let's put everything together.

13:25 So we have, we've got keyword only parameters, and that's a little small on screen, but keyword only parameters is where you can put an asterisk in the middle of your parameter list, and it says that everything after that has to be a keyword.

13:44 It can't be, you can't pass that in as positional.

13:49 And I'm not sure exactly how that works really, but it's kind of, it's useful.

13:54 And then you can also put defaults in there, of course, for things.

13:59 And it's just that separating of where your keyword positional and keyword arguments go.

14:04 And it's a cool thing.

14:06 That's helped allow people to add parameters before.

14:10 So this was a nice addition.

14:11 And then also we've got, those are keyword only parameters.

14:14 We also have positional only.

14:16 So with the slash, you can say everything before the slash is a positional only.

14:23 You can't pass it in as a keyword parameter.

14:28 And it's, the natural progression is, hey, let's just do both of them at the same time.

14:36 And I didn't actually, for some reason, I didn't realize you could do this.

14:39 - I didn't either, yeah.

14:41 And so what, so then you're going to have your positional parameters first, and then a slash and then a star, and then you'll have, and then all your keyword parameters after that.

14:54 What happens then is you're, both of them are true.

14:59 So you have to, you have to have the positionals first, and then the keywords after.

15:04 And, and so what's the benefit?

15:06 This, this just, it looks like added syntax to confuse people.

15:10 but there are a lot of benefits.

15:12 One of the benefits is really that your documents and your code and your example code and all examples people look, if they look up some other GitHub repo or something using your API, all the examples are gonna look kind of the same.

15:26 And this is sort of something we're used to in other languages.

15:30 I was actually surprised in Python that you could rearrange your input arguments, especially the keyword ones, you can rearrange them and they work fine, but it's confusing sometimes.

15:41 And I just actually think this is kind of a neat idea.

15:46 I think that especially for API or, you know, library API entry points, doing something like this might make complete sense.

15:53 And it's something I'm gonna look into considering just to make sure people use something consistently.

15:59 The article also goes through a thing about empowering library authors to have flexibility to change things.

16:07 and it's a good thing to read up on.

16:09 But I was curious what you guys thought about if I were having, had an API or you were looking at API and it had this slash star in the middle of everything, what would you think?

16:19 - I mean, I really like this concept and I'm glad that it's a feature of Python because of that uniformity that it can create.

16:27 I've never had an opportunity where I felt like this was something that I really should use, but I think that's a large part because all of the stuff that I work on is usually internal tools.

16:38 And so even if it is open source, there's not like a public API that I'm building.

16:44 And so that uniformity-- - Right, if you're consuming it versus creating it for others, it's very different, right?

16:48 - Exactly, exactly, yeah.

16:49 And so I think it's always a good thing to keep in the back pocket when you have a particular contract that you really wanna enforce with how functions are used and keywords and whatnot.

17:00 - Yeah, I also am glad that it's here.

17:03 And for the same reason as Madison, I don't use it very often because to the extent that I do make open source libraries that are pretty basic and don't have tons of tutorials or anything about them, maybe I should think more about this, honestly.

17:16 But I do like the idea that you can say, no, this is going to be like this specifically for certain things.

17:23 And say, this stuff you cannot use as a keyword argument, you have to just pass positional.

17:26 This stuff you must, it has to go in this order and so on, yeah, I like it.

17:30 - Yeah, one of the things I see is people looking at other examples and saying like, so if you just have normal arguments, they can be, you can pass them in as keywords even if most people use positional.

17:50 And then you can reorder the keywords and put them in a different order.

17:53 And then somebody else might look at your code, copy it and then take off the keywords and now they're in the wrong order.

18:01 and that'll mess things up.

18:03 This is a Dean added comment of, so def underscore, yeah, star, this is a legit syntax.

18:13 That's funny.

18:14 I can't even read that out loud.

18:15 It's so confusing.

18:16 - Looks like code golf is what it looks like.

18:19 Goodness.

18:20 - So anyway.

18:21 - I think it's like typing in the sense that it's a good feature that's there and it can be helpful for making things more explicit in Python.

18:31 But part of the power of Python is that it's very versatile and approachable.

18:36 And so I think it's nice too that it's not like this is something that you are required to do for every function that you write.

18:43 - Yeah, yeah, I do like the flexibility there.

18:46 All right, let me tell you about something that seems a little bit contrary to the Python way, but I think people will find useful.

18:55 So over on pypi.org, we have 350,000 plus packages, which is utterly mind blowing.

19:02 I remember when it was 75,000, and I'm like, wow, look how many there are, it's insane.

19:08 So a lot of the superpowers of Python is the ability to use these packages, and people will say, I'm using Python because it's really great at working with Excel files.

19:18 Well, like, Python's not actually good at working with Excel files, but there are many libraries for Python, which that's true, right?

19:25 And so you have this sort of spectrum of like, what do people mean when they say like Python is great?

19:29 But I do think these packages clearly are super important.

19:32 So why do I bring this up to start the section off?

19:35 I wanna talk about a way to not use PyPI, but still do some cool stuff.

19:40 There's this thing called Murek, as in small requests over here, created by, I got a name.

19:47 Yes, if it pulls up, Shriram.

19:51 So very cool project here.

19:53 And the idea is it's request-like, not a drop-in replacement for requests, but like requests with limited features.

20:00 But if you're using a limited subset of what requests could do, you could use this library and have zero external dependencies, no virtual environments required, no pip install -r or friends required, and just have like a real simple thing and not have to fall back to just urllib, which is pretty cool.

20:18 So it does standard stuff.

20:21 I would recommend maybe even from, you know, import Murek as requests and then request.get.

20:29 - See what breaks, yeah.

20:30 - Yeah, exactly.

20:31 I mean, and then see if it works or not.

20:33 So it does have some limitations, quite a few actually.

20:37 Like it doesn't support connection pooling, for example.

20:39 But if you do request.get, neither does that.

20:41 You have to create a client session and then use the session to do get and so on if you want, you know, connection pooling.

20:46 Apparently uses a lot less memory.

20:48 But the main reason besides just convenience of like, I want to give you a Python file you can run or a set of Python files you can run the top level one without any external dependencies.

20:59 So that's pretty nice.

21:00 The other one is to avoid supply chain attack vulnerabilities, right?

21:04 We've talked before about people putting malicious stuff into PyPI.

21:09 We talked about the guy, Marek, I believe it was, who had like sabotaged his NPM packages and those kinds of things.

21:16 And you know, the cascading change of like the super dependencies in the JavaScript world meant that was really, really bad, right?

21:22 So here's a way you could put something that does requests like things into your code and it doesn't have any dependencies, it doesn't have, there's no way someone's going to take over that account and put something malicious there or even maybe worse is like the dependency of the dependency of the dependency is where the problem is, yeah?

21:38 So-- - Yeah, I think security--

21:39 - I think it's pretty interesting.

21:40 - Yeah, security's in a lot of people's minds recently with the Log4J stuff and then, yeah, all of these supply chain attacks that are happening, particularly in the JavaScript space.

21:52 It seems like a lot more happens in that area more so than Python, but I feel like the packaging story is really similar in both.

22:02 So it's useful to take the lessons learned from the JavaScript ecosystem, pull them back into Python.

22:08 I think something like this is really valuable, particularly I know some companies have just very difficult bureaucratic processes to get requirements in.

22:18 And so if you say, this is just this one file, it has this license, we just need this, makes it a lot easier.

22:25 - We can review the one file, it won't auto-update.

22:27 - Exactly.

22:28 - It's gonna, yeah.

22:28 So that's the good news.

22:30 There's a couple of things worth pointing out.

22:32 One over in the PR section is a lot of the stuff inside is not PEP 8 compliant or other stuff.

22:38 So if you drop it into your project, it'll give you a bunch of warnings.

22:41 so you might wanna run like black on it before you put it in your project.

22:44 I did a PR that's suggesting that that should just be part of it.

22:47 There's an ongoing conversation about that.

22:49 Also, it doesn't support a couple of the main methods like .json for consuming APIs and raise for status, which if you don't get a successful status, it'll raise an exception so you don't carry on with bad data.

23:02 So those two are really good.

23:03 The raise for status is supposed to be put in soon.

23:06 The JSON one is up for debate.

23:09 With all that said, I have a branch that has all those fixes as a PEP8 compliant, f-strings, has those two functions that you might use.

23:17 So you can, people can use that as well if they want.

23:21 - Did you put a PR to get those back in?

23:23 - Oh yeah, yeah, that's what I was pointing out before.

23:25 I absolutely, yeah.

23:26 They're not, I'm debating with the author whether or not he thinks that those are appropriate to add to it.

23:33 - Maybe you could rename it medium rec if.

23:35 - Medium sized rec.

23:38 So anyway, it's not super important.

23:40 It's not that big of a deal, but I mean, you know, the effect of actually adding those, they're not huge amounts of code that you've gotta add to make this happen.

23:49 Like the JSON one is literally one line of code.

23:52 You know, you could take it, I mean, do you count the function definition as a separate line?

23:56 It's two if you gotta count the def, but it's like super, super small.

23:59 So people can grab mine and they can add it or they can grab theirs and then add it, whatever.

24:04 So, that's the good news.

24:05 fork the project and make Mewtwo wreck.

24:08 (laughing)

24:09 - Right? - So much more Mew.

24:11 Yeah, exactly.

24:12 Now, here's the reality of what I found.

24:15 I have a lot of projects that have 10, 20 dependencies because they're tens of thousands of lines of code and they do a lot of stuff.

24:22 Every single one of those where I thought, oh, this would be kind of fun just to cut down on the dependencies and the dependencies of the dependencies 'cause what I do with the requests is real simple.

24:29 Usually call an API, get some JSON, get some values out of it.

24:33 It'd be nice to do something like this.

24:35 The reality is so many things depend upon requests.

24:39 Sentry, for example, depends on requests.

24:43 MailChimp's API depends on requests, and et cetera, et cetera, et cetera.

24:48 So by the time you get a project built up with other stuff, it's already got requests required and installed and so on.

24:55 So it's like, this is for like a smallish app that doesn't have really many other dependencies that I think this makes a lot of sense for 'cause if you depend on a lot of things, you're gonna end up with requests as a dependency real quick.

25:06 - Yeah, that's a really solid point.

25:07 - Yeah, thanks.

25:08 Lastly, for people out there listening, wouldn't it be fantastic if a request itself offered an official mini request and HTTPX offered a single file version and AIO HTTP client offered a single file version?

25:23 Like, yeah, it only has 80% of the functions, but if those functions don't have dependencies, maybe just drop those in.

25:31 I don't know, it would be great.

25:32 One of the things that I like about actually alternatives, either within a project itself as an alternative or these forked projects that have the same API is they might have benefits.

25:43 And so, but you have to weigh those.

25:47 So it does encourage actually a nice software design of a couple of things.

25:52 One of them is isolate your dependencies to as few files as possible.

25:57 So if you only have one of your modules accessing requests, then you only have one place you need to change it to this new module import.

26:05 - Yeah, absolutely.

26:06 - The other thing is testing, testing your behavior.

26:10 So instead of implementation, so if you test your behavior and you've got it isolated, you can drop in a thing, run your CI, see if it all works, throw it to a few beta people and run with it if it works.

26:24 - Yeah, quite cool.

26:25 - Now, one thing that can be useful and also potentially extremely dangerous is some Python level capacity for shimming a module.

26:34 So like in the situation that you describe, Michael, where you have a ton of dependencies that all require requests, you could pull in something like murec and then just say, this is a request.

26:48 Python, I want you to think of this as requests.

26:51 But obviously that has, I mean, it's just an idea.

26:53 It has some pretty bad security implications with people being able to usurp that.

26:58 >> Yeah, it may cause some unexpected behavior, but yeah, it's also could be good.

27:03 All right. Just put your entire application inside of a patch statement.

27:08 Now, I'm just kidding. What I'm hearing is that we need to make our entire application one file in every case and that will just solve all the problems.

27:16 >> Just one function actually, just one main.

27:19 >> It's perfect. You don't even need a function in Python, right?

27:23 >> Yeah. Okay. Yeah, no functions.

27:25 - Oh my gosh.

27:26 - Yeah, it just runs once, top to bottom.

27:29 Now I was dreaming of a world where like, there's a simple use case that you don't have to have a bunch of dependencies, but it's probably a little extreme and you don't want to take it very far at all.

27:39 All right, Brian, what you got for the next one here?

27:41 - Oh, this, I'm not--

27:42 - Oh, that's your extra?

27:42 No, Madison, you're taking us out for our main items.

27:46 - Yeah, welcome to Openverse.

27:49 This is not the metaverse, but everything is, You know, I say call the tech industry a song because everything's a verse these days.

27:57 But this is a search engine for openly licensed media.

28:03 This is something that the WordPress community is supporting.

28:07 And so what I mean by openly licensed media is images and audio.

28:13 That's what we have currently, but we're hoping down the line to have things like video, 3D models, text, all assets and media that you can use without having to pay for them.

28:27 And just some licenses require attribution, others don't.

28:31 A lot of them are free for remix and reuse.

28:34 And so this used to be called CC Search under the Creative Commons sort of purview, but they've handed it off to us to help shepherd into the future.

28:44 So if you are looking for content to use on your blog, or your podcast, or anything that you're creating, any content that you're creating.

28:54 >> Your conference presentation.

28:56 >> Your conference presentation.

28:57 >> Your courses, whatever.

28:59 There's a lot of times I'm like, I need an image, I need to be able to use it.

29:03 >> Or a snippet of audio to throw someplace. This is awesome.

29:06 >> Yeah. So I'll show an example here in the live stream.

29:09 I'm going to type Jupiter, and I have to spell it right.

29:12 I typed Jupiter last time.

29:14 Yeah, you just get a bunch of pictures of Jupiter and then also different sound clips that we have mixed in.

29:22 If you want all of the results, you can also filter by just certain media types like seeing just images or seeing just the audio results.

29:29 Then when you click on an image, you'll see the attribution for that image right there alongside it.

29:34 So you can just copy that and put it in your website after you link the image.

29:38 And we have over 600 million images in Openverse and more audio and more images and more just media in general to come.

29:46 Fantastic.

29:47 Oh, and if we search, sorry, if we search Jupiter, there's some fun like conferencey, you know, screenshots.

29:53 So there's lots to use here.

29:56 Cool.

29:57 Alvaro asks, can you search by license type?

29:59 Yeah.

30:00 So I'm sharing this in the live screen, but I heard live stream, but on the right, the first filter that we have is by different license types.

30:07 And a lot of these are, I believe they're Creative Commons license, but not all of them are.

30:12 We have public domain markered licenses as well.

30:16 And then you can search by use too, depending on how you're using that.

30:19 So if you're using it commercially, that's going to have different licenses and implications for you versus modifying and adapting.

30:27 And then we have, I mean, Openverse serves as like an aggregate for different entities that host some of this openly licensed media.

30:37 So things like museums, NASA's photos, that sort of thing.

30:41 And so you can also search by provider too.

30:43 So if you're looking for space photos and you say, I just want NASA's authority on this, then you can sort of filter by that aggregate.

30:52 - Very cool.

30:53 Yeah, this is a constant challenge and it's great.

30:56 Like it's a challenge for blogs, it's a challenge for like all these things, right?

30:59 But it makes perfect sense why WordPress would be interested in this.

31:02 - Totally, yeah.

31:03 And we're hoping to have it integrated into WordPress down the line.

31:07 So if you're working on a WordPress site and you want to add an image, one of the blocks that you can pull up is just search on Openverse.

31:15 And then you pull it in, and it will pull the attribution in with it.

31:17 And you don't have to do a whole lot of extra work.

31:20 So we're hoping that that's going to be coming down the line, too.

31:24 And yeah, it's so easy to just go to Google Images and find an image.

31:28 But it's harder to find the appropriate attribution for that.

31:33 And particularly you can get into some very interesting legal spaces if you're making money off of that photo too.

31:37 - Right, I mean it makes perfect sense if you're like a high school student doing like a research project.

31:42 Who cares, right?

31:43 But it starts to push the limit if you're selling something or you're making a book or whatever.

31:48 - Yeah, one of the things I think is interesting is that the difference between non-commercial and commercial.

31:54 And we think of it like big companies or blogs or something.

31:59 And it's not that cut and dry because like you start, say you're starting a podcast, you start getting sponsors and you're making like five bucks a week.

32:09 That's commercial, but it's not like I can afford a huge license, so yeah.

32:15 - Right, exactly.

32:16 And I mean some of the--

32:17 - And maybe you started non-commercially and then it became commercial, right?

32:20 But you had already used it and stuff like that as well.

32:23 How about a real-time feature request, Dean Langsam asks, says, "I wish it had a, "this is a ping with a transparent background." - I hear it, I hear it.

32:33 I use that feature all the time in Google Images.

32:36 Yeah, we actually just finished a redesign of the site.

32:39 We launched yesterday for this redesign, which is really exciting. - Good timing.

32:44 - But we have, I mean, we have lots of stuff that we want to start adding to this.

32:50 Turns out that making a search engine is not easy, surprise, so there's a lot of work to be done.

32:57 But that's, yeah, that's a great feature request.

32:59 All of this too is a great plug, So thank you for that comment.

33:03 All of this is open source.

33:04 And so if you just search Openverse GitHub, like we had mentioned earlier, 'cause if you just search Openverse, you'll actually get the site.

33:11 You can go and make an issue on any one of the number of repos that we have for describing this project.

33:17 And on top of that too, if you know of a content provider, like a museum or whatnot that has an API that could have its images added to Openverse, we're trying to make it really easy to write those.

33:31 we call them provider ingestion scripts.

33:33 So even if you just know of one, you can make an issue for us and we'll write the provider script.

33:38 But we also love public contributions.

33:41 If you have a source that you wanna add and you wanna get it into OpenFirst.

33:45 - Oh yeah, that's great.

33:46 - Brian, now are you ready for your extras?

33:47 - I am, yeah.

33:49 So we were talking about security and supply chain for packages.

33:54 And so I noticed this actually, gosh, it just came out.

33:58 Like, was it yesterday?

34:00 yesterday, Brett Cannon announced that he's got a, he has a GitHub action that called a pip secure install that he published and apparently VS code or VS code Python uses it.

34:15 But the thing is, is, is it just sort of, if you pip install something with requirements file, it could have, who knows what it all is in there and it, and your requirements, and then they have dependencies and they have dependencies.

34:27 Well, this secure install allows you to do through GitHub actions, use a requirements file, but you have to have stuff in it.

34:38 So you have to have no, it doesn't pick up any dependencies and it requires hashes.

34:44 So you have to have a full requirements file with all of the dependency tree in there with the hashes to eliminate these like supply chain problems.

34:57 It doesn't eliminate them, but once you've tested a good package, you can just put this in there.

35:03 So I just wanted to give a shout out for this project by Brett.

35:06 So that was cool.

35:08 - Cool.

35:09 - The second thing I wanted to shout out, which I'm like totally excited, basically this is a shout out to everybody out there listening to this that has supported the Python Testing with pytest book.

35:19 I was talking right before we started recording that today is the last day I get to touch it.

35:24 I get to, my final edits are going in, But because of all the beta purchasers, it's supported the rewrite and just been awesome support.

35:35 And right now it's at number two as the best seller on Pragmatic.

35:39 So that's pretty exciting.

35:40 - Congratulations, that's awesome.

35:41 - That's fantastic, yeah.

35:42 - Madison, back to you.

35:45 Anything you wanna give a quick shout out to?

35:46 - Yeah, a couple quick things.

35:49 One thing I forgot to mention about OpenFirst is also written mostly in Python too.

35:53 So if you're familiar with Python, you can help contribute.

35:56 But on top of that--

35:57 - Not PHP?

35:58 - No, no, that's, yeah, it's kind of interesting 'cause most of WordPress is PHP and JavaScript, but Openverse is a fun little extra blob on the side that runs in Python, so.

36:09 - Yeah, beautiful.

36:10 - Speaking of small Python web apps and whatnot, some folks in Seattle recently launched a new police accountability and information tool.

36:19 And so this is just a tool, it's spd.watch for the URL, And it's a tool that just allows you to search for police officers in the Seattle area and get information on them.

36:32 So, you know, if you're interacting with an officer, sort of what their history is, how long they've been with the force, that sort of thing.

36:39 It can be really useful for community safety and also just accountability.

36:43 And you all had mentioned Just in episode 242.

36:48 I just wanted to give a shout out to it.

36:51 I have been using this for every single project I have touched. When I go to a project that doesn't have just I get very angry. It's so fantastic. I mean, the fact that you can add comments for different recipes, your recipes can build on other recipes. There's a lot of like complexity that you can have in the just file, which makes it easy for new people to come on and start contributing. And so if you have like, lots of Docker containers that require, you know, certain specialization in some sense, you don't have to write this big long read me that describes all the steps you say, download just and then just run. And that's it. It's so nice.

37:29 I totally forgot about just so I'm glad you brought it up again.

37:33 It's so I just I can't sing his praises enough, honestly, although I do have to say its name does make it very difficult to do Google searches.

37:41 And then lastly, I just want to give a shout out to the GitHub package registry. That's ghcr.io for githubcontainerregistry.io.

37:54 They do free Docker image hosting for open source projects.

37:58 And I'm not sure what the pricing is for, or we could see the pricing.

38:02 But yeah, they do free for open source projects, which Openverse is taking advantage of.

38:08 And I've used on a number of personal projects, and it's been incredibly helpful to just be able to build and push an image for free with GitHub Actions, and then have that hosted for free on GitHub Container Registry.

38:19 - Oh, that's cool.

38:20 Yeah, it looks handy.

38:21 - Cool.

38:22 - Nice.

38:23 - How about you, Michael?

38:24 - I got a couple as well.

38:25 Yeah, I got a couple.

38:25 Let me go back here.

38:27 So very kind message came out on Twitter saying, here's a really cool way you can go to the transcripts for the podcast, which is on GitHub.

38:35 And then you can do like a search across them using some nice GitHub search features.

38:39 Absolutely true.

38:41 Very nice.

38:42 I also wanted to point out a couple of things that we actually have some neat features that people can play with.

38:47 First of all, we have a search engine.

38:48 and you can click on the upper right.

38:50 This is, look, we're live streaming.

38:51 So the thing you can search for, so I could search for like pytest and it would come up with the episodes and whatnot.

38:56 I could search for Hawaii.

38:57 - Like every single episode.

38:58 - Yeah, exactly.

38:59 So we get like our Python on the beach that we did recently and whatnot.

39:03 - My search for Just was very difficult, but through no fault of your own.

39:06 - Yeah, when you search for Just, we get a whole bunch of stuff back.

39:08 - It's a lot, yeah.

39:09 - Yeah, yeah.

39:10 But it's pretty neat.

39:11 It also has a JSON API.

39:13 If people wanna consume that, they can go and search for stuff and then it'll come up with a JSON variant of results and whatnot.

39:21 - Nice.

39:22 - Yeah, so that has been there for a while, so people can check that out and that's cool.

39:24 But I also wanted to point out something brand new, Brian.

39:27 I don't know if you even got a chance to play with this 'cause I just did this.

39:30 - I did, it's so cool.

39:31 - So good, so if you go to the transcripts, so if you're on any episode, usually on the right, it'll say, unless the screen is really small, then it might be the bottom, it'll say full transcript, and then you can go in here and there's transcripts which are searchable and there's a play thing, but there's also now a ability to click on any paragraph or sentence, the little play button next to it.

39:52 - That's awesome.

39:53 - And it'll just start playing the episode at that time.

39:55 - Very cool.

39:56 - So if people wanna go back and use what we've been doing for four or five years, whatever it's been, as resources, yeah, that should make it a little bit easier.

40:04 - Did you back part this to like old episodes also?

40:07 - Yeah, because this is, so let me tell you how I did it, because the transcripts, if you look at them, they just have a number, they just have like a timestamp there.

40:14 >> Yeah.

40:16 >> So I use this really cool regular expressions 101 or regx101.com tool website to build up the regx using named groups.

40:27 And let me just check this out, which is on the screen, you guys.

40:30 You'll check out the link if you're listening.

40:32 You can put the thing you want to search for, and then the groups and the regx, it'll show if it's a match.

40:37 It'll actually highlight and name the different elements and color code the syntax of your regular expression elements into like name sections and all sorts of cool stuff.

40:48 What do you think of that?

40:49 - It's awesome.

40:50 If I'm using, if I'm writing a regular expression that's longer than like three or four characters, then I'm using Regex 101.

40:58 Like this site is so fantastic.

41:00 - It is, I totally agree.

41:01 - It has the references in the bottom right too for like the different, whatever the token is.

41:06 - Yeah, I feel like it says love as well.

41:07 And so it also gives you help.

41:08 If I put it on the D plus, which means find one or more numbers, it'll say exactly what that stuff means and so on.

41:18 You can say D down here and it'll tell you, what is that doing and so on.

41:23 I know it's a quick way. Somewhere there's a search.

41:25 But it was nice that it will actually show you which sections and give you extra information about it and all neat stuff.

41:32 >> Like full descriptions too of what each particular thing is doing is so great.

41:38 There you go. So if you like hover over the backslash and D plus or whatever I got here, it says meta escape matches a digit equivalent to bracket zero to nine.

41:47 Here's a name group.

41:48 Here's just that matches the character and you just as you hover, you don't start the start of the text, right?

41:53 If a caret and as you hover over these things, you get real-time like autocomplete for like a meaning of that section.

42:01 >> And like a full explanation in the top right too, which can be really helpful.

42:05 >> Absolutely, because so often when I look at this kind of stuff, it's right only, like I got it working and I can't decipher it again.

42:13 So you can put it back in here and come to an understanding which is cool.

42:16 All right, one more thing real quick, a new video on my Python short series that I'm doing.

42:21 Do you even need loops in Python?

42:22 People can check that out.

42:24 So it's really about list comprehensions and fun stuff you can do with list comprehensions in Python.

42:28 So I've been having a lot of fun with that.

42:29 And the open verse sounds very interesting for grabbing content to throw in some of those videos as well.

42:34 **BEN HONG:** Absolutely. All right. Well, that brings us to our joke, I do believe.

42:39 Are you all ready for it?

42:41 **JASON LENGSTORF:** I have one. I found a video. Sorry. This got shared in -- speaking of Python loops, I don't know if I'm going to be able to show it. Fingers crossed here.

42:53 This video was shared in a work channel recently. And I'm not going to be able to show it. But is a snake that is moving around a box.

43:05 Oh, here we go.

43:06 Perfect.

43:06 (laughing)

43:07 - Oh, I love it.

43:08 - Speaking of Python loops.

43:10 (laughing)

43:11 So you really don't need these Python loops.

43:13 - Yes, exactly.

43:15 Oh my God.

43:15 It's a Python slithering around a box, which is rotating in a circle.

43:20 Here's a simple loop with Python.

43:21 - And it also, the snake isn't moving anywhere because of the way that it's slithering.

43:25 (laughing)

43:26 So anyway, you really don't need loops.

43:29 I love it, that's awesome.

43:31 Roller out there says, the new Python short channel is great, thanks Michael.

43:34 And Alvaro says, I usually test my regex with sed and grep on the command line.

43:39 This seems easier.

43:39 (laughing)

43:40 Regex, that thing is awesome.

43:42 All right, so I've got a joke that is not my joke, but is from instead Josh Thurston, he sent them in a little while ago.

43:48 So there's kind of three together in sequence.

43:52 So here we go.

43:53 How did the hacker get away from the police?

43:55 He just ran somewhere.

43:57 - Boo.

43:58 >> Oh, that joke makes me want to cry.

44:01 >> Oh my goodness.

44:03 >> Where do you find a hacker?

44:05 IndieCrypt. Oh, they're so bad.

44:08 These are full-on, hold on, I'll add them to the stream as well.

44:11 Those are full-on dad jokes right there.

44:13 >> That's two thumbs down in a good way.

44:16 >> Absolutely.

44:17 Like overflows the bad buffer and becomes good again.

44:20 >> Yeah, wow.

44:22 >> Fantastic. All right.

44:24 Well, speaking of fantastic, great to have you here, Madison.

44:26 >> Thanks so much for having me.

44:27 - Thanks, always.

44:28 - It's good.

44:29 - You're welcome.

44:29 - So, talk to you later.

44:31 - Yeah, thanks everyone.

44:31 - Have a good one.

44:32 - Thanks for listening to Python Bytes.

44:34 Follow the show on Twitter via @PythonBytes.

44:37 That's Python Bytes as in B-Y-T-E-S.

44:40 Get the full show notes over at pythonbytes.fm.

44:43 If you have a news item we should cover, just visit pythonbytes.fm and click submit in the nav bar.

44:48 We're always on the lookout for sharing something cool.

44:50 If you wanna join us for the live recording, just visit the website and click live stream to get notified of when our next episode goes live.

44:58 That's usually happening at noon Pacific on Wednesdays over at YouTube.

45:02 On behalf of myself and Brian Okken, this is Michael Kennedy.

45:05 Thank you for listening and sharing this podcast with your friends and colleagues.

Back to show page