Transcript #388: Don't delete all the repos
Return to episode page view on github00:00 Hello and welcome to Python Bytes where we deliver Python news and headlines directly to your earbuds.
00:05 This is episode 388 recorded June 18th, 2024.
00:10 I am Michael Kennedy.
00:11 And I'm Brian Okken.
00:13 And this episode is brought to you by Scout APM.
00:15 Check them out.
00:17 We'll tell you more about them as we get further into the show.
00:20 Brian, you, me, the podcast, we're all Fosstodonians and folks who want to
00:24 come hang out on Mastodon.
00:27 Doesn't have to be Fosstodon.
00:28 Talked about that last week.
00:30 That's the whole idea of Mastodon.
00:32 Go wherever you want, but we're happy to invite you to Fosstodon if you want.
00:35 yeah, find the links to connect with us over there or even, even on X these
00:40 days as well, if you wish, a lot of people are still just hanging out over there.
00:44 And listen, watch, participate live 10am Pacific time on Tuesdays, typically
00:51 links in the show notes or on the website.
00:54 Finally, if you want a handcrafted artisanal Brian Okken special summary.
01:00 And set a links of whatever we talk about.
01:02 Even if you don't listen to that episode, pythonbytes.fm, click on the newsletter, put in your information.
01:07 We won't share it.
01:08 Just want to tell you about what we're up to and keep in touch with you.
01:11 So that's pretty awesome.
01:12 That list keeps growing and people are enjoying it.
01:14 So good work on that, Brian.
01:16 There is a newsletter.
01:17 Like that's cool.
01:18 Yeah.
01:18 How about that?
01:19 Nice.
01:19 Yeah.
01:20 Cool.
01:20 We also kind of put it under the friends of the show thing, but that's a little
01:23 more indirect, you know, like I'd like, okay, click the newsletter, but you can
01:28 be a, you can sign up for the newsletter, even if you don't like us, that's fine.
01:32 Yeah, that's true.
01:32 Yeah.
01:33 And just mock the links we make, we put in there every week.
01:36 It's like pretty much the show too.
01:37 That everyone's welcome.
01:38 There probably are actually.
01:41 All right.
01:42 Well, what, what have you brought today?
01:45 All right.
01:46 I want to talk about the PSF election.
01:49 So the Python Software Foundation has elections every year.
01:52 In order to vote, we're going to talk about a little bit around what's going on
01:55 with this, but I want to highlight that you, even if you voted last year, you can't
02:00 just vote again without doing something.
02:03 And it's not difficult.
02:04 You just have to affirm your membership status.
02:07 So we've got a link in the show notes.
02:09 You just head up.
02:10 We'll talk about the dates a little bit.
02:12 I think maybe the dates are here.
02:14 No, they're another, another link.
02:16 We have lots of links for you for this, but there is the, what are we, what are we
02:21 doing?
02:21 What are we voting on?
02:22 We're voting on the new board of directors and, and then there's a few bylaws changes.
02:28 So, so head over to the first link, make sure you're either signed up.
02:32 So the deadlines are right around the corner.
02:34 So it's 25th, June 25th is when you have to make either sign up to be a member.
02:39 Or if you already are affirmed that you're going to vote.
02:44 So that's the 25th.
02:47 The, the board election, if you go to the board election, it's, there's a blog post
02:52 called it's time to make nominations for the PSF board election.
02:56 It has the timeline.
02:57 This is a great, it's got mostly all that I'm talking about here.
03:01 Their nominations are open.
03:04 They opened on the 11th.
03:05 If you would like to be nominated or nominate somebody that is up until the 25th
03:10 of June.
03:10 So the 25th of June is the close of board nominations.
03:14 It's also the cutoff date to affirm that you're going to vote or eligible to vote
03:19 or whatever.
03:19 So that's June 25th.
03:21 Then the, then we don't know who's in it because the candidate it's still open.
03:25 Other people can might enter.
03:26 And there's links, there's information in here on like what to include, because you,
03:32 you'll want some information about like who you are and stuff like that.
03:35 If you want, if you want to nominate yourself.
03:38 So the, the candidates are announced June 27th and then voting starts voting is from
03:46 July 2nd to July 16th.
03:48 So voting's in July, but we need to get everything ready in the end of June.
03:53 So that's what's going on here.
03:54 So there's it's the nominations for the board of directors.
03:58 And there's links about what's going on.
04:01 Oh, there's, there's one other data I wanted to highlight.
04:04 Can't remember where I found this, but there is a here it is.
04:09 I'm thinking about running for the board of directors.
04:12 Let's talk.
04:13 There is a June 18th session that you can office hours where you can find out more
04:19 information.
04:19 If you, if you're just curious, you'd like to know more.
04:22 That's a great place to go.
04:24 There is and then, so it's for the board of directors.
04:28 And then there's there's also three bylaw changes proposed.
04:35 I think that makes sense, but I'm not going to get into the depths of them, but
04:39 there's a link here.
04:41 Go ahead and check that out about the three things.
04:44 So one of the things that I'm really kind of excited about is this.
04:47 The first one is merging, contributing and managing member classes.
04:52 And I think that's, I think it makes sense because I sometimes I forgot which is
04:57 which, what contributing and managing means.
05:00 I think there's text on all of these.
05:04 So go ahead.
05:05 Then there's discussions going on around this too.
05:08 So anyway, elections coming up, make sure that you've affirmed your voter status if
05:13 you like to vote.
05:14 So, okay.
05:15 Interesting.
05:16 Some of these shed some light on messages I've seen on social media.
05:20 What, why are people talking about this?
05:22 Oh, okay.
05:22 I see.
05:23 Proposed changes.
05:23 Got it.
05:24 Yeah.
05:26 So, you know what I would propose Brian?
05:29 What?
05:30 If you were working for a company and you were having HR issues, let's say, what
05:36 would you say exactly you do here?
05:39 Oh, Bob.
05:39 No.
05:40 you're having HR issues.
05:42 I'm a people person.
05:44 I talk to the people.
05:45 The engineers can't talk to the people.
05:46 No.
05:47 Yeah.
05:47 Something like that.
05:48 But anyway, if you were having issues with work and you got fired and you wanted
05:53 to give them the big middle finger on the way out.
05:55 One thing I don't recommend is going to all the GitHub repositories and permanently
05:59 deleting them or deleting the logs or then replacing them with code that mocks the
06:05 existing employees or anything like that.
06:07 There's this character at Boise.
06:10 He, he seemed like a piece of work.
06:12 Let me tell you.
06:12 Mick Lewis, Daniel Brody, a real, real piece of work.
06:16 Cloud, cloud engineer.
06:17 I don't know what a cloud engineer is.
06:18 I don't know what software developers are.
06:20 I know what, anyway, he's a cloud engineer.
06:23 He was sentenced to two years in prison and a restitution of over half a million
06:28 dollars for wiping the code repositories of his former employer in retaliation to
06:33 being fired from first Republic bank.
06:35 Wow.
06:36 Wow.
06:37 So probably some kind of discrimination thing or, something he really had a reason to be upset.
06:43 No.
06:44 Why was this guy fired?
06:45 The court documents state that Brody's employment was terminated after he
06:49 violated company policies by connecting a USB drive containing pornography
06:53 to the company computers.
06:55 And then when they tried to get a work computer back, you know, after he's
07:00 done all this stuff to it, like, delete all the things and so on, he, then reported the laptops, laptop stolen.
07:07 I wouldn't give it back.
07:08 Anyway.
07:09 he may be not having a great time.
07:12 He, a couple of things he did.
07:13 He ran a malicious script named dar.sh to wipe the FRB servers, deleted Git
07:20 logs and Git commit history for that particular script, you know, props to
07:23 him for a little covering of the tracks there with the Git history.
07:26 That was clever.
07:27 I don't know how they figured that out.
07:29 Given that he...
07:30 Probably not too clever.
07:32 Nah, exactly.
07:33 Exactly.
07:34 I mean, you delete the repo and you still get that figured out somehow.
07:36 Anyway.
07:37 he accessed the GitHub repositories and deleted hosted code.
07:41 He inserted taunts in the code.
07:43 yeah.
07:45 Anyway, I just thought this was one, an amusing story, a little bit of schadenfreude.
07:50 But also people, if you're upset with your company, it is not worth it.
07:54 Two years of prison, half a million dollars.
07:56 Just walk away.
07:58 Just let it be.
08:00 It's not worth it.
08:01 A revenge.
08:01 Anyway, let me leave you with that.
08:03 Huh, Brian?
08:03 What do you think of this?
08:04 This is crazy.
08:05 I think it is, but I also, one of the things I really, okay.
08:09 I'm not like taking sides here or anything, but something that drives me nuts is a thing that some companies do that say that like, I, there's standard non-disclosure agreements for some, for exit interviews.
08:22 And some of them are generally, you can't talk about what you worked on at this company for say, like a period of six months or a year or something like that.
08:31 just because you might have proprietary information.
08:34 The thing that drives me nuts is things that say you can't, you can't, we're not going to give you any of your severance or a portion of your severance unless you promise to not ever disparage the company forever in the future.
08:49 things like that are just insidious and a, like a blight on free speech.
08:55 I think it's disgusting.
08:56 Yeah.
08:57 I don't like it.
08:58 I, I know it's a standard practice, but I don't like it.
09:00 I don't like it either.
09:02 I am really happy to hear the non-compete stuff getting shot down.
09:06 I know it's not the same as NDA, but it's in the same category.
09:09 I feel like like same.
09:10 Do they do that for people getting fired?
09:12 No, no, no, not for, but you know, when you get hired, there's traditionally been a lot of non-competes and I think it's, it was getting kind of out of control, like bakery workers or something silly like that.
09:25 Right.
09:25 You know, like really, really, stuff that you wouldn't think would be under that purview.
09:30 But I believe that I got federally shot down or is it just California?
09:34 I can't remember, but yeah, anyway, maybe, maybe this kind of stuff you're talking about as well, but I don't have a ton of sympathy for this character.
09:41 Yeah.
09:42 No.
09:42 It reminds me a little bit of the guy who, who, took down all the JavaScript folks with the NPM pad left pad.
09:50 Yeah.
09:51 And then later was arrested for making bombs.
09:53 You know, it's like, well, there's that theme here.
09:54 I see.
09:55 Yeah.
09:56 Not good.
09:57 Yeah.
09:57 I'm pretty sure that's the same person.
09:58 There's definitely a person with the same name in the same area.
10:00 Okay.
10:00 Hey, you know, what is awesome and it's not going to get you into trouble.
10:04 Scout APM.
10:06 Let's talk about them.
10:06 So if you are tired of spending hours trying to find the root cause of issues impacting your performance, then you owe it to yourself to check out Scout APM.
10:16 They're a leading Python application performance monitoring tool, APM, that helps you identify and solve performance abnormalities faster and easier.
10:25 Scout APM ties bottlenecks such as memory leaks, slow database queries, background jobs, and the dreaded N plus one queries that you can end up if you do lazy loading in your ORM, then you say, oh no, why is it so slow?
10:38 Why are you doing 200 database queries for what should be one?
10:40 So you can find out things like that.
10:42 And it links it back directly to the source code so you can spend less time in the debugger and healing logs and just finding the problems and moving on.
10:49 And you'll love it because it's built for developers by developers.
10:52 It makes it easy to get set up.
10:54 Seriously.
10:55 You can do it in less than four minutes.
10:56 So that's awesome.
10:57 And the best part is the pricing is straightforward.
11:01 You only pay for the data that used with no hidden overage fees or per seat pricing.
11:06 And I just learned this, Brian.
11:08 They also have, they provide the pro version for free to all open source projects.
11:13 So if you're an open source maintainer and you want to have Scout APM for that project, just shoot them a message or something on their pricing page about that.
11:21 So you can start your free trial and get instant insights today.
11:25 Visit pythonbytes.fm/scout.
11:28 The link is in your podcast player show notes as well.
11:30 And please use that link.
11:31 Don't just search for them because otherwise they don't think you came from us and then they'd stop supporting the show.
11:37 So please use our link, pythonbytes.fm/scout.
11:39 Check them out.
11:40 It really supports the show.
11:42 Indeed.
11:43 Brian, what's your second one?
11:45 I'd like to talk about imports right now.
11:49 So if we're just importing a package, Just like tariffs and stuff.
11:54 What are we talking?
11:54 No, no, no.
11:55 Importing code into your own code.
11:57 So imports are normally difficult.
11:59 You just say import and the package name you want to import.
12:02 No, no.
12:02 The package has to be installed already or a standard library thing, of course, like import math or something.
12:10 I'm blanking right now.
12:11 It's terrible.
12:12 But there is a blog post called Adam Johnson, which is talking about like, what if you don't want to just use the import?
12:21 If you want to import it as an object or something.
12:23 And let's say you have a string to describe the package that you want to import.
12:28 There's a thing that I didn't know about called packageutil.resolvename.
12:34 And this is actually pretty cool.
12:37 So what you do is it's in packageutil as part of the standard library.
12:41 And you say packageutil.resolvename.
12:44 And then you give it a string.
12:45 And it's got it's like it's like a package name that is also something that's installed or in something in it, like a top level item.
12:53 Like the example is pathlib and capital path, the path object.
12:59 But I tried it on one of my own projects of just like, let's say I've got some third party code that I want to import just something from it.
13:06 But I don't want to import it into the namespace.
13:08 I want to just import one thing out of there into an object.
13:12 And this is really cool.
13:13 The whole thing resolves and it's from a string.
13:15 So you give it a string with this colon in the middle and it creates it.
13:20 It creates you've got an object.
13:24 Why is this helpful?
13:24 Well, one of the I don't know how other people are using it, but I'm using it for things like testing and stuff that I don't want to like clutter the entire namespace.
13:33 I just want one object from something.
13:35 So so there's that.
13:36 Now, there's a note here that says the thing that you're importing, importing can be it can be a class from the package or a function or module or really any top level thing object within the package.
13:49 You can just resolve that and bring it in.
13:52 If you're doing if you're going to grab the whole module, you can also use import lib import module.
13:58 Of course, you can use that as well to import a thing.
14:01 And it's a little bit different syntax.
14:03 You just give it the give it the name of the package.
14:05 So there was a note at the top that says Django and some other frameworks allow you to do things like this to configure something based on a string.
14:15 And I think this is pretty cool.
14:18 I'm one of the places where I'm considering.
14:20 Yeah, anyway, I've got lots of places and tests that I'm considering using this, but but I guess I didn't know about it.
14:26 That's pretty neat.
14:27 So, you know, one area that might be useful, it comes to mind outside of testing or in addition to testing would be some kind of like plug in extension system.
14:35 So you say any any package that gets listed in this JSON file, we want it to be available.
14:42 And if you configure the app, it'll actually import it and use it.
14:44 But it might not import them.
14:46 The app doesn't know about them.
14:47 That can't be coded into it.
14:48 So you could just sort of parse that thing, try it or, you know, even scan all the packages somehow and see if they exist or whatever.
14:56 Right.
14:56 So some sort of dynamic thing like that as well.
14:58 Yeah.
14:59 Yeah.
15:00 Pulling doc strings out of a bunch of stuff to do a list of that might be.
15:04 Yeah.
15:05 Nice.
15:05 Anyway, lots of stuff you could do.
15:07 And you sure could.
15:08 Now, this last item for me here comes from Alex on a hand, just gave us a shout out and said, you know, that duck DB thing, right?
15:16 Duck TV is a little bit like SQL lite ish type stuff and in process based on files rather than separate servers, all those sort of things.
15:26 Well, that thing's getting some traction up to 4 million downloads a month off of PI PI.
15:31 But the news is it's released version 1.0 of duck TV.
15:37 And by the way, the cloud hosted product, mother duck also opened up general availability.
15:42 But the news is the announcing a 1.0.0.
15:47 And interesting.
15:48 There's a lot of conversations like, well, we could have just called it one zero as soon as we made it public on GitHub, you know, 10 years ago or whatever it was, or not quite 10 years ago, eight years ago.
15:57 But focus is really on, we want to make it super clear.
16:02 They want to make it super clear that they're focused on stability.
16:05 What's here is kind of what's going to stay.
16:08 So examples that they give, or, you know, as that thing has evolved, as duck DB has evolved, they've changed the file format around and that's created incompatibilities from different versions.
16:19 And so, for example, they're now committing to more stable back and forth, stability on the file system and things like that.
16:28 So very cool.
16:29 If you're looking for an interesting SQL like database to include into your projects, this one, you know, it's.
16:38 Quite popular, 20,000 stars, really analytical and process database rather than relational database focused.
16:45 Right.
16:46 Yeah.
16:46 You can do cool stuff like integrate it with pandas and other things like that, which is pretty cool.
16:51 Yeah.
16:51 Like for example, select star from a parquet file or a CSV file and so on.
16:55 So not meant to replace SQL light, but as that's kind of the mental model people should have, but more on data science.
17:02 Select star from a CSV file.
17:04 That sounds fun.
17:06 And by the way, this guy, Alex, Alex Monahan is in the audience says here's a backwards compatibility, for the files.
17:12 So you can just leave those files around and not have to like manage the upgrades of them and so on, which is especially tricky if they're just local files associated with an app rather than a single server that all the apps talk to where you can just manage that one thing, you know, through an API.
17:27 Yeah.
17:27 Pretty cool.
17:28 Cool.
17:28 All right.
17:29 Thanks for sending that in Alex and good job, duck DB folks.
17:33 Brian, what else you got?
17:34 I've got a couple extras.
17:36 one of the extras that I wanted to talk about was, just, it's just like a, I guess a shout out to everybody that sends us, sends us topics.
17:45 I really appreciate it.
17:46 We, we appreciate hearing what's new.
17:48 Don't assume that we've heard about it just because we do pay attention to a lot of stuff, but there's a lot to pay attention to.
17:54 So if you think it's important, let us know.
17:56 Yeah.
17:56 Right.
17:56 And I would say a lot of times people start messages like you, you, I'm sure you've heard of this and we're like, I have no idea what this is.
18:02 No.
18:03 I'm sure we have not heard of this.
18:05 Sure.
18:05 We have not covered it either, but also it helps if like three or four people send in to say, this is exciting.
18:11 Then that also helps us know that it is exciting.
18:15 Yeah.
18:15 It's pretty much guaranteed to be in on the show.
18:17 You can send it in any time, but the one request is if it's timely and it really needs to go in this week, if it shows up at all, I'm trying to send it before Tuesday because, you know, sometimes we already have our topics.
18:31 Anyway, that's right.
18:33 So right after Tuesday, a Wednesday is a fantastic day for recommendations.
18:36 Really?
18:39 Anytime is great for me, but anyway, so, a couple new, 2.0 releases.
18:45 I just wanted to shout out.
18:46 We talked about this last week, but a NumPy 2.0 is out now.
18:50 So NumPy 2.0.
18:51 So, and there's a, scientific on the scientific Python blog, there's a, discussion about it.
18:57 So you can read up on all the NumPy 2.0.
19:00 And this is kind of exciting.
19:02 I just heard about this yesterday.
19:03 HTMX 2.0.
19:04 I don't have my attention.
19:06 So I haven't read any of this, but it should be some, there's a major changes and we'll see.
19:14 I'm not sure what broke or what, why the 2.0, but I'm not sure I can switch to this.
19:19 This release ends the support for internet Explorer.
19:22 Oh my gosh.
19:23 Just kidding.
19:25 The interesting bit about this though, is they're not marking a 2.0 is the latest on the NPM until January of 2025, because they'd like to have everybody, you know, have a smooth transition to there.
19:39 So anyway, any extras on your side?
19:42 A few, first of all, partnered with the folks over at PyCharm.
19:47 And now if you are taking a course at DocPython training, you can get six months of PyCharm Pro for free.
19:53 That even works for our free courses.
19:55 So if you just come over and take a course, sign up and check that out.
19:58 Only works for new accounts at JetBrains.
20:01 It doesn't work for renewal.
20:02 So can't, I'm that this is the best I can do folks, but it's still pretty awesome to be able to get a good chunk of the users free access to PyCharm Pro.
20:10 also other item is we have a awesome new course on data science coming to DocPython.
20:17 It's release is imminent.
20:18 It awaits a marketing landing page basically.
20:21 And then it, then it's out.
20:22 So we have a new course called reactive web dashboards with shiny, shiny for Python, not shiny for R.
20:30 So partner with the Posit folks to put this course together and it's super cool to build interactive dashboards and web apps for your data science things with shiny.
20:41 Shiny course.
20:42 Very cool.
20:44 Indeed.
20:44 Very, it's a shiny brand new course.
20:46 All right.
20:46 It will be shiny for a while.
20:49 How about a joke?
20:51 Are you up for it?
20:51 Yes.
20:52 Okay.
20:53 So we all, you know, you're sitting around, you're in a relationship, you have these thoughts that just kind of run through your head and you always don't know.
20:59 So here's, here's a young couple laying in bed.
21:01 The woman is thinking, I bet he's thinking about another woman.
21:04 That guy is just laying there.
21:05 What happened if I add a git ignore into the git ignore file?
21:09 I just like, she's giving him way too much credit.
21:12 What would happen?
21:15 I know the title is I can't ignore the git ignore.
21:17 What would happen if I had the git ignore to the git ignore file?
21:21 No.
21:23 Well, there's the joke.
21:28 This is what I got for you, Brian, this week.
21:30 I don't want to tell you.
21:31 Now I've got to try it to see.
21:33 Exactly.
21:34 I don't know.
21:35 If you do that, you might take GitHub down.
21:37 I wouldn't, I don't know if I'd check that in.
21:39 Well, not GitHub, but local.
21:41 Well, I mean, it has automation.
21:42 It could explode.
21:44 It could.
21:44 It could.
21:44 Dependabot will just stop working for everyone after that.
21:47 Yeah.
21:48 All right.
21:49 All right.
21:49 Well, that's it.
21:51 Well, everyone, thank you for listening.
21:52 Scout APM.
21:53 Thank you for supporting the show and Brian.
21:55 Thanks as always.
21:56 Thank you.
21:57 Thanks as always.