Transcript #268: Wait, you can Google that?
Return to episode page view on github00:00 Hey there, thanks for listening. Before we jump into this episode, I just want to remind you
00:03 that this episode is brought to you by us over at Talk Python Training and Brian through his pytest
00:09 book. So if you want to get hands-on and learn something with Python, be sure to consider our
00:14 courses over at Talk Python Training. Visit them via pythonbytes.fm/courses. And if you're
00:21 looking to do testing and get better with pytest, check out Brian's book at pythonbytes.fm slash
00:27 pytest. Enjoy the episode. Hello and welcome to Python Bytes, where we deliver Python news and
00:32 headlines directly to your earbuds. This is episode 268, recorded January 26th, 2022. I'm
00:39 Michael Kennedy. And I'm Brian Aiken. And I'm Madison Swain-Bowden. Hey, Madison. Great to have you here.
00:45 So fantastic to be here. Yeah, yeah. We talked to you before at PyCascades, where you were on the
00:51 hosting side. That's right. Tables are turned a little bit, yeah. They absolutely have. So
00:57 why don't you tell folks about yourself before we jump into the news? Thanks. Yeah, I am a senior
01:01 data engineer at a company called Automatic. We do WordPress, which is surprisingly, I recently heard
01:10 that it backs 40% of the internet. And so that was really surprising. So much of the world is on
01:16 WordPress. It's unbelievable. I know, I know. Yeah. And I work with the Openverse team there,
01:21 which I'll talk about a little bit later in the show. Yeah. Fantastic. Cool. Yeah. So Brian,
01:26 shall you kick us off on the first thing? Yeah, sure. Something about parentheses. I like Python
01:32 because it generally doesn't have that many parentheses, but you were going to tell us that
01:34 it should have more. Yes. Well, we have them with function calls, right? And tuples. Indeed.
01:40 So actually, because there's function calls and tuples, both use parentheses, there's a confusion
01:45 that happens. And so I just saw this the other day. A pep679 was added, submitted by Pablo Salgado.
01:56 to allow parentheses in the assert statements. So what happens like currently, I don't know if
02:02 there's examples in here, but what happens currently is if you, if you call assert, you're not supposed
02:08 to use parentheses. You actually, you can't right now. You can, but it's wrong. So if you.
02:14 It's one of those princess bride things like that, that doesn't mean what you think it means.
02:18 It doesn't mean what you think it means. So what happens is, is you, you give assert asserts a
02:23 statement within, within Python, you give it a, an expression to evaluate, and you can also
02:31 give it a comment, like a string to add a message if, if, if, if the failure happens. But what happens
02:37 is sometimes people think it's like a function and put those within parentheses and it looks like a
02:42 function call and it looks visually fine. But what happens is, is it doesn't matter what the,
02:49 expression evaluates to, because the, this it's a, it's a two value, tuple. And especially
02:56 if you've got a string in there, the strings, not non-zero. so the tuple evaluates to a true
03:02 value and your assert never fails. and, and the tuple is never none. And so you're good to go.
03:10 Yeah. I feel like we could have some passing tests. Yeah. I feel like this is one of those like
03:14 Python gotchas. Like if you have one and if you assign a variable to one comma,
03:20 then you get a tuple instead of just the one, right? Yes. and particularly with print being
03:26 changed from a statement to a function, I think it like makes a lot of sense for people to assume
03:31 that assert is also a function. and it's kind of an, an odd, odd duckling in the language because
03:38 it is just a keyword. So this PEP is just, to say, let's allow both. Let's, go ahead.
03:43 Because right now there's no real reason to pass in a tuple as a, and as an expression,
03:50 as a full expression, it just doesn't, it's, it's always going to be true. It's a no off.
03:54 So, let's go ahead and add that to the language and allow people to call it as a function if they
03:59 want to. And the AS there's AST around it that, to make it like basically be the same thing.
04:05 I think this is a no brainer. I think we should just get it done as soon as possible.
04:10 Hopefully we can get it into then, you know, 311 or 312 or something like that.
04:14 So I wonder too, if having, it as a function might help with autocomplete and some IDEs.
04:21 Cause I think right now when you do the assert, you don't get that like, suggested arguments
04:27 or suggested parameters that you do with a function. And so it might help there. Yeah.
04:31 Yeah. so if you're trying to put too many things in there, it won't tell you that it's wrong.
04:37 All those things. Yeah. Yeah. Hopefully this will go through. So I hope so as well. So let's talk
04:42 about local ghost. So local ghost is, a blog by, let me get the name right here by Sophie Koonin.
04:51 And she blogged or wrote about everything I Googled in a week as a professional software engineer.
04:59 Oh, cool.
04:59 So I wanted to highlight this because there's a lot of folks out there who listen to the show
05:04 and just are in the industry who feel like they don't, they don't quite add up or they don't belong
05:09 or whatever, because they feel like they get stuck and lost and banging off things. You know? And I
05:14 can tell you, we were just talking about it last time with a joke, right? Brian, like hate programming,
05:18 hate programming, hate programming. It works. I love programming, but the hate part, there's a lot of searching, a lot of Googling and bouncing around from that.
05:25 And so here's just another pro software developer pro in the sense it's her job and she's been doing
05:32 it for a while. And it just talks about like, okay, what did I do? So the, what she searches is slightly
05:37 different than what we would search because she mostly is a front end and node, mostly JavaScript
05:43 type of developer, but it doesn't really matter. You can, you can sort of see there's some basic stuff
05:48 NPM react testing library. And what's nice is she put the little comment behind a lot of these,
05:53 like, why did she search for this? Not just the words like during a react upgrade, looking at
05:57 dependencies to see the latest versions and checking for breaking changes and then react Apollo release
06:03 notes, totally normal. And then undo a rebase. Oops.
06:09 I think we've all been there.
06:10 Yeah, exactly. Or just silence warning, or maybe it's undo commit. No, what did I do? I can't push this.
06:18 Just silence warning. Don't judge me. Okay. So there's a bunch of interesting things and it kind of goes along
06:24 there. So you, you all can look through it. I don't want to go through all the details.
06:28 There's just a lot of stuff. What were you going to point out there, Madison?
06:31 No, it's just a lot of, of fun and interesting searches. And I think like, if we were all to do this
06:37 sort of analysis for ourselves, it would be kind of an interesting retrospective.
06:40 It would be super interesting. Yeah. Like what surprised you most about your search history?
06:44 Let's see. There's a few, I think one on Friday down here at the end of the week. That was pretty,
06:51 yeah, I put my notes. I'll pull it up down here. So one that I thought was interesting was she searched,
06:56 she searched for expecting, expecting a parsed GraphQL document. Perhaps you need to wrap the query in a
07:03 string quote GQL tag. And the content of that's not super interesting, but what that is, is exactly an
07:10 exception message, right? In some sort of code. And for people who don't do this, you should take the
07:17 error messages and put them straight into Google or straight into DuckDuckGo or wherever you put search
07:21 things. And it is so good. With quotes.
07:24 The problems. With, yeah, exactly. And maybe quotes on the really important bits, right? Like I really want to make
07:29 sure it's GraphQL and not some other document or something.
07:31 I would say half the time when I do that, it takes me exactly to the GitHub issue that describes the problem
07:37 that I'm experiencing. It's surprisingly effective, isn't it?
07:41 Absolutely. It's like, why is this work so well? The thing that blew, blew my mind most once is I had a friend,
07:47 this is way back. I mean, we're talking like early 2000s. He was using Outlook. Don't judge him. It was a long
07:53 time ago. And he was using Outlook and it was just stopped working. It gave him some weird error that had
07:57 almost no message, just a number. So I just searched Outlook, that number and boom, here's the exact fix.
08:03 It's just like, are you kidding me?
08:04 Absolutely.
08:05 Yeah, I love it so much.
08:07 A couple others. Semantic HTML contact details. Wanted to check if address tag was relevant here.
08:13 I highlight that because here's somebody who's a professional HTML developer basically doing front end
08:18 stuff. And still they're Googling to see, does this address tag match here? Like, should I use this block,
08:23 this HTML tag in this situation? Right? So it's, even if you work in stuff day to day,
08:29 there's stuff that you just go like, I'm just going to leave that to the search engine and distributed
08:34 cognition and not have to, you know, memorize every detail of what I'm working in.
08:39 And then finally, I just thought this was fun. Editing host file. This was the search, not the action.
08:43 Desperate times. And it didn't even work.
08:45 What was the comment?
08:47 Anyway, I think this is fun. And I thought I'd just share it because I think it's, it's interesting for people to compare notes.
08:55 One of the things I noticed recently was I, I, I don't, I don't remember the exact way you're supposed to get to
09:02 GitHub repos. So I usually just Google GitHub and then my repo name just to get to the repo.
09:09 Exactly that. Yeah.
09:10 Nice.
09:13 Well, and a lot of times I search for like a project and then it brings up like PyPI or some other,
09:19 like the read the docs. I was like, no, I want, I want GitHub. Take me to GitHub.
09:23 Yeah. I'm always like, all right, fine. I'll click the PyPI so I can click on the source code.
09:27 Exactly. Exactly. How many links do I have to go through just to get to the repo?
09:30 Exactly. Yeah.
09:31 I know I'm two clicks away. That's good enough. Let's do this.
09:33 Yeah. I have a couple of thoughts on this.
09:36 Yeah. Tell us.
09:37 First of all, local ghost.dev is an amazing domain name. I absolutely adore that. And the
09:43 second is it's, it's really great seeing articles and posts like this. I see a lot of seniors,
09:50 particularly like senior women and others underrepresented minorities talking about this
09:55 sort of thing. And I think it really helps to dispel the myth that like, you have to be
10:00 an expert who has every command for, you know, every utility memorized in order to be a senior dev.
10:05 Like a lot of us are doing these sorts of Googles, right? We're like looking up the, the function
10:12 signature for something that's like in the standard library, you know, we're all doing this. And so I
10:17 think it's, I think it's really valuable to share something like this, for particularly for people
10:22 who are new. Yeah. Some of the best skill acquisition isn't memorizing things. It's
10:27 remembering that the feature was there. Exactly. Yes. Yes. Right. Exactly. I need to know just enough
10:33 that I can Google it to get, to get to where I want to be. Absolutely. And, Johnny out in the
10:39 audience also thinks it's interesting. Yeah. We, we all think this is great. Fantastic. All right.
10:43 I did give a quick shout out to PyCascades previously, Madison, you want to tell us about
10:47 your first time? Yeah, I wanted to share about it. So PyCascades is coming up in less than two weeks,
10:52 which is really exciting. we have another year of just excellent and diverse talks from
10:57 an array of different subjects and expertise levels. last year we were online and we're going to be
11:03 online, again this year using the same platform that we did last year. And a lot of people really
11:08 enjoyed that platform. So we're excited to use it again. We're hoping to do some watch parties,
11:13 in Seattle, Portland, and Vancouver. but unfortunately, reality, wanted us not
11:20 to do that. So we opted against that. Yeah. But we're, we're so excited to, to be doing this again
11:26 this year. and one of the things that I'm like really excited about is that we have the PSFs,
11:32 diversity, equity, and inclusion working group, doing a meet and greet as sort of our,
11:38 our first event on Saturday. and so they have a form that they are sharing for just trying to
11:46 understand the landscape around diversity in the Python community. and so we have that linked
11:51 in the show notes, if you would like to fill that out. and we are going to have socials on
11:56 Friday and Saturday night. and we had a DJ last year. We're hoping to have a DJ again this year on
12:02 Friday night. and then we'll be doing sprints on Sunday. and tickets are still available.
12:08 we'll be selling them throughout the event too. So, cause it's a virtual event. There's, it's not
12:14 like NFTs. There's no digital scarcity with these. So please feel free to buy a ticket whenever, whenever
12:19 you have a chance and we hope to see you there.
12:22 Yeah. That's a fun commerce. I've enjoyed going to it when it was in person. So it's cool. It's
12:26 still going. I can't wait for it to get back to being actually in person.
12:30 I know. I know. We were, we were hoping, we were hoping to dip our toes into it this year, but
12:34 just wasn't going to happen. And I should also mention too, we're, we're having talks from,
12:39 some well-known folks in the, in the Python community, like Thursday Brom and Jay Miller,
12:44 who I know you had on, talk Python to me recently.
12:47 Yeah. Yeah. Yeah. And we have, some first time speakers as well.
12:51 Like Joseph Riddle and, Isaac Na. So we're, there's a lot of really great talks
12:56 that, that we're looking forward to. Yeah. Super cool. Cool. All right. Brian,
13:01 back to parentheses and stuff. Yeah. Well, maybe not parentheses, but yeah,
13:07 stuff that happens between parentheses. so it is interesting article by Seth Larson that I,
13:13 ran across that's a strict Python function parameters. And I thought strict, what do we mean
13:18 by the strict Python function parameters? and the idea is let's put everything together. So we have,
13:26 we've got keyword only parameters and that's, it's a little small on screen, but, keyword
13:34 only parameters is, is where you, you can put an asterisk in the middle of your key in your parameter
13:40 list. And it says that everything after that has to be a keyword. It can't be, you can't,
13:47 you can't pass that in as positional. And I'm, yeah, I'm not sure exactly how that works really,
13:52 but, it's kind of, it's useful. the, and then you can also put defaults in there,
13:58 of course, for things. And it's just that separating of what, where your keyword positional
14:02 and keyword arguments go. And that's an, it's a cool thing. that's helped, allow people to,
14:08 add parameters before. So this was a nice addition. And then also we've got, those are
14:13 keyword only parameters. We also have positional only. So with the slash, you can say everything
14:20 before the slash is a positional, only you can't, you can't pass it in, as a keyword
14:27 parameter. and it's, it's the, this, the natural progression is, you know, Hey, let's just
14:34 do both of them at the same time. And I didn't actually, for some reason, I didn't realize you
14:38 could do this. and so what the, so then you're going to have your, positional parameters
14:46 first and then a slash and then a star, and then, you'll have, and then all your
14:53 keyword parameters after that, what, what happens then is you're both of them are true. So you have
14:59 to, you have to have the positionals first and then the keywords after. And, and so what,
15:05 what's the benefit? This, this just, it looks like added syntax to confuse people. but there are
15:11 a lot of benefits. One of the benefits is really that your documents and your code and your
15:16 example code, example code and all examples people look, if they look up some other,
15:21 GitHub repo or something using your API, all the examples are going to look kind of the same.
15:26 And this is sort of something we're used to in other languages. It's, I was actually surprised
15:31 in Python that you could rearrange your, your input, arguments, especially the keyword
15:37 ones, you can rearrange them and they work fine, but it's confusing sometimes. And, and I just
15:43 actually think this is kind of a neat idea. I think that especially for API or, you know,
15:49 library API entry points doing something like this might make complete sense. And it's something I'm
15:53 going to look into considering just to make sure, people use a, use something consistently.
15:59 the article also goes through, thing about, empowering library authors to have
16:05 flexibility to change things. And, and it's a good thing to read up on, but I was curious what you
16:11 guys thought about if, if, if I, if I were having had an API or you were looking at API and it had
16:16 this slash star in the middle of everything, what would you think?
16:18 I, I mean, I really liked this concept and I'm, I'm glad that it's a feature of Python because of
16:24 that uniformity that it can create. I've never had an opportunity where I felt like, this was
16:31 something that I really should use, but I think that's a large part because all of the stuff that I
16:35 work on is, usually internal tools. And so, even if it is open source, there's not like a public
16:43 API that I'm building. And so that, right. If you're consuming it versus creating it for others,
16:47 it's very different, right? Exactly. Exactly. Yeah. And so I think it's always a good thing to keep in
16:52 the back pocket when you like have a particular contract that you really want to enforce with how
16:57 functions are used and keywords and whatnot. Yeah. I, I also am glad that it's here. And for the same
17:04 reason as medicine, I don't use it very often because to the extent that I do make open source
17:08 libraries that are pretty basic and, and, and don't have tons of like tutorials or anything about
17:14 them. Maybe I should think more about this, honestly, but I do like the idea that you can say,
17:18 no, this is going to be like this specifically, for certain things and say this stuff you cannot
17:24 use as a keyword argument. You have to just pass positional this stuff. You must, it has to go
17:28 at in this order and so on. Yeah. I like it. I, yeah. One of the things I see is, is,
17:32 is people looking at other examples, and, and, and saying like, so if, if you've got a key,
17:41 if you just have a normal arguments, they can be, you can, you can pass them in as keywords,
17:47 even if most people use positional, and then you can reorder the keywords and put them in a different
17:52 order. And then somebody else might look at your code, copy it, and then take off the keywords.
17:58 And now they're in the wrong order. and, that'll mess things up. this is a Dean,
18:04 added a comment of, so def underscore. Yeah. Star. This is a legit syntax. that's,
18:13 that's funny. I can't even read that out loud. It's so confusing.
18:16 Looks like code golf is what it looks like. Goodness.
18:20 So anyway, I think, I think it's like typing in the sense that, it's, it's a good feature
18:26 that's there and it can be helpful for making things more explicit in Python. But part of the
18:31 power of Python is that it's very versatile and approachable. and so it's, I think it's nice
18:38 too, that it's not like, this is something that you are required to do for every function that you write.
18:43 Yeah. Yeah. I do like the flexibility there. All right. Let me tell you about something that seems
18:50 a little bit contrary to the Python way, but I think people will find useful. So over on pypi.org,
18:57 we have 350,000 plus packages, which is utterly mind blowing. I remember when it was 75,000 and I'm
19:05 like, wow, look how many there are. It's insane. So a lot of the superpowers of Python is you,
19:12 you know, the ability to use these packages and people will say I'm using Python because it's
19:16 really great at working with Excel files. Well, like Python's not actually good at working with
19:20 Excel files, but there are many libraries for Python, which that's true. Right. And so you have this sort
19:25 of spectrum of like, what do people mean when they, they say like Python is great, but I do think these
19:30 packages clearly are super important. So why do I bring this up to start the section off? I want to
19:35 talk about a way to not use PyPI, but still do some cool stuff. There's this thing called
19:40 new rec as in small requests over here. I got a name. Yes. If it pulls up, sure.
19:49 Sure. Shri are Ram. So very cool project here. And the idea is it's request like not a drop in
19:57 replacement for requests, but like requests with limited features. But if you're using a limited
20:01 subset of what requests could do, you could use this library and have zero external dependencies,
20:07 no virtual requirements required, no pip install dash R or friends required and just have like a real
20:14 simple thing and not have to fall back to just URL lib, which is pretty cool. So it does standard stuff.
20:21 I would recommend maybe even from, you know, import new rec as requests and then request.get.
20:29 See what breaks. Yeah.
20:30 Yeah, exactly. I mean, and then see if it works or not. So you, it does have some limitations, quite a few,
20:37 actually, like it doesn't support connection pooling, for example, but if you do request.get,
20:41 neither does that. You have to create a client session and then use the session to do get and so on.
20:45 If you want, you know, connection pooling apparently uses a lot less memory, but the main reason besides just
20:50 convenience of like, I want to give you a Python file you can run or a set of Python files, you can
20:55 run the top level one without any external dependencies. So that's, that's pretty nice.
21:00 The other one is to avoid supply chain attack vulnerabilities, right? We, we've talked before
21:06 about people putting malicious stuff into PyPI. We talked about the guy, a wreck, I believe it was,
21:12 who had like sabotaged his NPM packages and those kinds of things. And you know, the cascading change
21:18 of like the super dependencies in the JavaScript world meant that was really, really bad. Right.
21:22 So here's a way you could put something that does request like things into your code and it doesn't
21:26 have any dependencies. It doesn't have, there's no way someone's going to take over that account and
21:31 put something malicious there, or even maybe worse is like the dependency of the dependency of the
21:36 dependency is where the problem is. Yeah. So yeah, I think this is pretty interesting.
21:40 Yeah. Security is in a lot of people's minds recently with the log4j stuff. And then yeah,
21:47 all of these supply chain attacks that are happening, particularly in the JavaScript space.
21:52 It seems like a lot more happens in that area more so than like Python, but I feel like the packaging
22:00 story is really similar in both. So it's useful to take the lessons learned from the JavaScript ecosystem,
22:06 pull them back into Python. And I think something like this is really valuable,
22:10 particularly, I know some companies have just very difficult bureaucratic processes to like
22:16 get requirements in. And so if you say like, this is just this one file, it has this license,
22:22 we just need this makes it a lot easier.
22:24 We can review the one file that won't auto update.
22:27 Exactly.
22:27 It's going to, yeah. So that's the good news. There's a couple of things worth pointing out
22:32 one over in the PR section is a lot of the stuff inside is not PEP 8 compliant or other stuff.
22:38 So if you drop it into your project, it'll give you a bunch of warnings. So you might want to run
22:42 like black on your on it before you put it in your project. I did a PR that's suggesting that
22:46 that should just be part of it. There's an ongoing conversation about that. Also, it doesn't support
22:50 a couple of the main methods like dot JSON for consuming APIs, and raise for status, which if you
22:58 don't get a successful status, it'll raise an exception. So you don't carry on with bad data.
23:01 So those two are really good. The raise for status is supposed to be put in soon. The JSON one is up
23:08 for debate. With all that said, I have a branch that has all those fixes as PEP 8 compliant.
23:14 f-strings has those two functions that you might use. So you can, people can use that as well.
23:19 If they want.
23:21 Did you put a PR to get those back in?
23:23 Oh yeah. Yeah. That's what I was pointing out before though. I absolutely did. Yeah. They're not,
23:26 I'm debating with the author whether or not he thinks that those are appropriate to add to it.
23:32 Maybe you could rename it medium rec if.
23:35 Medium size rec. So anyway, it's not super important. It's not that big of a deal, but I mean,
23:42 you know, the, the effect of actually adding those, they're not huge amounts of code that you've got to
23:47 add to make this happen. Like the JSON one is literally one line of code. No, you could take it. I mean,
23:54 do you count the function definition of a separate line? It's two if you got to count the def, but it's
23:58 like super, super small. So if people can grab mine and they can add it or they can grab theirs
24:02 and then add it, whatever. So, or that's the good news.
24:05 Fork the project and make Mewtwo rec.
24:08 Right? So much more Mew.
24:10 Yeah, exactly. Now here's the reality of what I found. I have a lot of projects that have
24:16 10, 20 dependencies because there are, you know, tens of thousands of lines of code and they do a lot of
24:21 stuff. Every single one of those where I thought, Oh, this would be kind of fun just to like cut down
24:25 on the dependencies and the dependencies of the dependencies. Cause what I do with requests is
24:29 real simple. Usually call an API, get some JSON, get some values out of it. It'd be nice to do
24:33 something like this. The reality is so many things depend upon requests. Sentry, for example, depends on
24:42 requests. MailChimp API depends on requests and et cetera, et cetera, et cetera. So by the time you get
24:49 a project built up with other stuff, it's already got requests required and installed and so on.
24:54 So it's like, this is for like a smallish app that doesn't have really many other dependencies that I
25:00 think this makes a lot of sense for. Cause if you depend on a lot of things, you're going to end up
25:04 with requests as a dependency real quick. Yeah. That's a really solid point.
25:07 Yeah. Thanks. Lastly, for people out there listening, wouldn't it be fantastic if a request itself
25:13 offered a, an official mini requests and HTTPX offered a single file version and AIO HTTP client
25:21 offered a single file version. Like, yeah, it only has 80% of the functions, but if they don't have,
25:27 if those functions don't have dependencies, maybe just drop those in and offer. I don't know. It would be
25:32 great.
25:32 One of the things that I like about actually alternatives, either, either within a project
25:37 itself as an alternative or these forked projects that have the same API is they might have benefits.
25:43 And so, but you have to, you have to weigh those. So it does encourage actually a nice software design
25:51 of a couple of things. One of them is isolate your dependencies to the fuse, few files as possible.
25:57 So if, if you only have one of your modules accessing requests, then you only have one
26:02 place. You need to change it to this new module import. Yeah, absolutely. The other thing is
26:07 testing, testing your behavior. So instead of implementation, so if you test your behavior
26:13 and you've got it isolated, you can drop in a thing, run your, run your CI, see if it all works,
26:18 throw it to a couple, few beta people and run with it if it works. So yeah, quite cool.
26:24 Now, one thing that could be useful and also potentially extremely dangerous is some like
26:30 Python level capacity for shimming a module. So like in the situation that you describe,
26:38 Michael, where you have a ton of dependencies that all require requests, you could pull in something
26:43 like murec and then just say like, this is a request. Python, I want you to think of this as requests.
26:50 Yeah. But obviously that has, I mean, it's just an idea. It has some pretty bad security implications
26:55 with people being able to usurp that. So yeah, it may cost some unexpected behavior, but yeah,
27:02 it's also could be good. All right. Just put your entire application inside of a patch statement.
27:08 No, just kidding. What I'm hearing is that we need to make our entire application one file
27:13 in every case and that will just solve all of the problems.
27:16 Just one function actually. Just one main.
27:18 It's perfect.
27:20 We don't even need a function in Python, right?
27:22 Yeah. Okay. Yeah. No functions.
27:24 It just runs once, top to bottom. Let's go.
27:28 Now I was streaming of a world where like there's a simple use case that you don't have to have a
27:33 bunch of dependencies and dependencies, but it's probably a little extreme and when you take it
27:38 very far at all. All right, Brian, what you got for the next one here?
27:41 Oh, this is your extra. No, Madison, you're taking us out for a many times.
27:45 Yeah.
27:46 Yeah. Welcome to Openverse. This is not the metaverse, but everything is, you know, I say call the tech
27:54 industry a song because everything's a verse these days. But this is a search engine for openly licensed
28:02 media. This is something that the WordPress community is supporting. And so what I mean by
28:08 openly licensed media is images and audio. That's what we have currently. But we're hoping down the
28:16 line to have things like video, 3D models, text, all assets and media that you can use without having
28:26 to pay for them. And just some licenses require attribution. Others don't. A lot of them are free
28:32 for remix and reuse. And so this used to be called CC search under the Creative Commons sort of purview,
28:40 but they've handed it off to us to help shepherd into the future. And so if you are looking for content
28:47 to use on your blog or your podcast or anything that you're creating, any sort of content that you're creating,
28:54 your conference presentation, your conference presentation, your courses, whatever, there's a lot of a lot of times I'm like,
29:00 I need an image. I need to be able to use it.
29:03 Or a snippet of audio to throw someplace. This is awesome.
29:06 Yeah. So I'll show an example here in the live stream. I'm going to type Jupyter. And I have to spell it right. I typed
29:13 Jupyter last time. And yeah, you just get a bunch of pictures of, you know, Jupyter and then also different sound clips that we have
29:21 mixed in if you want all of the results. You can also filter by just certain media types, like seeing just images or seeing just the audio results.
29:29 And then when you click on an image, you'll see the attribution for that image right there alongside it.
29:34 And so you can just copy that and put it in your website after you link the image.
29:37 And we have over 600 million images in Openverse and more audio and more images and more just media in general to come.
29:45 Fantastic.
29:46 Oh, and if we search, sorry, if we search Jupyter, there's some fun, like, conference-y, you know, screenshots.
29:53 So there's, you know, lots to use here.
29:55 Cool. Alvaro asks, can you search by license type?
29:59 Yeah. So I'm sharing this in the live stream, but on the right, the first filter that we have is by different license types.
30:07 And a lot of these are, I believe they're creative commons license, but not all of them are.
30:12 We have public domain markered licenses as well.
30:15 And then you can search by use too, depending on how you're using that.
30:19 So if you're using it commercially, that's going to have different licenses and implications for you versus modifying and adapting.
30:26 And then we have, I mean, Openverse serves as like an aggregate for different entities that host some of this openly licensed media.
30:36 So things like museums, you know, NASA's photos, that sort of thing.
30:41 And so you can also search by provider too.
30:43 So if you're looking for space photos and you say, I just want NASA's authority on this, then you can sort of filter by that.
30:50 By that aggregate.
30:52 Very cool.
30:52 Yeah.
30:52 Yeah.
30:53 This is a constant challenge and it's great.
30:56 Like it's a challenge for blogs.
30:57 It's a challenge for like all these things.
30:59 Right.
30:59 But it makes perfect sense why WordPress would be interested in this.
31:02 Totally.
31:02 Yeah.
31:03 And we're hoping to have it integrated into WordPress down the line.
31:07 So like if you're working on a WordPress site and you want to add an image, one of the blocks that you can pull up is just a search on Openverse.
31:14 And then you pull it in and it will pull the attribution in with it.
31:17 And you don't have to do a whole lot of extra work.
31:20 So we're hoping that that's going to be coming down the line too.
31:24 And yeah, it's so easy to just like go to Google Images and find an image, but it's harder to find the appropriate attribution for that.
31:32 And particularly you can get into some very interesting legal spaces if you're making money off of that photo too.
31:37 Right.
31:38 I mean, it makes perfect sense if you're like a high school student doing like a research project.
31:42 Who cares?
31:42 Right.
31:43 But it starts to push the limit if you're selling something or you're making a book or whatever.
31:47 Yeah.
31:48 One of the things I think is interesting is that the difference between non-commercial and commercial.
31:54 And we think of it like big companies or blogs or something.
31:59 And it's not that cut and dry because like you start, say you're starting a podcast, you start getting sponsors and you're making like five bucks a week.
32:09 That's commercial.
32:11 But it's not like I can afford a huge license.
32:14 So, yeah.
32:14 Right.
32:15 Exactly.
32:15 And I mean, maybe you started non-commercially and then it became commercial.
32:20 Yeah.
32:20 Right.
32:20 But you had already used it and stuff like that as well.
32:23 Yeah.
32:23 How about a real time feature request?
32:25 Dean Langston asks, I wish it had a, this is a ping with a transparent background.
32:32 I hear it.
32:33 I hear it.
32:33 I use that feature all the time in Google Images.
32:35 Yeah.
32:36 We actually just finished a redesign of the site.
32:39 We launched yesterday.
32:40 For this redesign, which is really exciting.
32:43 But we have, I mean, we have lots of stuff that we want to, we want to start adding to this.
32:49 Turns out that making a search engine is not easy.
32:53 Surprise.
32:55 So there's a lot of work to be done.
32:57 But that's, yeah, that's a great feature request.
32:59 All of this too is a great plug.
33:01 So thank you for that comment.
33:02 All of this is open source.
33:04 And so if you just search Openverse GitHub, like we had mentioned earlier, because if you just search Openverse, you'll actually get the site.
33:11 You can go and make an issue on any one of the number of repos that we have for describing this project.
33:16 And on top of that too, if you know of a content provider, like a museum or whatnot that has an API that could have its images added to Openverse, we're trying to make it really easy to write those.
33:31 We call them provider ingestion scripts.
33:33 So even if you just know of one, you can make an issue for us and we'll write the provider script.
33:37 But we also love, you know, public contributions.
33:40 If you have a source that you want to add and you want to get it into Openverse.
33:44 Oh, yeah, that's great.
33:45 Brian, now are you ready for your extras?
33:47 I am.
33:48 Yeah.
33:48 So we were talking about security and supply chain for packages.
33:53 And so I noticed this actually, gosh, it just came out.
33:58 Like, was it yesterday?
33:59 Yesterday.
34:01 Brett Cannon announced that he's got a, he has a GitHub action that called pip secure install that he published.
34:11 And apparently VS Code or VS Code Python uses it.
34:15 But the thing is, is it just sort of, if you pip install something with a requirements file, it could have who knows what it all is in there and your requirements.
34:25 And then they have dependencies and they have dependencies.
34:28 So this, this secure install is, allows you to do through GitHub actions, use a requirements file, but you have to have, you have to have stuff in it.
34:38 So you have to have, no, it doesn't pick up any dependencies and it requires hashes.
34:44 So you, so you have to have a full requirements file with all of, all of the dependency tree in there with the hashes to eliminate, eliminate these like supply chain problems.
34:57 It doesn't eliminate them, but once you've tested a good package, you can just, you know, put this in there.
35:03 So I just wanted to shout out for, for this project by Brett.
35:06 So that was cool.
35:07 The second thing I wanted to shout out, which I'm like totally excited.
35:11 Basically, this is a shout out to everybody out there listening to this that has supported the Python testing with pytest book.
35:19 I was talking right before we started recording that today is the last day I get to touch it.
35:24 I get to my final edits are going in, but because of all the beta, the beta purchasers it's supported the rewrite and just, just been awesome support.
35:35 And right now it's at number two is the bestseller on pragmatic.
35:38 So that's pretty exciting.
35:39 Congratulations.
35:40 That's awesome.
35:41 That's fantastic.
35:41 Yeah.
35:42 Madison back to you.
35:45 Anything you want to give a quick shout out to?
35:47 Yeah.
35:47 A couple, couple quick things.
35:48 One thing I forgot to mention about Openverse is also written mostly in Python too.
35:53 So if you're familiar with Python, you can, you can help contribute.
35:56 But on top of that.
35:57 No, no, that's, yeah.
35:59 It's kind of interesting because most of WordPress is PHP and JavaScript, but Openverse is a fun little extra, you know, blob on the side that runs in Python.
36:09 So.
36:09 Yeah.
36:09 Beautiful.
36:10 Speaking of small Python web apps and whatnot.
36:13 Some folks in Seattle recently launched a new police accountability and information tool.
36:20 And so this is just a tool.
36:21 It's spd.watch for the URL.
36:23 And it's a tool that just allows you to search for police officers in the Seattle area and get information on them.
36:31 So, you know, if you're interacting with an officer, sort of what their, what their history is, how long they've been with the force, that sort of thing.
36:39 And it can be really useful for community safety.
36:41 And also just accountability.
36:43 And you all had mentioned Just in episode 242.
36:48 I just wanted to give, I just wanted to give a shout out to it.
36:51 I have been using this for every single project that I have touched.
36:54 When I go to a project that doesn't have Just, I get very angry.
36:59 It's so fantastic.
37:01 I mean, the fact that you can add comments for different recipes, your recipes can build on other recipes.
37:08 There's a lot of complexity that you can have in the Just file, which makes it easy for new people to come on and start contributing.
37:16 And so if you have, like, lots of Docker containers that require, you know, certain specialization in some sense, you don't have to write this big, long read me that describes all the steps.
37:25 You say, download Just, and then Just run.
37:28 And that's it.
37:29 It's so nice.
37:29 I totally forgot about Just.
37:31 So I'm glad you brought it up again.
37:33 It's so, I just, I can't sing its praises enough, honestly.
37:36 Although I do have to say, its name does make it very difficult to do Google searches for.
37:41 And then lastly, I just want to give a shout out to the GitHub Package Registry.
37:47 That's ghcr.io for githubcontainerregistry.io.
37:53 They do free Docker image hosting for open source projects.
37:58 And I'm not sure what the pricing is for it.
38:00 There's, or we could see the pricing.
38:01 But, yeah, they do.
38:04 They do free for open source projects, which Openverse is taking advantage of.
38:08 And I've used on a number of personal projects.
38:10 And it's been incredibly helpful to just be able to build and push an image for free with GitHub Actions and then have that hosted for free on GitHub Container Registry.
38:19 Oh, that's cool.
38:20 Yeah, it looks handy.
38:21 Cool.
38:21 Nice.
38:22 How about you, Michael?
38:23 I got a couple as well.
38:24 Yeah, I got a couple.
38:25 Let me go back here.
38:27 So very kind message came out on Twitter saying, here's a really cool way you can go to the transcripts for the podcast, which is on GitHub.
38:35 And then you can do like a search across them using some nice GitHub search features.
38:39 Absolutely true.
38:40 Very nice.
38:41 I also wanted to point out a couple of things that we actually have some neat features that people can play with.
38:46 First of all, we have a search engine.
38:48 You can click on the upper right.
38:49 This is, look, we're live streaming.
38:51 So the thing you can search for, so I could search for like pytest and it would come up with the episodes and whatnot.
38:56 I could search for Hawaii.
38:57 Like every single episode.
38:58 Yeah, exactly.
38:59 So we get like our Python on the beach that we did recently and whatnot.
39:02 My search for just was very difficult, but through no fault of your own.
39:06 If you search for just, we get a whole bunch of stuff back.
39:08 Yeah, yeah.
39:09 But it's pretty neat.
39:11 It also has a JSON API.
39:13 If people want to consume that, they can go and search for stuff and then it'll come up with, you know, a JSON variant of results and whatnot.
39:20 Yeah.
39:21 So that has been there for a while.
39:23 So people can check that out and that's cool.
39:24 But I also wanted to point out something brand new, Brian.
39:27 I don't know if you even got a chance to play with this because I just did this.
39:29 I did.
39:30 It's so cool.
39:31 It's so good.
39:32 So if you go to a trans or the transcript, so if you're on any episode, usually on the right, it'll say, unless the screen is really small, then it might be the bottom.
39:41 It'll say full transcript.
39:42 And then you can go in here and there's transcripts, which are searchable and there's a play thing.
39:46 But there's also now a ability to click on any paragraph or sentence, the little play button next to it.
39:52 That's awesome.
39:52 And it'll just start playing the episode at that time.
39:55 So if people want to go back and use what we've been doing for four or five years, whatever it's been,
40:01 as resources, yeah, that should make it a little bit easier.
40:04 Did you back part this to like old episodes also?
40:07 Yeah, because this is so let me tell you how I did it.
40:10 Because the transcripts, if you look at them, they just have a number.
40:13 They just have like a timestamp there.
40:14 Yeah.
40:15 So I use this really cool regular expressions 101 or regex101.com tool website to build up the regex using named groups.
40:27 And let me just check this out, which is on the screen.
40:29 You guys, you'll check out the link.
40:31 If you're listening, you can put the thing you want to search for.
40:33 And then the groups and the regex, it'll show if it's a match.
40:37 It'll actually highlight and name the different elements and color code the syntax of your regular expression elements into like name sections and all sorts of cool stuff.
40:48 What do you think of that?
40:49 It's awesome.
40:50 If I'm writing a regular expression that's longer than like three or four characters, then I'm using regex101.
40:57 Like this site is so fantastic.
40:59 It is.
41:00 I totally agree.
41:01 It has the references in the bottom right too for the different whatever the tokens.
41:06 Felix has loved it as well.
41:07 And so it also gives you hope.
41:08 So if I put it like on the D+, which means find one or more numbers, it'll say exactly what that kind of stuff means and so on.
41:18 So you can say like B down here and it'll tell you, you know, what is that doing?
41:23 And so on.
41:23 And that's a quick one.
41:24 Somewhere there's a search.
41:25 But it was nice that it will actually show you which sections and give you extra information about it and all kinds of neat stuff.
41:32 And like full descriptions too of like what each particular thing is doing.
41:37 It's so great.
41:37 There you go.
41:38 So if you like hover over the backslash D+, or whatever I got here, it says Meta Escape matches a digit equivalent to bracket zero to nine.
41:46 Here's a name group.
41:48 Here's just that matches the character.
41:49 And you just as you hover, you know, starts the start of the text, right?
41:53 For a carrot.
41:54 And as you hover over these things, you get real time like autocomplete for like the meaning of that section.
42:01 And like a full explanation in the top right too, which can be really helpful.
42:04 Absolutely.
42:05 Because so often when I look at this kind of stuff, it's right only, you know, like I got it working and I can't decipher it again.
42:12 So you can put it back in here and come to an understanding, which is cool.
42:15 All right.
42:16 One more thing real quick.
42:18 A new video on my Python short series that I'm doing.
42:20 Do you even need loops in Python?
42:22 People can check that out.
42:24 So it's really about list comprehensions and fun stuff you can do with list comprehensions in Python.
42:27 So I've been having a lot of fun with that.
42:29 And the open verse sounds very interesting for grabbing content to throw in some of those videos as well.
42:34 Oops.
42:34 Yeah.
42:36 Absolutely.
42:36 All right.
42:37 Well, that brings us to our joke, I do believe.
42:39 All right.
42:40 You all ready for it?
42:40 I have one.
42:41 There's a...
42:43 Oh, yeah.
42:43 I found a video.
42:44 Sorry.
42:44 This got shared in...
42:47 Speaking of Python loops, I don't know that I'm going to be able to show it, but well, fingers crossed here.
42:51 I...
42:53 This video was shared in a work channel recently, and I'm not going to be able to show it.
43:00 But it's a snake that is moving around a box.
43:04 Oh, here we go.
43:06 Perfect.
43:06 Oh, I love it.
43:08 Speaking of Python loops...
43:11 So you really don't need these Python loops.
43:13 Yes, exactly.
43:14 Oh, my God.
43:15 It's a Python slithering around a box, which is rotating it in a circle.
43:19 Here's a simple loop with Python.
43:21 And it also...
43:22 The snake isn't moving anywhere because of the way that it's slithering.
43:25 So anyway, you really don't need loops.
43:28 I love it.
43:30 That's awesome.
43:30 Roller out there says, the new Python short channel is great.
43:33 Thanks, Michael.
43:34 And Alvaro says, I usually test my regex with set and grep on the command line.
43:38 This seems easier.
43:39 That thing is awesome.
43:41 All right.
43:42 So I've got a joke that is not my joke, but is from instead Josh Thurston.
43:47 He sent them in a little while ago.
43:48 So there's kind of three together in sequence.
43:51 So here we go.
43:52 How did the hacker get away from the police?
43:54 He just ran somewhere.
43:57 Boo.
43:57 Oh, that joke makes me want to cry.
44:01 Oh, my goodness.
44:01 Where do you find a hacker?
44:05 Indie Crypt.
44:06 Oh, my goodness.
44:07 Oh, they're so bad.
44:08 These are full...
44:09 Hold on.
44:10 I'll add them to the stream as well.
44:11 Those are full-on dad jokes right there.
44:13 That's two thumbs down in a good way.
44:15 Absolutely.
44:17 Like overflows the bad buffer and becomes good again.
44:20 Yeah.
44:21 Wow.
44:21 Fantastic.
44:23 All right.
44:24 Well, speaking of fantastic, great to have you here, Madison.
44:26 Thanks so much for having me.
44:27 As always.
44:27 It's good.
44:28 You're welcome.
44:28 Yep.
44:29 Talk to everybody later.
44:30 Yeah.
44:31 Thanks, everyone.
44:31 Have a good one.
44:31 Thanks for listening to Python Bytes.
44:33 Follow the show on Twitter via at Python Bytes.
44:36 That's Python Bytes as in B-Y-T-E-S.
44:39 Get the full show notes over at pythonbytes.fm.
44:42 If you have a news item we should cover, just visit pythonbytes.fm and click submit in the
44:47 nav bar.
44:48 We're always on the lookout for sharing something cool.
44:50 If you want to join us for the live recording, just visit the website and click live stream to
44:54 get notified of when our next episode goes live.
44:57 That's usually happening at noon Pacific on Wednesdays over at YouTube.
45:02 On behalf of myself and Brian Okken, this is Michael Kennedy.
45:05 Thank you for listening and sharing this podcast with your friends and colleagues.