Topics covered in this episode:
- NumFOCUS concerns
- leaping pytest debugger llm
- Extra, Extra, Extra,
- PyPI has completed its first security audit
- Extras
- Joke
About the show
Sponsored by us! Support our work through:
Connect with the hosts
- Michael: @mkennedy@fosstodon.org
- Brian: @brianokken@fosstodon.org
- Show: @pythonbytes@fosstodon.org
Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too.
Finally, if you want an artisanal, hand-crafted digest of every week of
the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.
Brian #1: NumFOCUS concerns
- Suggested by Pamphile Roy
- Write up of the current challenges faced by NumFOCUS, by Paul Ivanov (one of the OG of Scientific Python: Jupyter, Matplotlib, etc.)
- Struggling to meet the needs of sponsored and affiliated projects.
- In February, NumFOCUS announced it is moving in a new direction.
- NumFOCUS initiated an effort to run an election for open board seats and proposed changing its governance structure.
- Some projects are considering and actively pursuing alternative venues for fiscal sponsorship.
- Quite a bit more detail and discussion in the article.
- NumFOCUS covers a lot of projects
- NumPy, Matplotlib, pandas, Jupyter, SciPy, Astropy, Bokeh, Dask, Conda, and so many more.
Michael #2: leaping pytest debugger llm
- You can ask Leaping questions like:
- Why am I not hitting function x?
- Why was variable y set to this value?
- What was the value of variable x at this point?
- What changes can I make to this code to make this test pass?
Brian #3: Extra, Extra, Extra,
- 2024 Developer Summit
- Also suggested by Pamphile, related to Scientific Python
- The Second Scientific Python Developer Summit , June 3-5, Seattle, WA
- Lots of great work came out of the First Summit in 2023
- pytest-regex - Use regexs to specify tests to run
- Came out of the ’23 summit
- I’m not sure if I’m super happy about this or a little afraid that I probably could use this.
- Still, cool that it’s here.
- Cool short example of using __init__ and __call__ to hand-roll a decorator.
- ruff got faster
Michael #4: PyPI has completed its first security audit
- Trail of Bits spent a total of 10 engineer-weeks of effort identifying issues, presenting those findings to the PyPI team, and assisting us as we remediated the findings.
- Scope: The audit was focused on "Warehouse", the open-source codebase that powers pypi.org
- As a result of the audit, Trail of Bits detailed 29 different advisories discovered across both codebases. When evaluating severity level of each advisory, 14 were categorized as "informational", 6 as "low", 8 as "medium" and zero as "high".
Extras
Brian:
- pytest course community to try out Podia Communities.
- Anyone have a podia community running strong now?
- If so, let me know through Mastodon: @brianokken@fosstodon.org
- Want to join the community when it’s up and running?
- Same. Or join our our friends of the show list, and read our newsletter. I’ll be sure to drop a note in there when it’s ready.
Michael:
- VS Code AMA @ Talk Python[video]
- Gunicorn CVE
- Talk submissions are now open for both remote and in-person talks at the 2024 PyConZA? The conference will be held on 3 and 4 October 2024 in Cape Town, South Africa. Details are on za.pycon.org.
- FlaskCon 2024 will be happening Friday, May 17 inside PyCon US 2024. Call for proposals are now live!
Joke: Debugging with your eyes
You Might Like
