Transcript #341: Shhh - For Secrets and Shells
Return to episode page view on github00:00 Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to your earbuds.
00:04 This is episode 341, recorded June 20th, 2023, and I am Brian Okken.
00:11 And I'm Michael Kennedy.
00:12 This episode is sponsored by us.
00:14 If you want to support us, you can take one of the courses at Talk Python Training.
00:18 There's an excellent pytest course there.
00:20 And please check out Test and Code podcast and a book about pytest if you're curious.
00:26 We also have Patreon supporters, so thank you, Patreon supporters.
00:29 If you'd like to talk to us or suggest something, we've got a contact form at pythonbytes.fm.
00:37 But you can also send us something on Mastodon.
00:41 We're all at fosstodon.org, at mkennedy, at Brian Okken, and at Python Bytes.
00:49 And we check those regularly.
00:50 Let's hit it off.
00:52 Michael, what do you got for us for the first topic?
00:54 I'm going to back up what you just said, Brian.
00:57 Okay.
00:57 The very first item comes to us from Mario Munoz.
01:00 Thank you, Mario.
01:01 Right on Mastodon.
01:02 Awesome.
01:03 Mario says, the Pydantic roadmap looks interesting.
01:06 I especially like the combination of analytics and observability.
01:09 Looking forward to what the team ends up building.
01:12 So the first thing I want to talk about is this thing that Mario referenced pointed us at.
01:16 The Pydantic 2.0 roadmap, or more specifically, Pydantic Incorporated.
01:22 So recall Samuel Colvin, excellent guy.
01:24 Got to hang out.
01:25 We both got to hang out both with Mario and Samuel at PyCon this year, which was fun.
01:29 And he announced Pydantic Incorporated, which is a company around building data tools, somewhat
01:38 around Pydantic and Rust and those kinds of things for the Python and larger space, the larger
01:44 developer space.
01:44 But it didn't have a ton of details of exactly where they were going.
01:49 So this roadmap is two things.
01:51 It is a hint on what Pydantic Inc. is going to be about, what kind of tools Samuel and
01:57 team are going to offer.
01:57 There's also a call to action to help them choose the right direction so that when they
02:03 go off building things, they might build something that you actually would want to use.
02:06 Oh, cool.
02:07 Yeah.
02:07 Right.
02:08 And so it says, look, in return for giving us honest feedback, you have the option to get
02:14 early access, get inside the closed beta, all those things for the platform.
02:18 And if you're familiar with Pydantic, you know, it's all about data exchange, data validation,
02:23 strong schemas where there are none and those kinds of things, right?
02:27 Bringing sanity to your data, as they say.
02:29 So there's two tacks here.
02:31 Samuel says, well, first, before going into what we might build, I want to tell you what
02:35 we're not building.
02:35 We're not building a new database or query engine.
02:38 They're not going to be building or pretending that non-developers or AI can do the job of a
02:43 developer, right?
02:44 They want to accelerate developers' workflows.
02:47 So for example, they're going to have CLIs before they have GUIs.
02:49 And they're not doing 314 integrations into every conceivable technology, right?
02:55 Think Zapier or something like that.
02:57 If this, then that.
02:58 And finally, they're not going to have an SDK for every language.
03:02 They're just focusing on a few languages with Python right up front, I'm sure.
03:05 So it says, how can you help?
03:07 Well, give us feedback on the five different things that they're considering.
03:11 Okay.
03:11 Okay.
03:13 Number one, this is the one that Mario liked.
03:16 Python analytics and observability.
03:19 A logging and metrics platform with tight integration with Python and Pydantic designed
03:25 to make the data flowing through your application more readily usable for both engineering and
03:30 business analytics.
03:31 Right?
03:31 So if you're doing, say, FastAPI, exchanging data, right?
03:35 Over at Python bytes, like all the stuff coming to you has come through Pydantic classes because
03:41 we're using Bini as the database access layer, which is based on Pydantic, if you don't know.
03:45 Okay.
03:46 So that's the analytics and observability.
03:48 Another one is a couple angles here around data gateways for object stores.
03:53 So think S3, something, you know, Azure blob storage, those kinds of things, visualization spaces.
04:00 So a gateway for your object store.
04:02 So add validation, transformation, and cataloging in front of things like S3 with schemas defined
04:08 and Pydantic models and then validated by their Rust service.
04:11 Or same idea, but integrated into your existing data warehouse.
04:15 Number four is a schema catalog.
04:17 For many, Pydantic already holds the highest fidelity representation of data schemas.
04:22 So if you had a schema catalog, it could take that to the next level, serving as an organization
04:27 wide single source of truth for those schemas.
04:30 So if you've got a bunch of different, different apps or whatever, especially across language,
04:35 maybe that languages that's that talk to certain data stores, certain APIs, like might be some
04:41 kind of central store that says, this is what it looks like.
04:44 And here's how you maybe generate classes to talk to it.
04:46 Finally, dashboards and UIs powered by Pydantic models, a managed platform to deploy and control
04:52 dashboards, auxiliary apps, and internal tools where everything from UI components like forms
04:57 and tables to database schema would be defined in Python using Pydantic models.
05:01 So they go into a bunch of details with code samples of what they actually might look like
05:06 if you were to go down one of these paths.
05:08 But I'm just going to leave it here and say, encourage everyone who cares about this to go
05:12 participate in Samuel's survey so that they get the right feedback that they need.
05:17 Is all of the above an option?
05:19 Because that all sounds great.
05:20 Yeah, that sounds pretty good, doesn't it?
05:21 Yeah.
05:22 And some of these don't really apply to me, like a schema catalog for the whole company, right?
05:27 Like it's me, sometimes me and another developer.
05:30 So it's, you know, but if you were in a large organization, even a handful of people or a couple
05:35 of software teams, it's just to get real valuable.
05:38 I think they all look great, but the data gateway for data warehouses and for object stores,
05:43 it sounds really cool because, I mean, that's a sort of, actually, the, yeah, they all look
05:51 pretty good.
05:51 I was curious.
05:52 So you use Pydantic now, right?
05:54 So what happened?
05:56 So I know one of the things it does is it filters out like stuff that, or it sends a,
06:01 like an error code or something.
06:03 If you try to send data and it's not the right type or the right kind of data, is that reported
06:09 somewhere?
06:10 Or is that part of the analytics and observability thing?
06:12 Because...
06:13 I think that would be analytics and observability because right now it just appears as an exception.
06:17 And if you have integration with something like Sentry or one of them other things, then
06:21 it would, you know, report it as an exception with some details.
06:24 But that's, I don't think that's what they're thinking.
06:26 I think they're thinking much more, you know, even possibly like success data going through.
06:31 Oh, yeah.
06:32 Yeah.
06:32 Like really see how people are using an API.
06:35 So, or using an entry point.
06:38 I think that's, that looks pretty cool.
06:40 Yeah.
06:40 It does look pretty cool.
06:41 Nice.
06:43 Well, over to you.
06:44 I'd like to talk about shells.
06:47 So out of the web and into talking with, talking with your operating system, kind of.
06:52 So I want to highlight an article called the right way to run shell commands from Python.
06:59 So it's not, I guess it's not really necessarily shell commands, but kind of.
07:03 So when you're, when you're writing some Python programs have to interact with the operating system
07:09 for things like file system things or starting other applications.
07:13 And there's various ways to do that.
07:16 But one of the, I guess, I guess that's kind of part of this article is talking about some
07:21 of these tools.
07:22 So there's a, it starts off with talking about natively into Python.
07:27 So some things that you might not, when you start having to think I have to interact with the,
07:32 with the shell, you might not have to actually, like there's path lib that can, can do quite
07:38 a bit for you and you can create temp files and stuff like that with a temp file package.
07:43 And there's a shutil, which is, I guess, pretty good.
07:48 And, and I've never used syslog or, or signal, but those things are around.
07:53 Okay.
07:54 So those are, those are things built into Python.
07:56 So make sure that you check out the things built into Python already.
07:59 But then there's, there's a couple other different modules that might help the OS module.
08:06 He's kind of using, going this backwards is, is probably don't directly reach for the OS module,
08:12 but there's a few things in the OS module that are really great.
08:16 Like to get your, get, get environmental variables, like get the path variable or something.
08:21 You can use OS get, get env.
08:23 And there's a few other things like getting username and stuff.
08:27 But the, I guess, get you name.
08:31 I don't know what that is.
08:32 Is that username?
08:32 I don't know.
08:33 But anyway, the, so there's a few, a few things in the OS module that are interesting that you're
08:40 probably not looking there.
08:42 I often have, have used sub process and this is, I guess, a reminder that with modern Python
08:49 development, you, if you're using sub process, you probably want sub process run, even though
08:54 there's a lot of other legacy stuff in the sub project, sub process.
09:00 Yeah.
09:00 Open and P open.
09:02 Yeah.
09:02 P open, for example.
09:03 Yeah.
09:04 Yeah.
09:04 And call.
09:05 You probably don't want those.
09:07 What you probably want is run.
09:08 Run is kind of a catch all that works for most things now.
09:13 Because I, I really like, doesn't show it in the example, but there's, there's options in run to just turn on like in encoding.
09:24 Here's the encoding bit that says, you know, turn it, turn it on.
09:27 And there's the standard end.
09:28 Oh yeah.
09:28 There it is.
09:29 Capture standard capture output equals true.
09:32 So that's the, is, is so that you can capture the output.
09:34 That's often what I want to do if I'm running a program is find out what its output is.
09:39 So this is handy.
09:41 the, however, one of the things that I haven't used, this, this article, Martin Hines, mentions, there's one right
09:50 way and in his, for his opinion, the right way is use the, third party package.
09:55 which is that, which is a very unsearchable package name called the essay.
10:01 You don't even want to talk about it.
10:05 So I have no idea if anybody's written about this because it's really hard to Google SH because
10:10 it's everywhere.
10:11 but it's kind of a neat package.
10:14 so I, I looked it up of course, and it's, tested on all sorts of versions
10:21 and downloaded a ton.
10:23 So 3.9 million a month, look at the stars, 6.6 thousand stars.
10:29 So, fairly popular package.
10:31 So most of you probably already know about it.
10:33 but the.
10:34 It's just us, Brian.
10:35 We didn't know, but there's, it's kind of neat.
10:38 There's what it is, is you've got commands that are, that are just kind of look like
10:43 they did before.
10:44 Like LS is sh.ls.
10:47 That's kind of neat.
10:48 And you can pass in arguments.
10:50 what's, some of the others.
10:52 Like, I'm going to go over to the documentation.
10:55 You've got LS.
10:56 You've got like, what else?
10:58 Oh, I guess it just has LX examples.
11:02 Get.
11:03 Yeah, get that.
11:04 That's cool.
11:05 Anyway.
11:06 find.
11:07 There's a few others.
11:08 There's a, there's a bunch of others.
11:09 Actually, it's a pretty big package and it isn't, it isn't a rewriting of all of these
11:14 things.
11:15 It's actually talking to your operating system.
11:17 So that's the catch.
11:18 It's talking to a, a, a Unix like operating system.
11:22 So it works on Linux.
11:23 It works on Mac.
11:24 It will not work on Windows apparently.
11:26 So.
11:27 Unless you're using Windows, Linux subsystem for a window.
11:30 Wait.
11:30 Yeah.
11:31 Linux subsystem for Windows.
11:33 Maybe.
11:34 yeah.
11:35 Or Linux, I guess it is.
11:36 Yeah.
11:36 Anyway, the, the embedded Linux, you can run on Windows if you want.
11:39 Okay.
11:39 Cause that's just Ubuntu.
11:40 So it should work.
11:41 Perfect.
11:41 One thing I like, if you scroll up just a little bit here so I can point at you on it.
11:44 So it says, actually it's down on one page.
11:46 It says, what you can do is you can say sh dot ls or you can create a command like any,
11:53 any executable you want.
11:55 You can just say sh dot command and you give it the path to the executable.
11:59 Oh, right.
12:00 And then the arguments can be passed as if they were a function call on that resulting thing.
12:05 So instead of like chaining it all together, you could say like create the git command and
12:09 then you could do a, a git parenthesis, you know, check out comma main or prod or whatever.
12:15 Right.
12:16 That's a pretty cool way to integrate with the command line there.
12:19 Yeah.
12:19 That is pretty neat.
12:20 So, and that, that'll work with even your, like, like you said.
12:23 So if you look at the next example down right below the ls underscore command.
12:27 Yeah.
12:28 Yeah.
12:28 Custom CMD is what it says.
12:30 Yeah.
12:30 So your own command, you can, you can have it run something and have the arguments listed.
12:35 It's pretty neat.
12:36 It'd even be another Python command.
12:38 You might think, why would I ever do that in Python?
12:41 But, you know, maybe that's coming out of a different virtual environment with like some
12:44 setup that's got a bunch of things that you're not integrating into your system.
12:48 I don't know.
12:49 There might be reasons.
12:49 Or you're using, so, like if you're using, what click or was the typer, they
12:59 have built in test frameworks, but if you have another, a different, command line interface
13:03 that you're testing against, it might not have a way to run the commands directly.
13:07 So you could use this to run a Python command for testing.
13:10 Yeah.
13:10 So neat.
13:11 A couple of, live stream comments, Brian.
13:15 Michael says, the Michael, Michael W.
13:17 Every time I fall back to OS dot system out of habit, I feel like the old guy measuring
13:21 his gas mileage and rods for hedgehog's head.
13:25 I love it.
13:26 And then Henry Schreiner out there says there's also a plumbum of which he's been a maintainer
13:32 since 2000.
13:33 Similar to SH, but he's not, well, not really up on them both well enough to like give a comparison.
13:40 He doesn't know SH that well.
13:41 I will check out plumbum.
13:43 Nice.
13:43 Cool.
13:44 Thanks guys.
13:45 Well, what you got for us?
13:46 I think.
13:47 Oh yeah.
13:47 No, we got one more.
13:48 Don't we got another one.
13:50 So over here I've got, or do we want to do an end?
13:53 Well, encourage people to check out the courses over talk about on training.
13:57 Always supports us that way, including the pie test course.
14:00 Check out the new mobile app that we built and check out the pie test book.
14:03 That's really supporting our work.
14:05 that way is really the best way to support the podcast and visit and visiting the sponsors
14:09 when we have other sponsors.
14:11 But I want to talk about buying and selling your data.
14:14 So there's an article on PCMag of all places that I got this, that talks about a report released
14:21 by the Office of the Director of National Intelligence, ODNI, which pretty much I'm going to refer to
14:29 them from here on out.
14:30 ODNI released this, or declassified this report from January, 2022.
14:37 And the headline is the U.S. says, United States says, yep, we're buying your data, including
14:42 your embarrassing secrets.
14:43 Digital information can be purchased from commercial data brokers and de-anonymized to ID the person
14:49 it is tied to, including U.S. citizens, says the ODNI.
14:52 That's a little disturbing.
14:53 So when you, you know, when you go to, you know, that ad-ridden website that has 29 trackers
15:00 and 42 ad networks on it, right?
15:04 They're collecting a bunch of data, but that same network is on a bunch of other sites
15:08 and they're pulling all those things together.
15:09 We have these data brokers who gather all that information, but also really, really frustrating
15:14 things where they buy and sell your credit card data and you don't get to say whether or
15:20 not you want your credit card data for sale.
15:22 I'm pretty sure it was T-Mobile.
15:24 There's one of the mobile carriers who was selling your location data and you didn't get to opt
15:29 out of it.
15:30 Just like, well, you're using your phone, right?
15:32 Just so why isn't that for sale?
15:33 And all of that stuff gets combined into like a profile on you, right?
15:37 A shadow profile.
15:38 And so the news is that the declassified report here talks about how the U.S. has been buying
15:46 large amounts of this type of commercial information for purposes of spying and other intelligence
15:53 related things.
15:54 Right.
15:54 And to some degree, I support what the U.S. does with national intelligence.
15:59 You want them to keep us safe and things like that.
16:02 On the other hand, this seems really out of bounds, right?
16:05 Like I think the report itself even said the declassification report prompted Senator Wyden
16:12 to call on the U.S. government to rein in unchecked surveillance.
16:15 And according to the report, ODNI does not even know which agents are doing this and said
16:22 if the government can buy its way around the Fourth Amendment, the required must have a reason
16:28 to search people and their properties due process.
16:31 Then, you know, what's the point of it, right?
16:33 So that's basically what this report goes through and talks about.
16:37 And yeah, it's not terribly scary, but it's just another reminder that you should be, when
16:44 you go to a website, like if you go to say CNN.com or somewhere else and you get a big pop-up,
16:51 don't you want to support us?
16:52 Unblock your ad blocker, right?
16:54 It's not just about selling the ads, right?
16:57 It's about, you know, willingly feeding yourself into surveillance pipelines, into retargeting
17:05 pipelines that might change the price you pay for insurance or determine whether or not
17:10 you're eligible for a mortgage, not because of what you present, but because of, you know,
17:15 some back-channel thing that has been discovered about you in some way that you didn't intend
17:19 to or probably, you know, maybe doesn't even make sense, right?
17:22 Yeah.
17:22 Accidentally clicked a link and now you're marked as something that you didn't necessarily
17:26 mean to be, right?
17:27 So anyway, you can, people can look through this.
17:30 I just want to encourage, encourage folks to like, as they think about working with ad
17:35 companies, they think about creating these products, just, you know, probably less ads,
17:38 right?
17:38 Over at Python Bytes, go to one of these.
17:41 We have our ads right here.
17:42 I have like the most intense ad blocking you can get pretty much.
17:45 And what do we see right there?
17:46 An ad from Influx Data because we're not retracking you.
17:49 We're not targeting you.
17:50 You don't see a cookie banner because there's no cookies.
17:52 Right.
17:52 There's no third-party cookies.
17:54 And this, this is certainly possible.
17:57 So I encourage people to use browsers such as Vivaldi or Brave, not Chrome, that do not
18:02 track you as well as NextDNS.io.
18:05 I put a link to that in the show notes.
18:07 So NextDNS, got to spell that right.
18:10 Which is, this is awesome.
18:12 I talked about it before, but like on your mobile phone app.
18:14 So for example, Flipboard is a thing you flip through when you're magazine ads or Apple
18:19 News, when you open it up.
18:20 Those are still full of ads, even if you've got an ad blocker installed on your browser.
18:24 Right.
18:24 But once you put this on your local network, then everything has ad blocking built in, even
18:29 your mobile apps, which is pretty excellent.
18:31 That's pretty cool.
18:32 Yeah.
18:33 And I highly encourage people with like lots of non-tech savvy people in your household
18:39 to turn this on so that people that can be protected.
18:42 Anyway.
18:43 The only trick is it's a little bit challenging to turn it off because it's like a router setting
18:49 for the whole system.
18:50 Okay.
18:50 And so what you can do is you can set up DNS over HTTP on your browsers, right?
18:55 So that way, even if you're not at home, it still works.
18:58 But also I have a second browser, a second browser that if I have to turn off that, I
19:03 set its HTTPS or DNS over HTTPS to a non-blocking one.
19:08 So I can turn on the ads with that browser explicitly, like to get around this so I don't have to configure
19:13 things.
19:14 But it's a tiny bit of a hassle, but it's super worth it.
19:17 Another thing, you talked about ads, but there's also tracking analytics.
19:23 So a lot of people are not doing any ads, but they're just curious about how good their site
19:30 is working and stuff.
19:31 So they turn on Google Analytics or some other analytics.
19:34 And a lot of analytics are kind of awful about collecting and selling data.
19:41 You might get a little bit of value.
19:43 Google gets a lot of value from seeing everybody that goes to your website.
19:46 So I do like a lot of people switching to other types of analytics, collecting download
19:53 counts.
19:53 A lot of times you're just your host can do that.
19:56 You don't need to put that in cookies or anything like that.
19:59 Exactly.
19:59 Exactly.
20:00 That's what we did as well.
20:01 I do want to point out one final thing.
20:03 I do find it kind of ironic.
20:05 I don't know really what you do about this in life.
20:07 So this article is on PCMag, which is a nice, well-written article by Michael Pan.
20:12 If I go to search that in Haggy and I pull it up, Haggy has like a privacy report on the
20:18 right-hand side of all these things.
20:19 19 trackers and blockers, including advertising, Google email aggressive, fingerprinting, email
20:25 invasive, fingerprinting, on and on and on.
20:28 It's like, well, okay.
20:29 Wow.
20:29 As you go to learn about how this is not ideal, you only get 19 trackers put on you.
20:36 Yeah.
20:37 Yeah.
20:37 Okay.
20:39 Maybe one final thing here is Daniel points out, PyHole DNS ad blocker has a feature that
20:45 lets you disable ad blocking for a period of time.
20:47 Interesting.
20:48 And so the next DNS thing is like PyHole as a service, basically.
20:52 So there's some more.
20:53 Interesting.
20:54 Okay.
20:54 All right.
20:55 Well, on a slightly brighter note, maybe, let's talk about pytest.
21:01 Yes.
21:02 So Frank Wiles wrote an article for Rebsys titled Pro Tip, pytest fixtures are magic.
21:09 They're not really magic, but they kind of look like magic.
21:13 They seem like magic.
21:13 So I just wanted to highlight this because it was a pretty, fixtures are the part of pytest
21:22 that is the brain shift.
21:23 So when you get into pytest, understanding fixtures is the big thing that is difficult
21:31 to get your head around.
21:32 So that's why I really appreciate the article kind of talking through that.
21:37 And fixtures, if anybody is unfamiliar, you can kind of think of them like setup and teardown.
21:43 They run before and after your test.
21:46 And well, parts of it run after if you set it up, if you need to.
21:50 Now, Rebsys does a lot of work with Django.
21:54 So this is articles talking about the idea of like you to test your like, let's say you have a,
22:02 it has a like, it's the hypothetical scenario that you've got a feature where like you're testing a workflow where you have,
22:10 you want your, you need to, you got to have different users.
22:14 You need to create an owner because you want to see if you can filter swear words out of comments.
22:20 So in like something in, and so in like in GitHub or something, you'd have to create an organization and then create a user and then have a public repo and a private repo to be able to test your functionality.
22:31 And there's a lot of setup.
22:32 And there's often a lot of setup needed for a lot of, a lot of software projects.
22:37 So fixtures are helpful.
22:38 So that's the setup he gets through, goes through just talking basically about how to use them.
22:44 Fixtures are just a function that's decorated with pytest.fixture.
22:49 And you use it by, in the test, you just call the, you put the function name, the name of the fixture in the parameter list.
22:56 And it magically just happens for you.
22:58 And that's the magic part.
23:00 The, one of the things I really like is it goes, kind of goes into depth of even more than that.
23:05 They're kind of cool.
23:06 You can compose them.
23:07 Fixtures can use other fixtures and you can use more than one.
23:11 It's kind of neat.
23:11 It goes through talking about also that they can return things.
23:18 So they can return either just simple data like strings or numbers, but they can also return dictionaries and objects and instantiated things.
23:28 And they can even return a function that can create things for you.
23:32 So, so there was kind of a, a neat example.
23:36 He, he returns, he has a fixture called make user that returns, that returns a new user created.
23:45 It's a, it returns a function that you can call to create a user with parameters and stuff.
23:50 So that's kind of a neat example.
23:51 It's like a fixture factory.
23:53 Yeah.
23:53 Like, yeah.
23:55 Oh yeah.
23:55 Like an object factory returned as a fixture thing.
23:58 So yeah.
23:59 Yeah.
24:00 And another example with like a, a make, a make admin fixture that call, that returns a function that can create an admin user.
24:07 So that's kind of neat.
24:09 One of the things that was new that I hadn't seen, which is kind of a cool idea is how to organize your fixtures.
24:16 So he talks about putting, he's got like, let's say a big Django project and each of the, each of the different Django applications within the project have, have their own tests.
24:30 And within those, there's a fixtures file.
24:32 You know, you can't use that directly there.
24:35 There, this is a trick that they're doing is sticking the fixtures in a, in a file called fixtures.
24:40 And then at the top level, having a conf test file that imports those just imports everything out of it.
24:46 And at first I've been like, why wouldn't you, why would you do that?
24:49 Why don't you just put conf test files there?
24:51 And his reason, whether you think he's sane or not, the reason is so that you can keep the code local to the application that's using it.
25:00 And maybe it's a, maybe it's even a sub, a sub project or sub get repo or something, who knows.
25:07 But at the top level, the top level, you can, you can have access to it.
25:10 So any test can access any fixture within any other application that may or may not be a good thing for you, but, but it's kind of a cool idea.
25:19 And then talks about how he talks about how plugins can have fixtures.
25:25 There's also, there's a, the excellent pytest Django, a plugin that has things like a DB, which marks your tests that creates the database for you before you start.
25:35 And a client that, you know, it makes it that's, I'm, I'm learning Django right now and I'm using pytest Django and it's pretty awesome.
25:42 And then RevSys itself has a, an extension called Django test plus, which has a thing called TP and that has, has some extra cool features that, that aren't out of the box with, with pytest Django.
25:58 So that's kind of fun.
25:59 The last bit.
26:00 And even get requests like within the app.
26:02 Yeah.
26:03 Yeah.
26:04 Yeah.
26:04 And tests for the response.
26:05 Yeah.
26:05 A lot of, kind of like what you would do with requests, but inside without actually going through the network.
26:09 Right.
26:10 And it's, it's very similar to the, the, the unit test framework around the Django built into Django also, but it's, and I'm glad that the Django, Django test plus and the Django pytest plugin are pretty consistent with the unit test.
26:27 So if you want to switch back and forth, it's not that hard.
26:30 And as a reminder, you can run unit test functions.
26:33 You can from pytest also, but why would you?
26:36 The last bit I want to highlight, and I have reached out to, reached out to Frank, but haven't heard anything back.
26:44 He has an example on auto use.
26:45 It's just wrong.
26:47 So don't take his word for it.
26:49 The auto use is cool.
26:51 Auto use makes fixtures just run automatically before your tests without having to call them out.
26:56 But there, it's really hard to come up with a good toy example for why you'd use it because there aren't very many good examples for why you would use it.
27:04 It seems magical at first.
27:06 And then it suddenly doesn't take long to go, wow, I really should be careful with that because you should be careful with it.
27:11 This example shows that a global value being set with a fixture.
27:16 And that's just not true.
27:17 It doesn't do that.
27:18 If you want to get the object, the out, the return value of a fixture, you have to name the fixture within the test.
27:25 So that's about it, really.
27:27 It's a pretty fun introduction to fixtures.
27:30 Yeah, they could fix it up by just having a variable in the module and saying global and then set its value, right?
27:36 Like you would with any other Python function.
27:37 Yeah.
27:38 Yeah, if you wanted to.
27:39 The other thing I wanted to point out is he says tempter is a really cool built-in fixture.
27:44 And it is, but it's kind of deprecated.
27:46 Temp path is what we try to get people to use now because it uses Pathlib and Pathlib is awesome.
27:52 So anyway.
27:54 Indeed.
27:55 Tony Sherman has been on the same journey and says, it seems so great auto use at the beginning and things blow up quickly.
28:02 Yeah.
28:03 Brian, can you open up a website for me?
28:05 Sure.
28:06 Before we move on as a piece of follow-up for plausible.io.
28:09 So Pat Decker, former co-guest host about a year ago, says plausible is the open source option alternative to Google Analytics, which is GDPR compliant and doesn't set third-party cookies.
28:22 If you scroll down, you can see that somewhere in there.
28:24 Cool.
28:25 Why did I ask you to open it?
28:26 Why didn't I just open it on my share?
28:28 Because my next DNS blocks it like it does everything else until I clear the DNS out of my web browser, which is going to, oh, it finally came back.
28:36 It took a while.
28:37 Even though I low-listed it so I could pull it up.
28:39 But yeah, it looks pretty interesting.
28:41 I had not heard about that.
28:42 So thank you, Pat, for that shout out.
28:44 That certainly seems like a, I know nothing about it, but what I've already learned is it looks like a mega improvement over the other types of retargeting, feeding, third-party cookie drop-in.
28:55 So pretty cool.
28:57 Thanks.
28:57 Cool.
28:58 Yeah.
28:58 I have no extras, believe it or not.
29:00 You have no extras.
29:00 So it's all you.
29:01 Okay.
29:01 Well, I got a couple of extras.
29:03 I ran across this fun tool or fun contest.
29:09 The International Obfuscated Python Code Competition.
29:14 I know that those existed for C and Perl, but I didn't know that we had a Python one.
29:21 Submissions are due tentatively by August 30th.
29:25 And I have nothing, no idea about who's running this.
29:29 But it looks fun.
29:31 Oh, probably the judges.
29:33 So Julius, Kevin, Shane, and Anonymous.
29:36 Anonymous will judge you.
29:37 Yeah.
29:38 But I'm just curious if, I know that it's possible to write out a terrible Python code, but I'm looking forward to seeing the results.
29:49 Next up, there's a quick, we talk about a lot of things that are using Rust to speed up parts of Python.
29:57 So there's a decent article called Porting Python Objects to Rust.
30:02 I think it's decent.
30:03 I haven't walked through it to see if you can actually do this.
30:05 But the recommendation here is if you've got a Python project that you'd like to replace all or part of it with Rust, go slow and port pieces of it at a time.
30:16 Iterative porting.
30:17 So there's a lot of things that I've thought about or cool Python tools that'd be kind of neat if part of it was sped up with Rust.
30:27 Step one, learn Rust.
30:30 Step one.
30:30 Or step one, have a podcast where you convince other people to write it in Rust.
30:35 That's right.
30:37 Also an option.
30:38 Yeah.
30:39 Anyway, that's all I got.
30:40 All right.
30:41 Cool.
30:41 Those are good.
30:41 Final one here is Henry points out that scientific Python uses it possible on their website, presumably.
30:47 Okay.
30:48 Okay.
30:48 Ready for a joke?
30:51 Well, almost.
30:52 I would like to encourage people to submit questions to our Ask Me Anything.
30:57 Let's see.
31:00 Do we have a link for that?
31:01 We do have a link for that.
31:02 And the link is, which, yeah, I was going to mention that and then somehow didn't, didn't I?
31:08 It's pythonbytes.fm/AMA2023.
31:11 I'll put a link in the show notes.
31:13 Okay.
31:13 Link will be in the show notes.
31:14 And it'll look something like this.
31:16 Indeed.
31:17 Indeed.
31:17 And we've got a bunch of great comments and thoughts and very kind messages in there as
31:21 well.
31:21 So much appreciated.
31:22 We're going to do our Ask Me, Ask Us Anything in, I think, July 11th, if we can make it work
31:29 then.
31:30 We'll confirm as we get closer, but that'd be a fun one for a lot of people to attend live
31:33 if they could also ask us stuff.
31:35 Yeah.
31:35 It'll be good.
31:36 Sure will.
31:36 All right.
31:37 Ready for a joke now?
31:38 Yes.
31:38 So Stack Overflow is pretty awesome, right, Brian?
31:41 I mean, it's a huge resource if you want to find something, right?
31:45 You got some kind of problem, especially if it's kind of outside the realm of your usual
31:49 expertise.
31:49 You're like, ah, I got to work on, get to work on this JavaScript thing.
31:53 I don't know how it works.
31:54 If I just Google it, maybe someone else had the problem or, you know, something's not working.
31:57 Yeah.
31:58 But as a social network, it can be a bit of a rough and tumble place.
32:02 Come in here and it has this picture of this, this guy wearing a t-shirt offering like a
32:09 bouquet of lavender flowers or something he just picked up off of the, you know, like
32:14 along the side during some protests.
32:16 And there's these like cops or military folks in like armor.
32:19 And he tries to offer it to one of them.
32:21 It says, me asking a question on Stack Overflow.
32:23 And then immediately they swarm him and like, you know, put him in a neck lock and stuff.
32:29 It says, marked as duplicate.
32:30 It's always marked as duplicate.
32:33 Yeah.
32:33 And that's the easy one.
32:35 It can be a brutal place.
32:38 Yes, it can.
32:40 I find it better as read only.
32:41 Yeah.
32:43 Yeah.
32:44 But it is one of those handy places that happens to have, like when you, when you just take a,
32:49 your actual error message and Google it, it often lands in Stack Overflow somewhere.
32:55 Yes, it does.
32:55 So it is often helpful.
32:57 You're willing to take a little abuse.
33:00 If you want to get a headlock.
33:02 Yeah.
33:02 Yeah, exactly.
33:03 Nice.
33:05 I also heard that like recently, there's been a bunch of Stack Overflow like issue moderators
33:11 and stuff that.
33:12 Reddit.
33:12 Oh, was it Reddit?
33:13 Reddit blackout.
33:15 Yeah.
33:15 So the CEO, we got the guy's name, the CEO of Reddit decided that they were going to monetize
33:22 the API of Reddit because like Twitter did a little bit.
33:26 Twitter wanted to kill off the third party clients just to make them go away.
33:30 So they had more control.
33:31 Right.
33:31 That was sort of one of the things that happened when us took over.
33:34 So they didn't quite want to do that.
33:36 They wanted to charge money for the API because they're not showing ads for the mobile apps.
33:40 And Apollo was the mobile app that was most is, I guess, maybe was more accurate.
33:45 It was most popular.
33:46 And in order for that app to keep running, I think they have to pay $20 million a year in
33:51 API fee call fees.
33:53 So they're like, well, we don't make that much money.
33:55 We're shutting down.
33:55 And so they're effectively killed off all the third party clients, which set off a protest.
34:01 And the protest manifested in that people who are moderating popular Reddit areas, subreddits,
34:08 mark them all as private to say, you know, we're taking our content, our contributions of,
34:14 we put into Reddit off as a way of protesting what you're doing with the community to like
34:19 close it down and, you know, extract money from it basically.
34:22 Yeah, but also, I mean, also Stack Overflow.
34:24 So Stack Overflow is, six months ago, is, is like blocked because of people
34:32 like it'd be obviously, I think everybody on our that's listening here knows what Stack Overflow
34:37 is, but people are taking the questions and just going and pasting them in ChatGPT, getting
34:42 the answer and putting them back into Stack Overflow.
34:45 That's lame.
34:46 What even?
34:49 So apparently that's blocked.
34:52 So, yeah, cool.
34:53 Well, I sure had fun talking with you today and talking with everybody.
34:56 and, just, excited, about the future of not using AI for my software.
35:03 So thanks, Michael.
35:04 I have to go back to writing to myself as well.
35:06 Yeah.
35:06 Thanks as always, Brian.