Topics include NumFOCUS concerns, leaping pytest debugger llm, , and PyPI has completed its first security audit.

Python Bytes

Michael Kennedy and Brian Okken

#380 Debugging with your eyes

APR 23, 202424 MIN
Python Bytes

#380 Debugging with your eyes

APR 23, 202424 MIN

Description

<strong>Topics covered in this episode:</strong><br> <ul> <li><a href="https://pirsquared.org/blog/numfocus-concerns.html"><strong>NumFOCUS concerns</strong></a></li> <li><a href="https://github.com/leapingio/leaping">leaping pytest debugger llm</a></li> <li><strong>Extra, Extra, Extra,</strong></li> <li><a href="https://blog.pypi.org/posts/2023-11-14-1-pypi-completes-first-security-audit/">PyPI has completed its first security audit</a></li> <li><strong>Extras</strong></li> <li><strong>Joke</strong></li> </ul><a href='https://www.youtube.com/watch?v=axdty2K79v8' style='font-weight: bold;'data-umami-event="Livestream-Past" data-umami-event-episode="380">Watch on YouTube</a><br> <p><strong>About the show</strong></p> <p>Sponsored by us! Support our work through:</p> <ul> <li>Our <a href="https://training.talkpython.fm/"><strong>courses at Talk Python Training</strong></a></li> <li><a href="https://courses.pythontest.com/p/the-complete-pytest-course"><strong>The Complete pytest Course</strong></a></li> <li><a href="https://www.patreon.com/pythonbytes"><strong>Patreon Supporters</strong></a></li> </ul> <p><strong>Connect with the hosts</strong></p> <ul> <li>Michael: <a href="https://fosstodon.org/@mkennedy"><strong>@[email protected]</strong></a></li> <li>Brian: <a href="https://fosstodon.org/@brianokken"><strong>@[email protected]</strong></a></li> <li>Show: <a href="https://fosstodon.org/@pythonbytes"><strong>@[email protected]</strong></a></li> </ul> <p>Join us on YouTube at <a href="https://pythonbytes.fm/stream/live"><strong>pythonbytes.fm/live</strong></a> to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too.</p> <p>Finally, if you want an artisanal, hand-crafted digest of every week of </p> <p>the show notes in email form? Add your name and email to <a href="https://pythonbytes.fm/friends-of-the-show">our friends of the show list</a>, we'll never share it.</p> <p><strong>Brian #1:</strong> <a href="https://pirsquared.org/blog/numfocus-concerns.html"><strong>NumFOCUS concerns</strong></a></p> <ul> <li>Suggested by Pamphile Roy</li> <li>Write up of the current challenges faced by NumFOCUS, by Paul Ivanov (one of the OG of Scientific Python: Jupyter, Matplotlib, etc.) <ul> <li>Struggling to meet the needs of sponsored and affiliated projects.</li> <li>In February, NumFOCUS announced it is moving in a new direction.</li> <li>NumFOCUS initiated an effort to run an election for open board seats and proposed changing its governance structure.</li> <li>Some projects are considering and actively pursuing alternative venues for fiscal sponsorship.</li> <li>Quite a bit more detail and discussion in the article.</li> </ul></li> <li><a href="https://numfocus.org/sponsored-projects">NumFOCUS covers a lot of projects</a> <ul> <li>NumPy, Matplotlib, pandas, Jupyter, SciPy, Astropy, Bokeh, Dask, Conda, and so many more.</li> </ul></li> </ul> <p><strong>Michael #2:</strong> <a href="https://github.com/leapingio/leaping">leaping pytest debugger llm</a></p> <ul> <li>You can ask Leaping questions like: <ul> <li>Why am I not hitting function x?</li> <li>Why was variable y set to this value?</li> <li>What was the value of variable x at this point?</li> <li>What changes can I make to this code to make this test pass?</li> </ul></li> </ul> <p><strong>Brian #3:</strong> <strong>Extra, Extra, Extra,</strong></p> <ul> <li><a href="https://scientific-python.org/summits/developer/2024/">2024 Developer Summit</a> <ul> <li>Also suggested by Pamphile, related to Scientific Python</li> <li><em>The Second Scientific Python Developer Summit , June 3-5, Seattle, WA</em></li> <li>Lots of great work came out of the <a href="https://blog.scientific-python.org/scientific-python/dev-summit-1/">First Summit in 2023</a></li> </ul></li> <li><a href="https://github.com/tylerjereddy/pytest-regex">pytest-regex</a> - Use regexs to specify tests to run <ul> <li>Came out of the ’23 summit</li> <li>I’m not sure if I’m super happy about this or a little afraid that I probably could use this.</li> <li>Still, cool that it’s here.</li> </ul></li> <li><a href="https://jcarlosroldan.com/post/329/my-latest-tils-about-python">Cool short example of using </a><a href="https://jcarlosroldan.com/post/329/my-latest-tils-about-python">__init__</a><a href="https://jcarlosroldan.com/post/329/my-latest-tils-about-python"> and </a><a href="https://jcarlosroldan.com/post/329/my-latest-tils-about-python">__call__</a><a href="https://jcarlosroldan.com/post/329/my-latest-tils-about-python"> to hand-roll a decorator.</a></li> <li><a href="https://astral.sh/blog/ruff-v0.4.0">ruff got faster</a></li> </ul> <p><strong>Michael #4:</strong> <a href="https://blog.pypi.org/posts/2023-11-14-1-pypi-completes-first-security-audit/">PyPI has completed its first security audit</a></p> <ul> <li>Trail of Bits spent a total of 10 engineer-weeks of effort identifying issues, presenting those findings to the PyPI team, and assisting us as we remediated the findings.</li> <li>Scope: The audit was focused on "Warehouse", the open-source codebase that powers <a href="https://pypi.org">pypi.org</a></li> <li>As a result of the audit, Trail of Bits detailed 29 different advisories discovered across both codebases. When evaluating severity level of each advisory, 14 were categorized as "informational", 6 as "low", 8 as "medium" and zero as "high".</li> </ul> <p><strong>Extras</strong> </p> <p>Brian:</p> <ul> <li>pytest course community to try out Podia Communities.</li> <li>Anyone have a podia community running strong now? <ul> <li>If so, let me know through Mastodon: <a href="https://fosstodon.org/@brianokken">@[email protected]</a></li> </ul></li> <li>Want to join the community when it’s up and running? <ul> <li>Same. Or join our <a href="https://pythonbytes.fm/friends-of-the-show">our friends of the show list</a>, and read our newsletter. I’ll be sure to drop a note in there when it’s ready.</li> </ul></li> </ul> <p>Michael:</p> <ul> <li><a href="https://www.youtube.com/watch?v=Jh24NVM2FDY">VS Code AMA @ Talk Python</a><a href="https://www.youtube.com/watch?v=Jh24NVM2FDY"> </a>[<a href="https://www.youtube.com/watch?v=Jh24NVM2FDY">video]</a></li> <li><a href="https://nvd.nist.gov/vuln/detail/CVE-2024-1135">Gunicorn CVE</a></li> <li>Talk submissions are now open for both remote and in-person talks at the 2024 PyConZA? The conference will be held on 3 and 4 October 2024 in Cape Town, South Africa. Details are on <a href="http://za.pycon.org">za.pycon.org</a>.</li> <li><a href="https://flaskcon.com/2024/">FlaskCon 2024</a> will be happening Friday, May 17 inside PyCon US 2024. Call for proposals are now live!</li> </ul> <p><strong>Joke:</strong> <a href="https://devhumor.com/media/debugging-with-your-eyes">Debugging with your eyes</a></p>