Tootfinder

Opt-in global Mastodon full text search. Join the index!

@heiseonline@social.heise.de
2026-06-11 14:07:00

heise | Grundlagen in Python: Dictionarys meistern und Daten effizient organisieren
Mit Schlüssel-Wert-Paaren lassen sich Daten clever strukturieren. Wir zeigen, wie Sie Python-Dictionarys effizient erstellen und steuern.

@hynek@mastodon.social
2026-07-13 20:07:21

I’m somewhat embarrassed to finally announce svcs 26.1.0 – my solution to #Python service location and dependency injection.
It’s been a minute, and the changelog is chuck-full, but the main features are autowiring, which looked like a simple add-on that grew to a four-digit monster diff, and of course, TypeForms that allow registering/getting abstract types!

@mgorny@social.treehouse.systems
2026-05-13 14:52:16

One of my strong suites in all the packaging work is the knowledge in my head.
"Why don't you write it down for others to benefit from, then?", you'd ask.
The thing is, this knowledge is basically "hot cache". I'm bumping hundreds of #Python packages in #Gentoo, so I remember stuff. And because of that, I can quickly notice some things or answer some questions.
If that were written down, the effort needed to find it would diminish all the gain. I mean, technically *it is* already written down, and the whole point is that I have it "cached".

@veit@mastodon.social
2026-06-10 06:46:21

📆 On 13 August, all #Berlin #Python user groups – @…, @…

@frankel@mastodon.top
2026-06-11 09:09:12

Vulnerability and malware checks in #uv
#python

@rasterweb@mastodon.social
2026-06-12 14:11:16

@… I gave this thing a try today... 😉
codeberg.org/jjg/paxton

@avstockhausen@fedihum.org
2026-06-10 11:00:02

Bookmarked: Phillip B. Ströbel: Von der Pythia zu Python. Einführung in die Programmierung für die Geschichtsforschung #Jupyter

@joxean@mastodon.social
2026-05-12 16:14:55

For a tool I'm writing I need to do some web searches from time to time. Mostly from Python. What can I use without having to buy/get an API key? Anything as of today that still works?

@netzschleuder@social.skewed.de
2026-05-07 20:00:07

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
networks.sk…

python_dependency: Python Dependency Network. 58743 nodes, 108399 edges. https://networks.skewed.de/net/python_dependency
@grumpybozo@toad.social
2026-07-12 17:04:58

I do not appreciate finding out via active breakage that Broadcom has decided to screw all #FreeBSD users of the #Salt configuration management tools. Not that I’m shocked, but I wish it didn’t happen because of a ‘pkg upgrade’ run installing the python 3.12 version and all of its py312-* dependencies and then…

@lpryszcz@genomic.social
2026-06-12 07:52:52

handy random string (password) generator
echo `tr --complement --delete "a-fA-F0-9" < /dev/urandom | head -c 12`
#bash #cmdline #tricks
source:

@hynek@mastodon.social
2026-06-09 04:53:34

for no particular reason whatsoever, I've updated my guide on how to measure #Python coverage across GitHub Action containers without an external service (*cough* Codecov *cough*)
hynek.me/articles/ditch-codeco

@jason123santa@fosstodon.org
2026-05-13 01:11:46

Should I learn #pico8 or #tic80? I am thinking to learn tic80 because it supports more platforms to support my game on. At the same time pico8 runs better on my powkiddy v90 handheld where I do want my games to run on.
I know python so I think I can learn lua for pico8 or tic80. As well as the other fu…

@stiefkind@mastodon.social
2026-06-10 09:35:43

»Hey, KI! Bestimmt erinnerst du dich noch an die 150.000 Zeilen Code, die du mir vor so sieben, acht Monaten mal in Python vibecoded hast? Der müsste jetzt bitte auf das neue API angepasst werden. Und wenn du eh schon dabei bist: portiere das doch alles auch gleich noch von Python nach Rust.« 🤡 #justthinkin

@awinkler@openbiblio.social
2026-06-11 12:24:43

Florian Thierrys #OER zu #QGIS und #Wikidata:

@michabbb@social.vivaldi.net
2026-05-10 18:14:15

🎬 Supported events include batch job completion, video generation via #Veo, and agent workflow signals. One WebhookConfig object wired directly into your generate_videos() or batch call.
🐍 The #Python SDK makes it trivial — pass a WebhookConfig with your URI and subscribed events to any long-…

@hynek@mastodon.social
2026-07-09 10:07:54

old and busted: delete failing tests
new and hotness: delete CI configuration
this is FOSS DoS; I have no other term for it
github.com/python-attrs/attrs/

@tinoeberl@mastodon.online
2026-07-03 15:17:02

#Steady #Klimacrew
Wie lassen sich #Wechselrichterdaten vom APsystems EZ1 lokal speichern?
Für statistische Auswertungen müssen alle Daten kontinuierlich gespeichert werden. Wie…

@heiseonline@social.heise.de
2026-05-08 11:52:00

#TGIQF: „Das Leben des Brian“ — Das Quiz rund zu Monty Pythons Filmklassiker
Die Komödie "Das Leben des Brian" sorgte 1979 für reichlich Gelächter und kirchliche Pikiertheit. Wir würdigen den Monty-Python-Klassiker mit einem Quiz.

@jhelberg@mastodon.social
2026-06-08 13:17:22

So virtualenv solves the issue of brutal incompatibilities between python stuff (at the cost of huge amounts of diskspace), but the minute uwsgi comes into play, it is overboard and there is hardly any way to activate plugins for old python interpreters. #pythonwoes

@karlauerbach@sfba.social
2026-06-03 17:23:56

A lot of open source projects take care to preserve compatibility with the past, so that changes do not break the projects of existing users.
But then there are others. In my list of "damn the past, full speed ahead on incompatible changes!!" are my most recent encounters:
- Python (not only was the Python 2 abandonment unforgivable and cost many of us a lot of useless conversion work, but the versions of Python 3 seem to change from one to the next to the degree that…

@Techmeme@techhub.social
2026-06-24 15:56:24

Nature publishes a peer-reviewed paper alleging that Microsoft's 2025 quantum breakthrough claims were based on "basic Python errors" and data cherry-picking (Thomas Claburn/The Register)
theregiste…

@stf@chaos.social
2026-05-03 13:50:18

wtf does everytime a new v of #python is rolled out in linux distros, all virtual envs break, and i do have to rebuild them manually. we're now 13 minor versions since py v2.7 and everything became worse since then. i have a stable app, and if python would not fuck up this i would not have to touch it in a decade, but because of this, i feel like i'm in the java ecosystem where work is gener…

@veit@mastodon.social
2026-06-01 05:42:17

If uv is not available in a Python environment, you can still specify the versions using pylock.toml. We have described how to do this here: python-basics-tutorial.readthe

@frankel@mastodon.top
2026-06-09 17:05:21

Are you really expected to run five type-checkers now?
#python

@netzschleuder@social.skewed.de
2026-06-01 11:00:06

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
networks.sk…

python_dependency: Python Dependency Network. 58743 nodes, 108399 edges. https://networks.skewed.de/net/python_dependency
@roland@devdilettante.com
2026-06-08 04:05:35

whoah cyclopts sounds incredible! turn any python function into a command line script!!!!! if only it could run in a browser too :-) #NotAskingMuchObvs :)

‪@mxp@mastodon.acm.org‬
2026-06-08 11:11:52

@… My PhD thesis literally was a bunch of Python classes. On some level. But that’s not the point of the thesis…

@mxp@mastodon.acm.org‬
2026-06-08 11:11:52

@… My PhD thesis literally was a bunch of Python classes. On some level. But that’s not the point of the thesis…

@tiago@social.skewed.de
2026-07-08 19:37:23

Good news everyone! 🎉
The new version 3.0 of graph-tool is just out with major improvements! See below.
graph-tool.skewed.de
graph-tool is a comprehensive and efficient Python library to work with networks, including structural, dynamical, and statistical algorithms, as well as visualiza…

@CerstinMahlow@mastodon.acm.org
2026-06-08 10:25:03

Pro tip:
If your supervisor suggests to submit a paper to a venue of a field relevant for your dissertation, addressing the architecture of the system you develop and which is the heart of your dissertation, maybe, just maybe, it’s not the very best idea to say: I don’t see what could be interesting here, it’s just a bunch of Python classes

@gray17@mastodon.social
2026-06-02 18:41:15

> We introduce gpusnek, a fully functional Python interpreter ported to CUDA, enabling execution of arbitrary Python code directly on the GPU by running one whole interpreter on every CUDA core/thread. This is a tremendously bad idea, but for the duration of this paper we pretend that it is not
[Josef Dean in SIGBOVIK 2026]

@heiseonline@social.heise.de
2026-05-01 16:00:34

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python

@adulau@infosec.exchange
2026-07-07 15:02:25

Working on tempolocus, a tool that analyses time-series activity patterns to infer a user’s likely location.
In @…, we work with a large volume of social-network time series. Estimating users’ locations from these patterns is often a manual task.
I prototyped a Python module that combines potential locations with yearly activity …

adulau@blakley:~/git/tempolocus$ python3 -m tempolocus samples/weekfull-chan1.json --format text  -n 10 --holiday-profile public-worker 
input_type: weekly_timeseries
confidence: 0.220
activity_type: mixed-time (0.009)
assumptions:
  - Hourly buckets are interpreted as UTC; timezone candidates are offsets that make the activity look locally human.
  - Weekly data cannot distinguish all IANA zones sharing the same offset, and daylight saving time is not inferable without dates.
probable_countrie…
@veit@mastodon.social
2026-07-01 06:56:09

On my way to a flying visit to Berlin. Tomorrow, the Python Users Berlin (@…) are meeting for a talk by Sam Bail on PySpark: meetup.com/python-users-berlin

@emilis@social.linux.pizza
2026-07-04 16:29:05

Who thought it was a good idea to put spinners in a shell script?
`pip install` has been running for a few minutes now at 100% CPU and all progress I see is an effing spinner on the last line.
Had to look at process list to see it's not stuck.
#python #pip

@rasterweb@mastodon.social
2026-06-30 04:00:01

➡️ Python f-string Tips & Cheat Sheets
#bookmarks

@michabbb@social.vivaldi.net
2026-07-10 07:11:25

🔧 Three pieces mirror the Python RLM design: a system prompt, a $CONTEXT file plus bash as the REPL, and the native rlm_query sub-call. Depth 0 and 1 get full tools; the leaf at max depth runs bash only. jj workspaces isolate child edits when available.
🛡️ Five guardrails guarantee termination: dollar budget, wall-clock timeout, call limit, depth limit and PATH scrubbing. Deeper agents are told to be more conservative, preferring direct action over spawning more children.

@wraithe@mastodon.social
2026-04-30 19:36:08

A user at a client contacted me over what transpired to be them trying to install a python library on a machine (that didn’t have python installed) to run an AI tool at the direction of ChatGPT.
After *I* get it installed:
User: “Ok, how does it work?”
Me: 🤷🏻‍♀️ (╯°□°)╯︵ ┻━┻ “never seen it before”

@frankel@mastodon.top
2026-06-26 17:01:54

PEP 832 – Virtual environment discovery
#python

@tinoeberl@mastodon.online
2026-07-09 15:17:02

#Steady #Klimacrew
Vom Puristen zum #IDE-Nutzer
Ganz langsam. 😁 Wie verändert sich der Workflow, wenn man statt eines simplen Editors mit einer IDE arbeitet? Als Hobby-Entwickler hat mir Notepa…

@mgorny@social.treehouse.systems
2026-07-02 13:13:26

#TIL that the Python Pillow library uses the PING command as a #Windows equivalent of sleep.
#cmd

@hynek@mastodon.social
2026-06-03 04:43:34

i'm so fucking sick of it
i've got ONE extremely simple and extremely explicit contribution rule/brown m&m test: do not delete the PR checklist
since i'm busy getting structlog out, I’ve let the attrs bug tracker a bit off the leash
go & count for yourself how many PRs opened in the past month followed that instruction.
(and of course, this is not about bureaucracy; they violate many of the important items on that list)

@netzschleuder@social.skewed.de
2026-06-28 23:00:07

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
networks.sk…

python_dependency: Python Dependency Network. 58743 nodes, 108399 edges. https://networks.skewed.de/net/python_dependency
@nobodyinperson@fosstodon.org
2026-05-06 09:26:49

Installing #Spyder on :nixos: #NixOS, ugh... 😩
• must use spyder from unstable, in stable it depends on insecure qtwebengine-5
• it runs, but the interactive terminal needs spyder_kernels module
• adding python3Packages.spyder-kernels to the python env, doesn't help
• putting pytho…

@heiseonline@social.heise.de
2026-04-30 15:45:34

Einige der zuletzt hier besonders häufig geteilten #News:
„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python

@andres4ny@social.ridetrans.it
2026-07-04 03:06:11

Yes, I abuse f-strings in python because "print(f'" will always make more sense to my C-poisoned brain than "print('".

@cdonat@hostsharing.coop
2026-05-25 12:12:44

Is it only me, or has the hashtag #Python converted in to a LinkedIn-like wave of marketing bullshit? I really like Python, and use it a lot, but this is becoming unbearable.

@guerda@ruhr.social
2026-06-21 13:05:45

Discovered a segfault in #FastAPI very strange, does only happen on MacOS with Python 3.14.0 ALPHA
The reason was that I was unaware that I ran an alpha version of Python 3.14.
FastAPI segfaults with Python 3.14.0 on MacOS · fastapi/fastapi · Discussion #15819

@adlerweb@social.adlerweb.info
2026-04-23 09:04:15

Falls ihr das #Python "dist"-Modul oder #Ansible nutzt und bei #Gentoo plötzlich für distribution/ansible_distribution/… falsche Werte erhaltet (z.B. ClearLinux):
Gentoo quo…

@Techmeme@techhub.social
2026-05-06 07:02:09

A medical student reverse-engineered AI tools used by medical colleges on suspicion they were filtering his applications, highlighting AI-driven hiring concerns (Todd Feathers/Wired)
wired.com/story/he-couldnt-lan

@rasterweb@mastodon.social
2026-05-28 04:58:41

➡️ PyPI · The Python Package Index
#bookmarks

@michabbb@social.vivaldi.net
2026-07-11 00:58:19

🛡️ It also scans heredocs & inline scripts (python -c, bash -c, node -e) via AST-based analysis to catch destructive operations the outer command hides
🚀 Whitelist-first with a modular pack system; works on Linux, macOS & Windows (WSL) and auto-configures hooks for Claude Code, Codex, Gemini, Copilot & Cursor

@kubikpixel@chaos.social
2026-04-17 15:15:02

«YubiKey Manager — Sicherheitslücke ermöglicht Ausführung untergeschobenen Codes:
Yubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.»
Eine IT-Security Meldung die wirklich sicher ist und Updates nun wirklich sofort vor dem Wochenende gemacht werden müssen.
🔐

@stf@chaos.social
2026-05-03 13:51:08

why can't a minor version change not be goddamn backward compatible ffs.
#python

@frankel@mastodon.top
2026-06-23 09:13:33

#Python 3.15 #Lazy #Imports: Faster Startup Times and the Design Behind PEP 810

@berlinbuzzwords@floss.social
2026-06-03 06:45:13

Kafi Streams, built on (Py)DBSP, treats streaming like batch. Strongly consistent from day one. An open source Python library for the 80% of use cases that do not need extreme scale. Ralph Matthias Debusmann will be unveiling it at #bbuzz26.
Learn more: 2026.berlinbuzzwords.de/sessio

@netzschleuder@social.skewed.de
2026-05-27 17:00:06

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
networks.sk…

python_dependency: Python Dependency Network. 58743 nodes, 108399 edges. https://networks.skewed.de/net/python_dependency
@mgorny@social.treehouse.systems
2026-07-04 04:49:14

#Python Hypothesis package now requires #RustLang. This is a scale of reverse dependencies I can't handle. I guess this means it's the end of WD40 profiles on #Gentoo, and therefore the end of support for Alpha, ARM<v6, HPPA, M68k, i486 and some other random subsets of architectures and profiles. Thanks for all the fish, etc.
github.com/HypothesisWorks/hyp

@krone@frawas.de
2026-05-21 06:06:24

Läufer knipste Python - Würgeschlange mitten in der Steiermark gesichtet #News #Nachrichten

@datascience@genomic.social
2026-05-15 10:00:00

Video tutorials for modern ideas and open source tools. #python

@fanf@mendeddrum.org
2026-05-27 11:42:02

from my link log —
Someone’s been messing with Python’s floating point subnormals!
moyix.blogspot.com/2022/09/som
saved 2022-09-06

@mgorny@social.treehouse.systems
2026-05-11 03:18:59

Always appreciate how people release RCs to give others opportunity to test their changes early, then release final versions before the fixes for "breaks #Portage" kind of regressions introduced in the RCs are merged.
#Gentoo #Python #CPython

@tinoeberl@mastodon.online
2026-07-07 15:17:22

#Steady #Klimacrew
Was tun, wenn falsche Einträge im #Marktstammdatenregister die Auswertung ruinieren?
Das Register ist berüchtigt für Fehleinträge durch Anlagenbetreiber. …

@veit@mastodon.social
2026-06-21 14:27:46

I’m organising the next @… meet-up, featuring a talk by Sam Bail on PySpark: meetup.com/python-users-berlin

@rasterweb@mastodon.social
2026-06-29 04:00:03

➡️ fstring.help: Python f-string Guide
#bookmarks

@Techmeme@techhub.social
2026-05-27 06:15:51

Analysis: the share of entry-level hiring in India's tech sector fell to ~15% in 2025 from 28% in 2024 as companies shifted focus to AI and automation roles (Tanya Pandey/The Economic Times)
economictimes.i…

@nobodyinperson@fosstodon.org
2026-05-09 06:56:06

@… @…
> python3 - 3.8.18 => 3.11.15
A long overdue update. I'll have to repackage all my apps and Python dependencies though.

@mgorny@social.treehouse.systems
2026-07-04 13:51:09

And the next big blocker for #Python 3.15 in #Gentoo is time-machine. Which is obviously broken. There's a patch but it's #slop and complex, and it's sitting for 3 months already with no reply. Because obviously patching CPython internals is so much a better idea than freezegun ever were. All these time-based tests need all the ricing you can get; portability doesn't matter.
github.com/adamchainz/time-mac

@grumpybozo@toad.social
2026-06-14 23:12:55

RE: seattle.pink/@mxchara/11675012
The fact that (so far) Python is in the lead makes me sad.
Python is unfit for system administration. You’ll only convince me otherwise when every fucking Python program doesn’t need its own bespoke …

@veit@mastodon.social
2026-06-16 21:39:22

Taking Measure spoke to Guido van Rossum to find out more about #Python, what he gets up to in his spare time, and his brief spell at #nist

@netzschleuder@social.skewed.de
2026-06-15 10:00:06

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
networks.sk…

python_dependency: Python Dependency Network. 58743 nodes, 108399 edges. https://networks.skewed.de/net/python_dependency
@frankel@mastodon.top
2026-06-09 17:05:21

Are you really expected to run five type-checkers now?
#python

@mgorny@social.treehouse.systems
2026-06-30 13:07:57

The conclusion from a big #Python 3.15 #Gentoo porting run today: the most common kind of #NIH Python package is one providing colorful output on the terminal…

@michabbb@social.vivaldi.net
2026-07-04 01:55:57

🧩 Rich plugin ecosystem: hundreds of plugins run tasks anywhere — local, SSH, #Docker, #Kubernetes or serverless task runners — and code in any language including #Python, Node.js, R, Go and S…

@hynek@mastodon.social
2026-05-30 12:08:13

I’d like to announce the most unlikely #Python package release:
service-identity 26.1.0, the best way to verify if a certificate is valid for a hostname, IP, or URI is out!
The main change is that we were able to switch from pyasn1 (thank you for more than a decade of great service! 🫡💛) to do everything within PyCA's cryptography.

@rasterweb@mastodon.social
2026-06-05 14:41:30

I tried to get someone’s Python code to work and could not due to errors and I did a few searches and then gave up.
I could try using some AI chatbot bullshit to help me out but fuck that… it’s easier to just give up and walk away. Oh well.

@mgorny@social.treehouse.systems
2026-06-29 12:42:29

I have a #Python favor to ask. Could someone look at Python 3.15 test failures in itsdangerous? It's blocking quite a large part of package dependency graph in #Gentoo, and the failure looks, errr, dangerous.
github.com/pallets/itsdangerou

@Techmeme@techhub.social
2026-06-04 00:36:01

Google releases macOS versions of AI Edge Gallery, which lets users run open models on their devices, and AI Edge Eloquent, an on-device voice dictation app (Google Developers Blog)
developers.googleblog.com/brin

@rasterweb@mastodon.social
2026-06-28 00:53:59

I got some Python code working yesterday after being convinced I could not figure it out… but figured it out!
Realized I needed extra code today, thought it would be a pain but figured it out in no time.
Maybe I can write Python okay…

@veit@mastodon.social
2026-04-30 14:10:02

Now elementary-data has also been hit: for just under half a day, a malicious version 0.23.3 was available on PyPI, which had stolen credentials such as SSH keys, AWS login details, API tokens and wallet files. The attack was carried out via a script injection vulnerability in one of the GitHub Actions workflows. Cooldown helps protect against such attacks, as we have described here:

@mgorny@social.treehouse.systems
2026-06-01 02:39:46

It's always important to have a consistent #security policy.
For example, a policy of "If somebody filed a CVE, it's an important security issue, and we will fix it as such, no matter how meaningless the fix is. If nobody did, it's just a glorified bug fix, no matter how serious the bug was."
So we've just seen a #pip security release over "installing random packages can overwrite pip's files and pip can lazy-import some of them immediately afterwards", with a fix of "pip will no longer load them until you run it again" (leaving the underlying security issue of "any #Python package can override files installed by any other Python package" as intended behavior). As Eli Schwartz beautifully put it, you are not expected to be using the virtual environment; you should create it, install packages into it (at most once!), and then frame it and put it on the wall to admire.
Now we're seeing a "bug fix" for "malicious entry point names can write outside of virtual environment". If nobody filed a CVE, it's obviously not a security issue at all. At least upstream graced us with fixing it without correcting the spec to forbid that first.
github.com/pypa/pip/issues/140

@nobodyinperson@fosstodon.org
2026-05-06 21:03:37

@… Yes, for a Python tutorium.

@rasterweb@mastodon.social
2026-04-17 20:57:35

I do not get how Python's math.modf works...
Why do I get all the zeros or nines?
4.4 | 4.0 | 0.40000000000000036
4.5 | 4.0 | 0.5
4.6 | 4.0 | 0.5999999999999996
I can fix it with... more math, but maybe I am doing something wrong?
#python #math

@mgorny@social.treehouse.systems
2026-06-01 12:39:41

The #Gentoo #Python 3.14 switch / 3.11 3.13t removal PR is green. Doing some final testing locally before merging it (one that involves 350 "merge wait" packages, what could possibly go wrong…).
codeberg.org/gentoo/gentoo/pul

@Techmeme@techhub.social
2026-05-27 16:50:55

Starlette, an open-source Python framework underpinning FastAPI, has a vulnerability, called BadHost, that can allow hackers to bypass authorization (Dan Goodin/Ars Technica)
arstechnica.com/information-te

@mgorny@social.treehouse.systems
2026-04-30 04:07:02

I think we should EOL #Python versions more often. This triggers not-very-active projects to finally make a release, including another batch of releases today (apparently 6 months mark). Unlike, I don't know, bug fixes.
#Gentoo

@hynek@mastodon.social
2026-04-15 04:42:31

I’m shocked I haven’t sold out PyTexas yet! What’s up Austin, I even got a fresh haircut! #Python
pretix.eu/pytexas/2026/

@mgorny@social.treehouse.systems
2026-05-30 04:06:44

0 days since we went from "we should replace `setup.py` with a bunch of standardized #PEP517 backends" to "every package must have its own local PEP517 backend".
#Python

@mgorny@social.treehouse.systems
2026-05-28 03:38:25

> No significant changes.
Looks inside.
> Significant changes.
#Python

@rasterweb@mastodon.social
2026-05-26 04:55:03

➡️ Beautiful Soup - Python Screen-Scraping
#bookmarks

@mgorny@social.treehouse.systems
2026-05-25 19:42:28

I've been sad about the upcoming removal of #PyPy from #Gentoo, but given how many regressions I've been seeing recently in a variety of #Python packages, I'm eagerly waiting for the day when I'll remove the support and be able to stop having to deal with the test failures somehow. Not that at this point any other way of dealing besides skipping them makes any sense.

@mgorny@social.treehouse.systems
2026-05-22 03:11:10

If #Python package releases continue at this rate, I'm going to have to start getting up earlier.
Or just stop doing all of them in the morning.
#Gentoo

@mgorny@social.treehouse.systems
2026-05-21 11:06:01

> #Python Stable ABI
> makes extensions unstable (they start segfaulting)
github.com/pikepdf/pikepdf/iss

@mgorny@social.treehouse.systems
2026-05-19 05:12:35

Always appreciate #Python package developers being responsible about API stability, and… [checks notes]… raising the major version number over a "minor API tweak", then delaying the release until a security fix demanded one.
#packaging

@mgorny@social.treehouse.systems
2026-05-16 06:30:31

Yes, please reinvent more wheels by rewriting #Python logic in #RustLang. What could possibly go wrong?!
github.com/awolverp/cachebox/i

@mgorny@social.treehouse.systems
2026-06-17 14:36:12

Does anyone happen to know if #PSF is processing contributing membership applications? Mine is stuck with no reply for almost 2 months now, and I'm wondering if it's just normal delay or something went wrong.
#Python

@mgorny@social.treehouse.systems
2026-06-17 02:41:18

0 days since provenance checks protected us from [checks notes] another project starting to upload distributions via #uv.
#Python #security

@mgorny@social.treehouse.systems
2026-04-15 05:00:43

The state of #security these days: #Python #virtualenv package now includes SHA256 sums of their bundled wheels, declaring that it protects against "supply-chain compromise". Because obviously there are so many attack vectors that permit you to alter a .whl file but not the .py file in the same directory.
No, I'm not saying verifying checksum makes no sense, because indeed it can save some pain if fs is damaged somehow. However, calling this a "security" feature is a misnomer at best, and openly giving people false sense of security at worst.

@mgorny@social.treehouse.systems
2026-04-20 01:58:52

How to get a package removed from #Gentoo?
1. Add a new #NIH dependency.
2. The dependency turns out to use coherent.build. Nightmare! Oh, wait, apparently coherent.build generates source distributions that use flit.core (understandable; coherent.build is unusable).
3. The dependency depends on chardet (the project famous for GPL copywashing). Okay, technically it works with the older version, and the dependency is optional with poor person's fallback, so I guess it would be fine.
4. But hey, this package is not used by anything, and the last package using it in Gentoo was removed in 2020, after not being touched for 4 years already. Also, that package is not maintained upstream since 2017, so I guess there's negligible risk of it ever coming back.
#Python