Python Bytes Podcast Por Michael Kennedy and Brian Okken capa

Python Bytes

Python Bytes

De: Michael Kennedy and Brian Okken
Ouça grátis

Sobre este título

 Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.Copyright 2016-2026 Política e Governo
Episódios
  • #480 Proud Parents

    #480 Proud Parents
    May 18 2026
    Topics covered in this episode: Using Django Tasks in productionCo-authored with Claude?PyPI packages are increasing rapidlyhttpx2ExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hostsMichael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Using Django Tasks in production Tim Schilling shares how the Djangonaut Space website has been using Django’s new tasks framework and some of the info missing from the official Django docs.Tasks require a third party package, django-tasks-db to actually run the tasks.Article walks through all changes necessary to get an email process running to notify admins of new testimonials. Cool simple example.With the db backend, you can monitor progress of tasks in the admin, to see which tasks are scheduled, completed, or have errors.Some wishes for the community to implement new tutorial in the Django docsDjango Debug toolbar panel for taskstest/mock backendGreat title for wish list: Thinks I’d like to see, but I’m too lazy to implement myself. Michael #2: Co-authored with Claude? Via Nik T.We don’t put “executed on macOS”, “edited with PyCharm”, etc. in our commits. Why Claude?Seems like a growth hack to me, that I don’t really care to participate in.Some projects that have formalized their thoughts on this: The Generative AI Policy Landscape in Open SourceAdjust to turn off in ~/.claude/settings.json see the docs. { "attribution": { "commit": "", "pr": "" } } Brian #3: PyPI packages are increasing rapidly Artem GolubinThere’s been an increase of published packages per week on PyPIA pretty big increase in the last handful of months.30% increase since 2025, clearly due to AIArtem is building hexora, a malicious Python code detector.Cool package too, it can: Audit project dependencies to catch potential supply-chain attacksDetect malicious scripts found on platforms like Pastebin, GitHub, or open directoriesAnalyze IoC files from past security incidentsAudit new packages uploaded to PyPi.Artem is using hexora to analyze recently published pypi packages and many are obviously vibecoded and trigger false positives for abuses of eval, exec, and subprocess Side note: I don’t think that’s necessarily a false positive. Not malicious, but maybe a stupid-code-detector?Lots are LLM related, Lots have bots contributing codePublishing rate is crazy, dozens to hundreds of published versions in a day is a bug, not a featureBrian’s proposal, PyPI should limit releases per day for any package to something a sane human would do, even if they make a mistake on a release, to maybe like 2-3, definitely under 10, in a day. And if the repo has obvious agent contributors listed, maybe lower to the limit to 1-2 a day? Honestly, “move fast and break things” doesn’t apply to breaking the commons. Michael #4: httpx2 More on the httpx, httpxyz, etc changes: Pydantic people started their own fork, httpx2.Michiel says “while we think httpxyz was definitely needed, we welcome httpx2 and think it should be the ‘blessed’ fork.”Kludex, who is among other things maintainer of Starlette, was considering a forkAs it stands, httpx2 is lacking the performance improvements they added to httpxyz. But it will not be long before they will add those, too.Also they already made some smart decisions: they are switching from certifi to truststorethey are switching to compression.zstd on Python 3.14+, enabling zstd compression by defaultthey merged httpcore and vendored it in their repositoryDiscussion on Hacker News Extras Brian: The Four Horsemen of the LLM Apocalypse - AnarcatDjango/JetBrains 2026 developer survey is openPyrefly 1.0 : “meaning we are confident that Pyrefly is ready for production use.” Michael:Just about ready to release Python Web Security: OWASP Top 10 with Agentic AI course. Be sure to be on the courses newsletter to get notified. Joke: Proud Parents
    Exibir mais Exibir menos
    33 minutos
  • #479 Talking About Types

    #479 Talking About Types
    May 11 2026
    Topics covered in this episode: httpxyz one month inLearn concurrency - a deep dive into multithreading with Pythonpip 26.1 - lockfiles and dependency cooldownsPython 3.15 sentinal values from PEP 661ExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: httpxyz one month in First version of httpxyz contained just the fixes to get zstd working, and the fixes to get the test suite running on python 3.14, some ‘housekeeping’ changes related to the renamingEnd of March: a compatibility shim that allows you to use httpxyz even with third-party packages that import httpx themselves, as long as you import httpxyz first. Importing httpxyz automatically registers it under the httpx name in sys.modules , see https://httpxyz.org/httpx-compatibility/Fixed a WHOLE bunch of performance related issues by forking httpcore Brian #2: Learn concurrency - a deep dive into multithreading with Python Nikos Vaggalis“Whenever you are trying to speed up code using multiple cores, always ask yourself: “Do these threads need to talk to each other right now?” If the answer is yes, it will be slow. The best parallel code splits a big job into completely isolated chunks, processes them separately, and merges the results at the finish line.”Good overview of thread concurrency with Python and how that’s been improved dramatically with free-threaded PythonDefines lots of terms you come across, including “embarrassingly parallel multithreading”There’s a counter example that’s nice Start with a shared resource, a counter, and multiple threads updating itAttempt to fix with threading.Lock(), which fixes it, but slows things downGood explanation of whyProper fix with concurrent.futures and separating the work of different threads so that they can be independent and their results can be combined when they’re all finished. Michael #3: pip 26.1 - lockfiles and dependency cooldowns Python 3.9 is no longer supportedExperimental: installing from pylock filesDependency cooldowns (see my post about this)Lifting several 2020 resolver limitations Brian #4: Python 3.15 sentinal values from PEP 661 MISSING = sentinel("MISSING") def next_value(default: int | MISSING = MISSING): ... if default is MISSING: ... Take a name str as a constructor parameterIntended to be compared with is operator, similar to NoneSentinal objects can be used as a type, also similar to None and can be combined with other types with |.Unlike None, sentinal values are truthy. (Elipses ... are also truthy) This seems like a strange choice. but I guess it must have made sense to someone.It does force you to use is instead of depending on False-ness, so I guess it’ll make code using sentinels more readable.Interesting that the PEP was started in 2021, and we’re finally getting it this year. Extras Brian: Before GitHub - Armin Ronachertenacity - cross-platform multi-track audio editor/recorder learned about it from Armin’s article Joke: Joke option Make it myself Seems similar to what people think about software now Links httpxyz one month inhttpxyz.org/httpx-compatibilityLearn concurrency - a deep dive into multithreading with Pythonpip 26.1 - lockfiles and dependency cooldownsmy post about thisPython 3.15 sentinal values from PEP 661Before GitHubtenacityMake it myself
    Exibir mais Exibir menos
    36 minutos
  • #478 Iodine tablets and potable water

    #478 Iodine tablets and potable water
    May 4 2026
    Topics covered in this episode: profiling-explorerReverting the incremental GC in Python 3.14 and 3.15VSCode AI Co-author defaults to on, then offdjango freezeExtrasJokeWatch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python TrainingThe Complete pytest CoursePatreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)Brian: @brianokken@fosstodon.org / @brianokken.bsky.socialShow: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: profiling-explorer Adam JohnsonAnd intro post Python: introducing profiling-explorer“profiling-explorer is a tool for exploring profiling data from Python’s built-in profilers, which are stored in pstats files. ”Features Dark modeClick the calls, internal ms, or cumulative ms column headers to sort by that column.Use the search box to filter by filename or function name.Hover by a filename + line number pair to reveal the copy button, which copies the location to your clipboard for faster opening.Click the callers or callees links on the right of a row (not pictured above) to see the callers or callees of that function. Michael #2: Reverting the incremental GC in Python 3.14 and 3.15 Python 3.14 shipped with a new incremental garbage collector, but production reports of severe memory pressure (Neil Schemenauer measured up to 5× peak RSS on pathological cyclic workloads) have pushed the core team and Steering Council to revert it in both 3.14 and 3.15 - returning to the 3.13-era generational GC.This is the second time the inc GC has been pulled back: it was also reverted right before 3.13.0 final, and it shipped in 3.14 without going through the PEP process.The tradeoff is real: Neil's benchmarks showed max GC pause times of 1.3ms with inc GC versus 26ms with the generational one - great for latency-sensitive apps, terrible for memory-constrained ones.Release manager Hugo van Kemenade will ship 3.14.5 early with the revert, and Gregory Smith floated the idea of a 3.14.5rc1 - the first patch-release RC since 3.9.2 back in 2021.Tim Peters spent the thread doing live forensics on Windows, running a toy deque program that should cap at 1GB and watching it balloon to 15.6GB on a 16GB machine - and discovered the gen0 collector effectively never fires under the new scheme.Tim's bigger meta-point: CPython has a chronic shortage of real-world GC benchmarks, pyperformance has "basically no interesting" cyclic workloads, and users almost never share real data - so core devs keep flying blind on changes like this.Django maintainer Adam Johnson published a blog post mid-thread documenting a real memory "leak" in Django's migration system caused by inc GC, with a manual gc.collect() workaround - the listener-facing receipt that this wasn't just theoretical.If the inc GC comes back for 3.16, it'll go through a proper PEP, and the discussion is already shifting toward keeping both collectors available via a startup flag - which Neil and Sergey Miryanov have both prototyped. Brian #3: VSCode AI Co-author defaults to on, then off VSCode merges Enabling ai co author by default - 3 week agoTon’s of “why would you do this” and related commentsVSCode merges Change default for git.addAICoAuthor to off - yesterdayTake-away, don’t rely on default, set addAICoAuthor to off yourself Michael #4: django freeze Convert your dynamic django site to a static one with one line of code.Just run python manage.py generate_static_site :)Features Generate the static version of your Django site, optionally compressed .zip fileGenerate/download the static site using urls (only superuser and staff)Follow sitemap.xml urlsFollow internal links founded in each pageFollow redirectsReport invalid/broken urlsSelectively include/exclude media and static filesCustom base url (very useful if the static site will run in a specific folder different by the document-root)Convert urls to relative urls (very useful if the static site will run offline or in an unknown folder different by the document-root)Prevent local directory index Extras Brian: Thinking Less, Trusting More: GenAI’s Impacts on Students’ Cognitive Habits Michael: Vercel breached, employee to blameIntroducing the new Talk Python web playerGitHub uptime (a couple of views 1, 2) Joke: Friends in tech
    Exibir mais Exibir menos
    40 minutos
Ainda não há avaliações