Tootfinder

#Steady #Klimacrew
#BahnMonitor-Projekt: 7. Zufall ist nicht gleich Zufall. 🤭
Nach der Verspätungsmeldung kommt ein Wissenshäppchen. Der

Python-Projekt mit Bahn-API: 7. JSON-Wissenshäppchen: Zufall clever gemacht
So ergänzt dein Python-Bot Mastodon-Posts mit JSON-Wissenshäppchen – zufällig ausgewählt und fair rotiert.

> #Python Stable ABI
> makes extensions unstable (they start segfaulting)
https://github.com/pikepdf/pikepdf/issues/723#issuecomment-4507472913

Läufer knipste Python - Würgeschlange mitten in der Steiermark gesichtet #News #Nachrichten

Taking Measure spoke to Guido van Rossum to find out more about #Python, what he gets up to in his spare time, and his brief spell at #nist

The Programming Language Named for Monty Python Evolved at NIST
The creator of the popular programming language Python worked at NIST while developing it.

from my link log —
Plotnine: grammar of graphics for Python.
https://plotnine.org/
saved 2026-04-20 https://dotat.at/:/96VP8.html…

Plotnine

Wer heute auf der #bibliocon26 noch etwas Hands-On-Erfahrung mit Python und SRU- und SPARQL-Schnittstellen im Bibliotheks- bzw. #GLAM -Sektor sammeln möchte, den könnte folgendes Hands-on Lab (Raum 14, 16:30-18:30) interessieren:

Very smart of Pantages Theater in Hollywood advertising with the RenFair in Los Angeles. I bought tix immediately. 😁
✅ Monty Python's Spamalot - Mar 24-Apr 12, 2026 - Pantages Theater, Hollywood
https://www.broadwayinhollywood.com/events/detail/spamalot

heise | Grundlagen in Python: Dictionarys meistern und Daten effizient organisieren
Mit Schlüssel-Wert-Paaren lassen sich Daten clever strukturieren. Wir zeigen, wie Sie Python-Dictionarys effizient erstellen und steuern.

Grundlagen in Python: Dictionarys meistern und Daten effizient organisieren
Mit Schlüssel-Wert-Paaren lassen sich Daten clever strukturieren. Wir zeigen, wie Sie Python-Dictionarys effizient erstellen und steuern.

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

I do not get how Python's math.modf works...
Why do I get all the zeros or nines?
4.4 | 4.0 | 0.40000000000000036
4.5 | 4.0 | 0.5
4.6 | 4.0 | 0.5999999999999996
I can fix it with... more math, but maybe I am doing something wrong?
#python #math

How to get a package removed from #Gentoo?
1. Add a new #NIH dependency.
2. The dependency turns out to use coherent.build. Nightmare! Oh, wait, apparently coherent.build generates source distributions that use flit.core (understandable; coherent.build is unusable).
3. The dependency depends on chardet (the project famous for GPL copywashing). Okay, technically it works with the older version, and the dependency is optional with poor person's fallback, so I guess it would be fine.
4. But hey, this package is not used by anything, and the last package using it in Gentoo was removed in 2020, after not being touched for 4 years already. Also, that package is not maintained upstream since 2017, so I guess there's negligible risk of it ever coming back.
#Python

I updated my orange pi zero to #openbsd 7.9 really easily with the sysupgrade command. Easier than debian and alpine and the other operating systems.
I am running a #tor site on it that displays the system information from a python script I made.
You can view it here:

«YubiKey Manager — Sicherheitslücke ermöglicht Ausführung untergeschobenen Codes:
Yubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.»
Eine IT-Security Meldung die wirklich sicher ist und Updates nun wirklich sofort vor dem Wochenende gemacht werden müssen.
🔐

YubiKey Manager: Sicherheitslücke ermöglicht Ausführung untergeschobenen Codes
Yubico warnt vor einer Suchpfad-Schwachstelle im YubiKey Manager, libfido2 und python-fido2. Updates korrigieren die Fehler.

from my link log —
Nornir: an automation framework in Python.
https://nornir.readthedocs.io/en/latest/
saved 2020-03-23 https://dotat.a…

Beautiful palettes based on art for R and python: #rstats #ggplot

Meanwhile, on the Python/Django side of life… Over the past few evenings I’ve made numerous updates and bug fixes to my reusable, pluggable, multi-user/multi-group task assignment system for Django. Live on the demo site and installable now. Hope it’s useful!
https://django-todo.org/

for no particular reason whatsoever, I've updated my guide on how to measure #Python coverage across GitHub Action containers without an external service (*cough* Codecov *cough*)
https://hynek.me/articles/ditch-codeco

How to Ditch Codecov for Python Projects
Codecov’s unreliability breaking CI on my open source projects has been a constant source of frustration for me for years. I have found a way to enforce coverage over a whole GitHub Actions build matrix that doesn’t rely on third-party services.

RE: https://seattle.pink/@mxchara/116750125454729237
The fact that (so far) Python is in the lead makes me sad.
Python is unfit for system administration. You’ll only convince me otherwise when every fucking Python program doesn’t need its own bespoke …

Always appreciate #Python package developers being responsible about API stability, and… [checks notes]… raising the major version number over a "minor API tweak", then delaying the release until a security fix demanded one.
#packaging

from my link log —
Someone’s been messing with Python’s floating point subnormals!
https://moyix.blogspot.com/2022/09/someones-been-messing-with-my-subnormals.html
saved 2022-09-06

Someone’s Been Messing With My Subnormals!
TL;DR: After noticing an annoying warning, I went on an absurd yak shave, and discovered that because of a tiny handful of Python packages b...

Yesterday I discovered endlessh (https://github.com/skeeto/endlessh), which is a tarpit for those SSH login guessing bots. I made a little Python script that filters its logs and gives me some stats.
It's a lot of fun to see them get trapped, and I'm also having fun looking up from which count…

Bookmarked: Phillip B. Ströbel: Von der Pythia zu Python. Einführung in die Programmierung für die Geschichtsforschung #Jupyter

Vulnerability and malware checks in #uv
#python

Here is a quine in #lean
def main : IO Unit := do
let s := "\n IO.print (\"def main : IO Unit := do\\n let s := \" s.quote s)\n"
IO.print ("def main : IO Unit := do\n let s := " s.quote s)
S is code to print the preamble P, then S quoted and then S.
If you want to test it, make sure there is a newline at the end of the file because S ends in "\n".
#Python:
s = '\nprint("s = " repr(s) s)'
print("s = " repr(s) s)
2/2

Someone in another country apparently gave their students the task to reproduce one of our studies but gave them no guidance on how to do it 😬 I'm really sorry, not-my-students but I can't give you individual tutoring on experimental methods, data analysis, Python and statistics this week. Sorry your prof sucks 🙃 #academicChatter

I'm exploring installing R and other stuff on Windows for planning teaching, and I found an answer to a question I didn't know I needed to ask: Don't install R, RStudio, Python, Julia etc on OneDrive
https://tclark89.github.io/quarto-blog/posts/2022-09-20-…

Har scriptat upp en oöverskådlig excelfil med hjälp av python. Alltså - att köra en mönsterigenkänning först och sedan normalisera svar gör 5 heldagars arbete möjligt att göra på 2 timmar (debugg i Lumo dock).
Nu kan jag lägga 2 timmar på att dubbelkolla att scriptet inte gjort fel - det sköna är att om fel finns är det systematiskt och då kan jag sluta söka vid ett enda fel.
Jag känner mig faktiskt cool just nu

@… thanks!
Marimo OSS Python Notebook RCE: From Disclosure to Exploitation in Under 10 Hours | Sysdig — <https://www.

📆 On 13 August, all #Berlin #Python user groups – @…, @…

Python in Berlin BBQ @ c-base, Thu, Aug 13, 2026, 7:00 PM | Meetup
Normally we announce our talks here, but this time we are taking a short summer break and therefore invite you to a barbecue at the Spree. The BBQ is for all Berlin Python

I know #Replit bills itself as a #vibecoding platform these days, but I opened it for a quick Python REPL and couldn't figure out for the life of me how to bypass the #AI prompt.

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

anyone out there who could look at how I'm trying to build pyemscripten wheels for argon2-cffi? at 71 million downloads per month I suspect there might be some demand for wasm wheels, but I've never used any of this so I'm just reading blog posts and guessing
https://github.com/hynek/argon2-cffi-b

Build pyemscripten wheels by hynek · Pull Request #129 · hynek/argon2-cffi-bindings
Low-level Python CFFI Bindings for Argon2. Contribute to hynek/argon2-cffi-bindings development by creating an account on GitHub.

Unexpected

I have just published a new bug fixes minor release for #Diaphora, version 3.4.1.
https://github.com/joxeankoret/diaphora/releases/tag/3.4.1

Release Diaphora 3.4.1 · joxeankoret/diaphora
This is a minor bug fixes release. MISC: Added requirements.txt BUG: Both quick_ratio and real_quick_ratio were wrongly checking buf1 and buf2, issue #354. BUG: Project specific Python scripts were...

»Hey, KI! Bestimmt erinnerst du dich noch an die 150.000 Zeilen Code, die du mir vor so sieben, acht Monaten mal in Python vibecoded hast? Der müsste jetzt bitte auf das neue API angepasst werden. Und wenn du eh schon dabei bist: portiere das doch alles auch gleich noch von Python nach Rust.« 🤡 #justthinkin

A lot of open source projects take care to preserve compatibility with the past, so that changes do not break the projects of existing users.
But then there are others. In my list of "damn the past, full speed ahead on incompatible changes!!" are my most recent encounters:
- Python (not only was the Python 2 abandonment unforgivable and cost many of us a lot of useless conversion work, but the versions of Python 3 seem to change from one to the next to the degree that…

Noch ein paar der zuletzt hier besonders häufig geteilten #News:
„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python

„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python
Die Entdecker haben die root-Lücke im Linux-Kernel „Copy Fail“ getauft. Alle größeren Distributionen seit 2017 sind betroffen.

Video tutorials for modern ideas and open source tools. #python

Code. Simply. Clearly. Calmly.
Short and simple video lessons that start from scratch. Tools and thoughts that might make your professional life more enjoyable.

Hey, ASCIIquarium was ported from Perl to Python! https://pypi.org/project/asciiquarium/

wtf does everytime a new v of #python is rolled out in linux distros, all virtual envs break, and i do have to rebuild them manually. we're now 13 minor versions since py v2.7 and everything became worse since then. i have a stable app, and if python would not fuck up this i would not have to touch it in a decade, but because of this, i feel like i'm in the java ecosystem where work is gener…

Squash Bug War Casualty Report: Adults 0, Egg Pods 0.
No enemy contact, but I know they are out there, it’s like they are taunting me . . .
“Hallo, you tiny-brained gardener! You frighten no one! Today we did not come, because we did not feel like it!”
#gardening #oklahoma

🎬 Supported events include batch job completion, video generation via #Veo, and agent workflow signals. One WebhookConfig object wired directly into your generate_videos() or batch call.
🐍 The #Python SDK makes it trivial — pass a WebhookConfig with your URI and subscribed events to any long-…

httpx2 has proper API docs and intersphinx 🥲
now they just need to start using it themselves in their narrative docs 😅
https://github.com/hynek/stamina/commit/63663956d99aea06b8350293c0a7b12353793d12

docs: httpx2 has intersphinx 🥲 · hynek/stamina@6366395
Production-grade retries for Python. Contribute to hynek/stamina development by creating an account on GitHub.

0 days since provenance checks protected us from [checks notes] another project starting to upload distributions via #uv.
#Python #security

Mir fehlte ein simples Tetris ohne Werbung, Irgendwas-Mode und Krimskrams. Geht (dank Python und der sehr praktischen pyGame-Library) auch ohne Vibecoding. Auch wenn's trivial ist: das Gefühl, selbst eine gute Lösung gefunden zu haben, wie sich etwas programmieren lässt, ist immer noch ein sehr gutes ;)

It strikes me that one of the things LLMs rob us of is the exact kind of serendipity that much of OSS relies on.
I was just looking something up on https://docs.python.org, which lead me to stumble on a line of documentation entirely irrelevant to what I was trying to do - But it caught my eye because…

So virtualenv solves the issue of brutal incompatibilities between python stuff (at the cost of huge amounts of diskspace), but the minute uwsgi comes into play, it is overboard and there is hardly any way to activate plugins for old python interpreters. #pythonwoes

Analysis: the share of entry-level hiring in India's tech sector fell to ~15% in 2025 from 28% in 2024 as companies shifted focus to AI and automation roles (Tanya Pandey/The Economic Times)
https://economictimes.i…

India’s tech sector grows with fewer freshers as AI reshapes hiring
The share of entry-level hiring in the sector has fallen to around 15% in 2025 from 28% in 2024 as companies focus more on AI, cloud, cybersecurity and automation-focused roles. Emerging technology roles account for nearly 52% of hiring demand and are expected to touch 60% by the end of 2026, signalling a broader shift away from campus-led pyramid hiring model, experts said.

There's roughly two ways I've acquired skills in programming languages in the past: the "hard" way for writing code (e.g., "Learn Python the Hard Way"), and the "easy" way for learning to read a new programming language by skimming the language specs or leafing through a book on the topic (e.g., "The Supercollider Book").
I suppose there's a third way now for me: Reading up on software architecture design (e.g., stuff like "500 lines or less"), so that co-creation skills with large language models are improved?
For example, Yoav Rubin's article on "An Archaeology-Inspired Database" in 500 lines or less really made me think about Clojure in a new way.
Thoughts on this?
#AIResearch #Software #programming

#Steady #Klimacrew
#Datenanalyse von #Stromspeicher​n: Wie lassen sich extreme Werteun…

Batteriespeicherdiagramme: Lineare Skala vs. logarithmische Skala
Warum eine logarithmische Skala bei Batteriespeicher-Diagrammen notwendig ist – und wie du das Problem in Python löst.

> We introduce gpusnek, a fully functional Python interpreter ported to CUDA, enabling execution of arbitrary Python code directly on the GPU by running one whole interpreter on every CUDA core/thread. This is a tremendously bad idea, but for the duration of this paper we pretend that it is not
[Josef Dean in SIGBOVIK 2026]

I created a new repo/tool today to evaluate and collect the rapidly changing tooling configurations that everyone is trying to figure out (using statistical experimental design) I used Claude/Gastown to both make it and operate it and have some initial comparison data on opus/sonnet and Python/TS/Go etc. for a small test. I’d be happy for some github stars if people think it could be useful.

GitHub - adrianco/retort: Platform Evolution Engine. Distill the best from the combinatorial mess.
Platform Evolution Engine. Distill the best from the combinatorial mess. - adrianco/retort

Einige der zuletzt hier besonders häufig geteilten #News:
„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python

„Copy Fail“: Linux-root in allen großen Distributionen mit 732 Byte Python
Die Entdecker haben die root-Lücke im Linux-Kernel „Copy Fail“ getauft. Alle größeren Distributionen seit 2017 sind betroffen.

If uv is not available in a Python environment, you can still specify the versions using pylock.toml. We have described how to do this here: https://python-basics-tutorial.readthedocs.io/en/latest/libs/install.html#of-packages

Adding more Python libraries
Although Python’ „Batteries included“ philosophy means that you can already do a lot with the default installation of Python, there will inevitably come a situation where you need functionality tha...

I’m shocked I haven’t sold out PyTexas yet! What’s up Austin, I even got a fresh haircut! #Python
https://pretix.eu/pytexas/2026/

PyTexas 2026
April 17 – 19, 2026

➡️ PyPI · The Python Package Index
#bookmarks

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

Does anyone happen to know if #PSF is processing contributing membership applications? Mine is stuck with no reply for almost 2 months now, and I'm wondering if it's just normal delay or something went wrong.
#Python

A user at a client contacted me over what transpired to be them trying to install a python library on a machine (that didn’t have python installed) to run an AI tool at the direction of ChatGPT.
After *I* get it installed:
User: “Ok, how does it work?”
Me: 🤷🏻‍♀️ (╯°□°）╯︵ ┻━┻ “never seen it before”

Yeah, life's just peachy-keen over on the California whacko site

handy random string (password) generator
echo `tr --complement --delete "a-fA-F0-9" < /dev/urandom | head -c 12`
#bash #cmdline #tricks
source:

yunohost/helpers/helpers.v2.1.d/string at b1ce284434a06e204e6eda17746d1d60990be811 · YunoHost/yunohost
YunoHost is an operating system aiming to simplify as much as possible the administration of a server. This repository corresponds to the core code, written mostly in Python and Bash. - YunoHost/yu...

whoah cyclopts sounds incredible! turn any python function into a command line script!!!!! if only it could run in a browser too :-) #NotAskingMuchObvs :)

Is it only me, or has the hashtag #Python converted in to a LinkedIn-like wave of marketing bullshit? I really like Python, and use it a lot, but this is becoming unbearable.

@… My PhD thesis literally was a bunch of Python classes. On some level. But that’s not the point of the thesis…

@… My PhD thesis literally was a bunch of Python classes. On some level. But that’s not the point of the thesis…

At work @…, we are testing a new format where everyone from the support team has a one on one with everyone else. I created a python script to create the combinations and dates. At home, I thought it would be nice to make it easier to use and get back into learning Vue. I re-created the script as a tiny web app: MatchICS.
You enter a list of entities (people, t…

Are you really expected to run five type-checkers now?
#python

Yes, please reinvent more wheels by rewriting #Python logic in #RustLang. What could possibly go wrong?!
https://github.com/awolverp/cachebox/issues/51

For a tool I'm writing I need to do some web searches from time to time. Mostly from Python. What can I use without having to buy/get an API key? Anything as of today that still works?

Here’s my part in the great nogil/free-threading endeavor: build-and-inspect-python-package now will optionally add 3.14t and 3.15t to the generated matrix if a package indicates to support 3.14 or 3.15!
https://github.com/hynek/build-and-inspect-python-package…

Release v2.16.0 · hynek/build-and-inspect-python-package
Added New include-free-threaded input. When set to 'true', free-threaded Python siblings (for example, 3.14t) are included in the version outputs for Python 3.14 and later, inserted inline after e...

#TGIQF: „Das Leben des Brian“ — Das Quiz rund zu Monty Pythons Filmklassiker
Die Komödie "Das Leben des Brian" sorgte 1979 für reichlich Gelächter und kirchliche Pikiertheit. Wir würdigen den Monty-Python-Klassiker mit einem Quiz.

#TGIQF: Das Quiz rund um „Das Leben des Brian“
Die Komödie "Das Leben des Brian" sorgte 1979 für reichlich Gelächter und kirchliche Pikiertheit. Wir würdigen den Monty-Python-Klassiker mit einem Quiz.

from my link log —
A simple Daikon-style runtime invariant miner for Python.
https://rahul.gopinath.org/post/2026/05/09/simple-invariant-miner/
saved 2026-05-15

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

Florian Thierrys #OER zu #QGIS und #Wikidata: https://…

#Steady #Klimacrew
„Wie sieht denn Deine #Bubble bei #Mastodon aus?“
Diese Frage wurde mir …

Wie tickt meine Mastodon-Bubble? Eine API- und LLM-gestützte Analyse
Mastodon-Follower analysieren mit der API: So erstellst du per Python und LLM eine Wortwolke deiner Bubble.

Here’s stamina 26.1.0, my opinionated #Python retry package, that now supports more than 1024 retries for the cases when you need A LOT of stamina: https://github.com/hynek/stamina/releases/tag/26…

Release 26.1.0 · hynek/stamina
Highlights stamina now allows more than 1024 retries by handling overflows and warns on a footgun. Full changelog below! Special Thanks This release would not be possible without my generous sponso...

why can't a minor version change not be goddamn backward compatible ffs.
#python

@… I gave this thing a try today... 😉
https://codeberg.org/jjg/paxton

paxton
A search engine in about 100 lines of Python

The state of #security these days: #Python #virtualenv package now includes SHA256 sums of their bundled wheels, declaring that it protects against "supply-chain compromise". Because obviously there are so many attack vectors that permit you to alter a .whl file but not the .py file in the same directory.
No, I'm not saying verifying checksum makes no sense, because indeed it can save some pain if fs is damaged somehow. However, calling this a "security" feature is a misnomer at best, and openly giving people false sense of security at worst.

A medical student reverse-engineered AI tools used by medical colleges on suspicion they were filtering his applications, highlighting AI-driven hiring concerns (Todd Feathers/Wired)
https://www.wired.com/story/he-couldnt-land-a-job-interview-was-ai-to-blame/

He Couldn’t Land a Job Interview. Was AI to Blame?
Armed with some Python and a white-hot sense of injustice, one medical student spent six months trying to figure out whether an algorithm trashed his job application.

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

🛠️ Code generation with diff preview, cURL builder from captured requests, one-click request replay, VS Code-style command palette (Ctrl K), built-in Swagger UI & dark/light theme with PWA offline support
🌐 Language-agnostic API (#OpenAPI 3.1) - send debug data from #Python,

Should I learn #pico8 or #tic80? I am thinking to learn tic80 because it supports more platforms to support my game on. At the same time pico8 runs better on my powkiddy v90 handheld where I do want my games to run on.
I know python so I think I can learn lua for pico8 or tic80. As well as the other fu…

i'm so fucking sick of it
i've got ONE extremely simple and extremely explicit contribution rule/brown m&m test: do not delete the PR checklist
since i'm busy getting structlog out, I’ve let the attrs bug tracker a bit off the leash
go & count for yourself how many PRs opened in the past month followed that instruction.
(and of course, this is not about bureaucracy; they violate many of the important items on that list)

Pull requests · python-attrs/attrs
Python Classes Without Boilerplate. Contribute to python-attrs/attrs development by creating an account on GitHub.

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

Maintainer friends of wheel-heavy #Python packages: do we already have some practical, standard way to automatically upload all the cibuildwheel output across all architectures? My current workflow is a) a pain in the ass and b) requires me to have one last PyPI upload token.

One of my strong suites in all the packaging work is the knowledge in my head.
"Why don't you write it down for others to benefit from, then?", you'd ask.
The thing is, this knowledge is basically "hot cache". I'm bumping hundreds of #Python packages in #Gentoo, so I remember stuff. And because of that, I can quickly notice some things or answer some questions.
If that were written down, the effort needed to find it would diminish all the gain. I mean, technically *it is* already written down, and the whole point is that I have it "cached".

Pablo Python nailed the Tim Apple impression #PyConUS

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

Dynamic #Languages Faster and Cheaper in 13-Language #ClaudeCode Benchmark
https://www.infoq.com/news/2026/04/…

Now elementary-data has also been hit: for just under half a day, a malicious version 0.23.3 was available on PyPI, which had stolen credentials such as SSH keys, AWS login details, API tokens and wallet files. The attack was carried out via a script injection vulnerability in one of the GitHub Actions workflows. Cooldown helps protect against such attacks, as we have described here:

Apps
App projects are suitable for web servers, scripts and CLI. We can also create them with uv init --package: myapp/pyproject.toml, The pyproject.toml file contains a scripts entry point myapp:main: ...

python_dependency: Python Dependency Network
Python's package dependency networks. Nodes in the network are Python's packages registered to PyPI and edges are dependencies among packages.
This network has 58743 nodes and 108399 edges.
Tags: Technological, Software, Unweighted
https://networks.sk…

I tried to get someone’s Python code to work and could not due to errors and I did a few searches and then gave up.
I could try using some AI chatbot bullshit to help me out but fuck that… it’s easier to just give up and walk away. Oh well.

It's always important to have a consistent #security policy.
For example, a policy of "If somebody filed a CVE, it's an important security issue, and we will fix it as such, no matter how meaningless the fix is. If nobody did, it's just a glorified bug fix, no matter how serious the bug was."
So we've just seen a #pip security release over "installing random packages can overwrite pip's files and pip can lazy-import some of them immediately afterwards", with a fix of "pip will no longer load them until you run it again" (leaving the underlying security issue of "any #Python package can override files installed by any other Python package" as intended behavior). As Eli Schwartz beautifully put it, you are not expected to be using the virtual environment; you should create it, install packages into it (at most once!), and then frame it and put it on the wall to admire.
Now we're seeing a "bug fix" for "malicious entry point names can write outside of virtual environment". If nobody filed a CVE, it's obviously not a security issue at all. At least upstream graced us with fixing it without correcting the spec to forbid that first.
https://github.com/pypa/pip/issues/14000

I’d like to announce the most unlikely #Python package release:
service-identity 26.1.0, the best way to verify if a certificate is valid for a hostname, IP, or URI is out!
The main change is that we were able to switch from pyasn1 (thank you for more than a decade of great service! 🫡💛) to do everything within PyCA's cryptography.

Release 26.1.0 · pyca/service-identity
Highlights The true highlight is that thanks to cryptography 47, we can drop two dependencies (that have served use very well for more than a decade; thank you so much pyasn1 maintainers!). Full c...

I think we should EOL #Python versions more often. This triggers not-very-active projects to finally make a release, including another batch of releases today (apparently 6 months mark). Unlike, I don't know, bug fixes.
#Gentoo

The #Gentoo #Python 3.14 switch / 3.11 3.13t removal PR is green. Doing some final testing locally before merging it (one that involves 350 "merge wait" packages, what could possibly go wrong…).
https://codeberg.org/gentoo/gentoo/pulls/1031

1. Do random changes to cython-test-exception-raiser, and commit them as "initial code".
2. Move the extension module from the package directory into top-level "raiser.*.so", for no apparent reason.
3. Switch to CalVer, so that #Twisted newer upgrades to the new releases (it pins to <2).
4. I file a bug, because I'd like to finally remove the old version from #Gentoo.
#Python

0 days since we went from "we should replace `setup.py` with a bunch of standardized #PEP517 backends" to "every package must have its own local PEP517 backend".
#Python

> No significant changes.
Looks inside.
> Significant changes.
#Python