Security updates for Monday
Security updates have been issued by AlmaLinux (golang, nodejs22, thunderbird, and varnish), Debian (gimp, modsecurity-apache, python-tornado, and roundcube), Fedora (chromium, coreutils, fcgi, ghostscript, krb5, libvpx, mingw-gstreamer1-plugins-bad-free, mingw-libsoup, mod_security, and samba), Mageia (php-adodb, systemd, and tomcat), Red Hat (buildah, firefox, glibc, grafana, kernel, libsoup, libxslt, mod_security, perl-FCGI, podman, python-tornado, and skopeo), Slackware (libvp … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (go-toolset:rhel8, golang, nodejs:20, nodejs:22, openssh, and python36:3.6), Debian (edk2, libfile-find-rule-perl, and webkit2gtk), Fedora (emacs, libvpx, perl-FCGI, and seamonkey), Mageia (cifs-utils), Red Hat (containernetworking-plugins, go-toolset:rhel8, golang, gvisor-tap-vsock, krb5, mod_auth_openidc:2.3, protobuf, and thunderbird), Slackware (seamonkey), SUSE (gimp, gnutls, haproxy, opensaml, openssh, openvpn, python-crypto … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (varnish), Debian (asterisk and roundcube), Fedora (systemd), Mageia (golang), Red Hat (ghostscript, perl-CPAN, python36:3.6, and rsync), SUSE (govulncheck-vulndb, libsoup-2_4-1, and postgresql, postgresql16, postgresql17), and Ubuntu (mariadb, open-vm-tools, php-twig, and python-tornado). ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (espeak-ng, kitty, kmail-account-wizard, krb5, libreoffice, libvpx, net-tools, python-flask-cors, symfony, tcpdf, thunderbird, and twitter-bootstrap3), Fedora (chromium, dropbear, firefox, gstreamer1-plugins-bad-free, python-tornado, systemd, and thunderbird), Mageia (coreutils, deluge, glib2.0, and redis), Oracle (firefox, kernel, and systemd), Red Hat (firefox, kernel, kernel-rt, varnish, varnish:6, and zlib), SUSE (bind, curl, dnsdist, … ⌘ Read more

Security updates for Friday
Security updates have been issued by AlmaLinux (.NET 8.0, .NET 9.0, firefox, ghostscript, gstreamer1-plugins-bad-free, libsoup3, mingw-freetype, perl, ruby, sqlite, thunderbird, unbound, valkey, and xz), Debian (chromium, firefox-esr, libavif, linux-6.1, modsecurity-apache, mydumper, systemd, and thunderbird), Fedora (coreutils, dnsdist, docker-buildx, maturin, mingw-python-flask, mingw-python-flit-core, ruff, rust-hashlink, rust-rusqlite, and thunderbird), Red Hat (pcs), SUSE (augeas, … ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel and kernel-rt), Debian (firefox-esr, libvpx, net-tools, php-twig, python-tornado, setuptools, varnish, webpy, yelp, and yelp-xsl), Fedora (xen), Mageia (cimg and ghostscript), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, thunderbird, and unbound), Red Hat (firefox, mingw-freetype and spice-client-win, pcs, and varnish:6), Slackware (curl and mozilla), SUSE (apparmor, containerd, dnsdist, go1.23-openssl, go1.24 … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free and kernel), Arch Linux (bind and varnish), Debian (glibc and syslog-ng), Fedora (microcode_ctl, mozilla-ublock-origin, nodejs20, and nodejs22), Mageia (firefox, nss, rootcerts, open-vm-tools, sqlite3, and thunderbird), Oracle (gstreamer1-plugins-bad-free, kernel, libsoup, nodejs:22, php, php:8.2, php:8.3, python-tornado, redis, and redis:7), Red Hat (libsoup, pcs, and python-tornado), Slackware … ⌘ Read more

Add Virtual Threads to Python
Comments ⌘ Read more

Pyrefly vs. ty: Comparing Python’s Two New Rust-Based Type Checkers
Comments ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (gstreamer1-plugins-bad-free, libsoup, and python-tornado), Debian (libavif and pgbouncer), Red Hat (gstreamer1-plugins-bad-free, mingw-freetype and spice-client-win, and webkit2gtk3), SUSE (firefox, govulncheck-vulndb, and python310-setuptools), and Ubuntu (flask, intel-microcode, openjdk-17-crac, tika, and Tomcat). ⌘ Read more

Ollama-OCR：基於 Ollama 多模態大模型的端到端文檔解析和處理
基本介紹Ollama-OCR 是一個 Python 的 OCR 解析庫，結合了 Ollama 的模型能力，可以直接處理 PDF 文件無需額外轉換，輕鬆從掃描版或原生 PDF 文檔中提取文本和數據。根據使用的視覺模型和自定義提示詞，Ollama-OCR 可支持多種語言，並且能把文檔轉換爲特定的格式進行輸出。支持多種視覺模型———–可以從 Ollama 上選擇最新的視覺模型： ● gem ⌘ Read more

Single process, multiple interpreters, no GIL contention - pre-Python3.12
Comments ⌘ Read more

@prologic@twtxt.net interesting that ruby is so low on the list, i find it the easiest to learn! hell i struggle with python more than ruby and i’ve been told that python is like ruby but better lol. maybe it’s just my weird brain!

Writing your own CUPS printer driver in 100 lines of Python
Comments ⌘ Read more

One of the nicest things about Go is the language itself, comparing Go to other popular languages in terms of the complexity to learn to be proficient in:

• Go: 25 keywords (Stack Overflow); CSP-style concurrency (goroutines & channels)
  
• Python 2: 30 keywords (TutorialsPoint); GIL-bound threads & multiprocessing (Wikipedia)
  
• Python 3: 35 keywords (Initial Commit); GIL-bound threads, asyncio & multiprocessing (Wikipedia, DEV Community)
  
• Java: 50 keywords (Stack Overflow); threads + java.util.concurrent (Wikipedia)
  
• C++: 82 keywords (Stack Overflow); std::thread, atomics & futures (en.cppreference.com)
  
• JavaScript: 38 keywords (Stack Overflow); single-threaded event loop & async/await, Web Workers (Wikipedia)
  
• Ruby: 42 keywords (Stack Overflow); GIL-bound threads (MRI), fibers & processes (Wikipedia)
  

@bender@twtxt.net Here’s a short-list:

• Simple, minimal syntax—master the core in hours, not months.
  
• CSP-style concurrency (goroutines & channels)—safe, scalable parallelism.
  
• Blazing-fast compiler & single-binary deploys—zero runtime dependencies.
  
• Rich stdlib & built-in tooling (gofmt, go test, modules).
  
• No heavy frameworks or hidden magic—unlike Java/C++/Python overhead.

Security updates for Friday
Security updates have been issued by Fedora (dotnet9.0, dropbear, ghostscript, nbdkit, openssh, python-watchfiles, rpm-ostree, yelp, yelp-xsl, and zsync), Oracle (firefox and kernel), Red Hat (osbuild-composer), Slackware (aaa_glibc and mozilla), SUSE (chromedriver, open-vm-tools, postgresql14, python-cryptography, and thunderbird), and Ubuntu (linux-aws, linux-hwe-5.4, python, and sqlite3). ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (kernel, kernel-rt, and webkit2gtk3), Fedora (mozilla-ublock-origin and sudo-rs), Oracle (.NET 8.0, compat-openssl10, grafana, osbuild-composer, redis:6, ruby:2.5, and webkit2gtk3), SUSE (dante, firefox-esr, gnuplot, govulncheck-vulndb, grype, postgresql13, postgresql14, postgresql15, postgresql16, postgresql17, python-tornado6, python314, thunderbird, ucode-intel, and xen), and Ubuntu (bind9, libfcgi-perl, linux-ibm-5.4, linux-oracle-5.4 … ⌘ Read more

[$] Recent disruptive changes from Setuptools
In late March, version 78.0.1 of Setuptools — an important
Python packaging tool — was released. It was scarcely half an hour before
the first bug\
report came in, and it quickly became clear that the change was far
more disruptive than anticipated. Within only about five hours [78.0.2 was\
published to roll back the change](https://setuptools.pypa.io/e … ⌘ Read more

Security updates for Wednesday
Security updates have been issued by AlmaLinux (.NET 8.0, avahi, buildah, compat-openssl10, compat-openssl11, expat, firefox, gimp, git, grafana, libsoup, libxslt, mod_auth_openidc, nginx, nodejs:22, osbuild-composer, php, redis, redis:7, skopeo, thunderbird, vim, webkit2gtk3, xterm, and yelp), Arch Linux (dropbear, freetype2, go, nodejs, nodejs-lts-iron, nodejs-lts-jod, python-django, webkit2gtk, webkit2gtk-4.1, webkitgtk-6.0, and wpewebkit), Debian (mongo-c-driver), Fedora (openssh, … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by Debian (firefox-esr, openjdk-11, openjdk-17, and wireless-regdb), Fedora (iputils, open-vm-tools, sfnt2woff-zopfli, and woff), Red Hat (postgresql:12), SUSE (apache2-mod_auth_openidc, brltty, helm, python-maturin, and rubygem-rack), and Ubuntu (linux-azure-fips). ⌘ Read more

A Python frozenset interpretation of Dependent Type Theory
Comments ⌘ Read more

Golang 業務邏輯 WASM 化實踐指南
爲什麼選擇 WASM 邊緣計算？在物聯網和 5G 加速普及的當下，邊緣計算對低延遲和離線能力的需求暴增。傳統容器方案（如 Docker）在邊緣設備上面臨三大痛點：資源消耗大：x86 容器鏡像通常超過 100MB，ARM 設備運行效率低下 冷啓動慢：Node.js/Python 等解釋型語言啓動時間超過 500ms 安全風險：系統級隔離存在逃逸風險 WebAssembly（WASM ⌘ Read more

Golang 業務邏輯 WASM 化實踐指南
爲什麼選擇 WASM 邊緣計算？在物聯網和 5G 加速普及的當下，邊緣計算對低延遲和離線能力的需求暴增。傳統容器方案（如 Docker）在邊緣設備上面臨三大痛點：資源消耗大：x86 容器鏡像通常超過 100MB，ARM 設備運行效率低下 冷啓動慢：Node.js/Python 等解釋型語言啓動時間超過 500ms 安全風險：系統級隔離存在逃逸風險 WebAssembly（WASM ⌘ Read more

以 StreamableHTTP 爲例，對 MCP 進行總結與實踐
引言近日，MCP 迎來更新，StreamableHTTP 從 3 月 26 日協議發佈，到這禮拜進行落地，從 python 的 sdk 上來看，更新的代碼量並不大，但畢竟是一個協議，從 github 上的幾百條 discussion 中，可以看到還是有非常多褒貶不一的聲音：本篇就以更新後的 StreamableHTTP，做了一個實踐測試。從 stdio 到 StreamableHTTP最初，標準輸 ⌘ Read more

autogenlib - Python lib for “vibe importing”, generates the code based on its call site
Comments ⌘ Read more

The first year of free-threaded Python
Comments ⌘ Read more

Excel MCP: 自動讀取、提煉、分析 Excel 數據並生成可視化圖表和分析報告
最近，一款 Excel MCP Server 的開源工具火了，看起來功能很強大，咱們今天來一探究竟。基礎環境—-Python 3.10 or higher Python 3.10或更高版本需要提前安裝uvpip istall uv安裝 MCP SERVER————-下載服務包git clone https://github.com/haris-musa/excel-mcp-se ⌘ Read more

@kat@yarn.girlonthemoon.xyz @prologic@twtxt.net Given that all these programs are super old (tar is from the late 1970ies), while trying to retain backwards-compatibilty, I’m not surprised that the UI isn’t too great. 🤔

find has quite a few pitfalls, that is very true. At work, we don’t even use it anymore in more complex scenarios but write Python scripts instead. find can be fast and efficient, but fewer and fewer people lack the knowledge to use it … The same goes for Shell scripting in general, actually.

Security updates for Monday
Security updates have been issued by Debian (libbson-xs-perl, postgresql-13, redis, and simplesamlphp), Fedora (chromium, deluge, epiphany, golang-github-nats-io-nkeys, libxmp, nodejs22, perl-Compress-Raw-Lzma, php-adodb, python-h11, and xz), Gentoo (firefox, NVIDIA Drivers, Orc, PAM, and thunderbird), Mageia (libreoffice, python-django, and transfig), Red Hat (emacs, firefox, python39:3.9, and thunderbird), SUSE (bird3, freetype2, ldap-proxy, libmosquitto1, and ruby3.4-rubygem-rack … ⌘ Read more

I made a Vim Game in Python ⌘ Read more

Security updates for Friday
Security updates have been issued by Debian (fossil, libapache2-mod-auth-openidc, and request-tracker4), Fedora (thunderbird), Mageia (firefox and thunderbird), SUSE (389-ds, apparmor, cargo-c, chromium, go1.24, govulncheck-vulndb, java-1_8_0-openjdk, kanidm, libsoup, mozjs102, openssl-1_1, openssl-3, python-Django, sccache, tealdeer, tomcat, transfig, wasm-bindgen, and wireshark), and Ubuntu (libreoffice and python-h11). ⌘ Read more

Thanks, @movq@www.uninformativ.de! That seems to be much easier. It’s already implemented in the Python docs as examples of recvmsg(…) and sendmsg(…):

• https://docs.python.org/3/library/socket.html#socket.socket.recvmsg
  
• https://docs.python.org/3/library/socket.html#socket.socket.sendmsg
  

I looked at them sooo many times in order to figure out why my SCM_CREDENTIALS sending code didn’t work. :-D

Security updates for Thursday
Security updates have been issued by Debian (chromium, libapache2-mod-auth-openidc, mariadb-10.5, and openssh), Red Hat (osbuild-composer), Slackware (mariadb), SUSE (apache2-mod_auth_openidc, glib2, ImageMagick, libsoup, libsoup2, libva, openvpn, sqlite3, and weblate), and Ubuntu (libsoup3, php-horde-css-parser, and python-django). ⌘ Read more

A Rust API Inspired by Python, Powered by Serde
Comments ⌘ Read more

uv：統一的 Python 包管理
花下貓語：uv 項目自發布起就大受歡迎，目前 Github star 52.6 K，遠超過它的同類競品們。前不久，它的創始人在 X 上披露了一組驚人的數據：uv 曾佔據了 PyPI 超過 20% 的流量，用戶每天通過它發起約 4-5 億次下載請求！我在去年翻譯過 uv 首發時的新聞文章 [1]，根據博客後臺不完整的統計，從 Google 搜索進入的訪問量已經超過 3000，妥妥成爲了我博客的搜索訪 ⌘ Read more

Nobody want to be a shitty programmer. The question is: Do you do anything not to not be one?
Reading blogs or social media and watching YouTube videos is fun. After them, your code may be a little better, of course. But you need a lot. You need to study! Read good books and study the code of other programmers, for example. Maybe work with a new language, architectures and paradigms. You need break the routine.

If you know Object-oriented programming, you learn functional programming.
If you know Model-View-Controller, you learn Model-View-ViewModel.
If you don’t know anything about architectures, you learn Clean Architecture, Hexagonal Architecture, etc.
If you know Python, you learn Ruby or Go.
If you know Clojure or Lisp… you don’t need to learn anything else. You are already a good programmer. Just kidding. You can learn Elixir or Scala.

Be a good programmer my friend.

epub-utils: A Python CLI and utility library for manipulating EPUB files
Comments ⌘ Read more

Kate and Python language server
Comments ⌘ Read more

Security updates for Friday
Security updates have been issued by Debian (chromium, nodejs, openjdk-17, and thunderbird), Fedora (firefox, golang-github-nvidia-container-toolkit, and thunderbird), Mageia (kernel), Oracle (ghostscript, glibc, kernel, libxslt, php:8.1, and thunderbird), SUSE (cmctl, firefox-esr, govulncheck-vulndb, java-21-openjdk, libxml2, poppler, python-h11, and redis), and Ubuntu (docker.io, ghostscript, linux-xilinx-zynqmp, and micropython). ⌘ Read more

Enforcing Artifact Security with Trivy and OPA
In cloud-native development, ensuring the integrity and security of software artifacts (such as Docker images, Python wheels, and Helm charts) is a fundamental challenge. With the growing adoption of continuous integration and delivery pipelines, there’s a… ⌘ Read more

Automating code deletion with Gemini (and a little Python)
Comments ⌘ Read more

Pyrefly: A faster Python type checker written in Rust
Comments ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (glibc, php:8.1, and thunderbird), Debian (libreoffice), Fedora (caddy), Mageia (chromium-browser-stable), Red Hat (php:8.1), SUSE (glow), and Ubuntu (kicad, linux-aws-5.15, linux-azure-nvidia, linux-gcp-5.15, mistral, python-mistral-lib, tomcat8, and trafficserver). ⌘ Read more

We’re all old farts. When we started, there weren’t a lot of options. But today? I’d be completely overwhelmed, I think.

Hence, I’d recommend to start programming with a console program. As for the language, not sure. But Python is probably a good choice

That’s what I usually do (when we have young people at work who never really programmed before), but it doesn’t really “hit” them. They’ve seen so much, crazy graphics, web pages, it’s all fancy. Just some text output is utterly boring these days. ☹️ And that’s my problem: I have no idea how I could possibly spark some interest in things like pointers or something “low-level” like that. And I truly believe that you need to understand things like pointers in order to program, in general.

Python sub-micro GPIO
Comments ⌘ Read more

Wrote some serious Python for the first time in like 10 years 😱 I feel so dirty 🤣

@movq@www.uninformativ.de I started with Delphi in school, the book (that we never ever used even once and I also never looked at) taught Pascal. The UI part felt easy at first but prevented me from understanding fundamental stuff like procedures or functions or even begin and end blocks for ifs or loops. For example I always thought that I needed to have a button somewhere, even if hidden. That gave me a handler procedure where I could put code and somehow call it. Two or three years later, a new mate from the parallel class finally told me that this wasn’t necessary and how to do thing better.

You know all too well that back in the day there was not a whole lot of information out there. And the bits that did exist were well hidden. At least from me. Eventually discovering planet-quellcodes.de (I don’t remember if that was the original forum or if that got split off from some other board) via my best schoolmate was like finding the Amber Room. Yeah, reading the ITG book would have been a very good idea for sure. :-)

In hindsight, a console program without the UI overhead might have been better. At least for the very start. Much less things to worry about or get lost.

Hence, I’d recommend to start programming with a console program. As for the language, not sure. But Python is probably a good choice, it doesn’t require a lot of surrounding boilerplate like, say Java or Go. It also does exceptionally well in the principle of least surprise.

inline-python: Inline Python code directly in your Rust code
Comments ⌘ Read more

revisitando um projeto de há 2 anos
erro no build
python do meu OS é agora uma versão mais recente
incompatível com uma das bibliotecas
keeptryingkeepfailing.mp3
a esperança vã de meter um issue no tracker do projeto
má disposição por acabar o dia com prob não resolvido
horas depois à noite, ping
o developer respondeu ao issue
e fez grande commit pra resolver o problema

fuck yeah software livre :szterminal:

Security updates for Tuesday
Security updates have been issued by AlmaLinux (java-1.8.0-openjdk, kernel, libxslt, mod_auth_openidc:2.3, and webkit2gtk3), Fedora (c-ares, giflib, jupyterlab, perl, perl-Devel-Cover, perl-PAR-Packer, prometheus-podman-exporter, python-notebook, python-pydantic-core, rpki-client, ruby, rust-adblock, rust-cookie_store, rust-gitui, rust-gstreamer, rust-icu_collections, rust-icu_locid, rust-icu_locid_transform, rust-icu_locid_transform_data, rust-icu_normalizer, rust-icu_normalizer_data … ⌘ Read more

Exciting new for Python 3.14!
t-string, not to be confused with f-string, to avoid malicious code and make life easier for web developers.
https://davepeck.org/2025/04/11/pythons-new-t-strings/
#python

Template strings accepted for Python 3.14
The Python Steering Council
accepted PEP 750
(” Template Strings”) on April 10. LWN
covered the discussion around the proposal, including the
substantial revisions to the idea that were needed for it
to be accepted. Template strings (t-strings) are a new kind of string that produces
structured data instead o … ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (erlang, fig2dev, shadow, wget, and zabbix), Fedora (chromium, jupyterlab, llama-cpp, prometheus-podman-exporter, python-notebook, python-pydantic-core, rpki-client, rust-adblock, rust-cookie_store, rust-gitui, rust-gstreamer, rust-icu_collections, rust-icu_locid, rust-icu_locid_transform, rust-icu_locid_transform_data, rust-icu_normalizer, rust-icu_normalizer_data, rust-icu_properties, rust-icu_properties_data, rust-icu_provider, rust-icu\ … ⌘ Read more

@eaplme@eapl.me you wrote:

“That PHP snippet could be merged into https://twtxt.dev/exts/twt-hash.html”

Why, though? AFAIK @andros@twtxt.andros.dev’s client is on Emacs, @lyse@lyse.isobeef.org’s is on Python (and Golang, for tt2), @movq@www.uninformativ.de’s is on Python, and @prologic@twtxt.net’s is on Golang. All the client creator needs to know is in the documentation already, coding language agnostic.

Scratch that, no bug in jenny. There’s actually a test case for this. Python normalizes -00:00 to +00:00, so the negative case never happens.

Security updates for Thursday
Security updates have been issued by Debian (chromium and libapache2-mod-auth-openidc), Oracle (expat, freetype, glibc, grub2, gvisor-tap-vsock, and kernel), Red Hat (grub2 and webkit2gtk3), and SUSE (apache2-mod_auth_openidc, cosign, gitoxide, govulncheck-vulndb, GraphicsMagick, haproxy, hauler, mozjs52, oci-cli, pam, perl-Data-Entropy, poppler, python-lxml-doc, python311-aiohttp, rekor, rubygem-rexml, and webkit2gtk3). ⌘ Read more

If you are familiar with Python and want to learn Vim9 language, take a look here. ⌘ Read more

Go 語言新版的迭代器是怎麼個事
很多流行的編程語言中都以某種方式提供迭代器，其中包括 C++、Java、Javascript、Python 和 Rust。Go 語言現在也加入了迭代器。iter 包是 Go 1.23 新增的標準庫，提供了迭代器的基本定義和相關操作。爲什麼需要迭代器——–在 Go 1.18 引入泛型之後，便可以很方便的定義一些泛型容器類型來提升編碼效率。例如我們可以基於 map 類型定義了一個集合類型—— ⌘ Read more

Managing multi-line logs with Fluent Bit and Python
In this blog you will learn about:  Introduction Logs are essential for monitoring and debugging applications, but not all logs are created equal. While most logs follow a simple line-by-line format, others span multiple lines to… ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (gimp, libxslt, python3.11, python3.12, and tomcat), Debian (ghostscript and libnet-easytcp-perl), Fedora (openvpn, perl-Data-Entropy, and webkitgtk), Red Hat (python-jinja2), SUSE (giflib, pam, and xen), and Ubuntu (apache2, binutils, expat, fis-gtm, linux-azure, linux-azure-6.8, linux-nvidia-lowlatency, linux-azure, linux-azure-fde, linux-azure-5.15, linux-azure-fde-5.15, linux-azure-fips, linux-gcp-fips, linux-hwe-5.4, linux-nvidia, … ⌘ Read more

How can you pass command line arguments to a Python script when using the filter command ⌘ Read more

Security updates for Thursday
Security updates have been issued by AlmaLinux (expat), Debian (chromium, commons-vfs, firefox-esr, php-horde-editor, php-horde-imp, and thunderbird), Fedora (corosync, firefox, nextcloud, and suricata), Mageia (curl and upx), Oracle (emacs, fence-agents, freetype, kernel, libreoffice, libxml2, nginx:1.24, podman, python-jinja2, and tigervnc), Red Hat (firefox and python-jinja2), SUSE (assimp, ffmpeg-4, firefox, ghostscript, GraphicsMagick, libxslt, and tomcat), and Ubuntu … ⌘ Read more

Security updates for Tuesday
Security updates have been issued by AlmaLinux (freetype, grub2, kernel, kernel-rt, and python-jinja2), Debian (freetype, linux-6.1, suricata, tzdata, and varnish), Fedora (mingw-libxslt and qgis), Mageia (elfutils, mercurial, and zvbi), Oracle (grafana, kernel, libxslt, nginx:1.22, and postgresql:12), Red Hat (opentelemetry-collector), SUSE (corosync, opera, and restic), and Ubuntu (aom, libtar, mariadb, ovn, php7.4, php8.1, php8.3, rabbitmq-server, and webkit2gtk). ⌘ Read more

Security updates for Monday
Security updates have been issued by Debian (amd64-microcode, flatpak, intel-microcode, libdata-entropy-perl, librabbitmq, and vim), Fedora (augeas, containerd, crosswords-puzzle-sets-xword-dl, libssh2, libxml2, nodejs-nodemon, and webkitgtk), Red Hat (libreoffice and python-jinja2), SUSE (389-ds, apparmor, corosync, docker, docker-stable, erlang26, exim, ffmpeg-4, govulncheck-vulndb, istioctl, matrix-synapse, mercurial, openvpn, python3, rke2, and skopeo), and Ubuntu (ansible, linux, l … ⌘ Read more

Thank you @python_valencia@twtxt.python-valencia.es for letting me show you the secrets of a decentralised plain text social network like twtxt.
I hope you enjoyed the talk! ❤️🐍

Image

Image

I want to present the twtxt feed from Python Valencia: https://twtxt.python-valencia.es/
Technical curiosity: It is generated using n8n, using the official rss.
#welcome

Security updates for Wednesday
Security updates have been issued by Debian (nginx and ruby-rack), Fedora (expat and libxslt), Mageia (bluez, dcmtk, ffmpeg, and radare2), Red Hat (container-tools:rhel8, gvisor-tap-vsock, kernel, kernel-rt, libreoffice, and podman), SUSE (buildah, forgejo, gitleaks, google-guest-agent, google-osconfig-agent, govulncheck-vulndb, grafana, helm, libxslt, php8, python-gunicorn, and python-Jinja2), and Ubuntu (freerdp2 and varnish). ⌘ Read more

Thanks, @movq@www.uninformativ.de!

My backing SQLite database with indices is 8.7 MiB in size right now.

The twtxt cache is 7.6 MiB, it uses Python’s pickle module. And next to it there is a 16.0 MiB second database with all the read statuses for the old tt. Wow, super inefficient, it shouldn’t contain anything else, it’s a giant, pickled {"$hash": {"read": True/False}, …}. What the heck, why is it so big?! O_o

I now subscribed to most feeds in my Go tt reimplementation that I already followed with the old Python tt. Previously, I just had a few feeds for testing purposes in my new config. While transfering, I “dropped” heaps of feeds that appeared to be inactive.

This might motivate me to actually “finish” the new client, so that it could become my daily driver. No need to use the old software stack any longer. Let’s see how bad this goes.

Security updates for Tuesday
Security updates have been issued by Debian (ruby-rack), Fedora (chromium, golang-github-openprinting-ipp-usb, OpenIPMI, and python-jinja2), Mageia (kernel, kernel-linus, and wpa_supplicant, hostapd), Red Hat (fence-agents, kernel, kernel-rt, libxml2, libxslt, and pcs), SUSE (cadvisor, docker, freetype2, nodejs-electron, php8, rsync, u-boot, warewulf4, webkit2gtk3, and zvbi), and Ubuntu (elfutils, python3.5, python3.8, ruby-rack, smartdns, and zvbi). ⌘ Read more

@movq@www.uninformativ.de Yeah, most of the graphical applications are actually KDE programs:

• KMail – e-mail client
  
• Okular – PDF viewer
  
• Gwenview – image viewer
  
• Dolphin – file browser
  
• KWallet – password manager (I want to check out pass one day. The most annoying thing is that when I copy a password, it says that the password has been modified and asks me whether I want to save the changes. I never do, because the password is still the same. I don’t get it.)
  
• KPatience – card game
  
• Kdenlive – video editor
  
• Kleopatra – certificate manager
  

Qt:

• VLC – video player
  
• Psi – Jabber client (I happily used Kopete in the past, but that is not supported anymore or so. I don’t remember.)
  
• sqlitebrowser – SQLite browser
  

Gtk:

• Firefox – web browser
  
• Quod Libet – music player (I should look for a better alternative. Can’t remember why I had to move away from Amarok, was it dead? There was a fork Clementine or so, but I had to drop that for some unknown reason, too.)
  
• Audacity – audio editor
  
• GIMP – image editor
  

These are the things that are open right now or that I could think of. Most other stuff I actually do in the terminal.

In the past™, I used the Python KDE4 bindings. That was really nice. I could pass most stuff directly in the constructor and didn’t have to call gazillions of setters improving the experience significantly. If I ever wanted to do GUI programming again, I’d definitely go that route. There are also great Qt bindings for Python if one wanted to avoid the KDE stuff on top. The vast majority I do for myself, though, is either CLI or maybe TUI. A few web shit things, but no GUIs anymore. :-)

I have finished 1-9 on Python. If anyone is interested, I could share the code, or in Reddit many people have shared theirs.

In a couple of days I’ll be giving a talk about #twtxt https://www.meetup.com/es-ES/python-valencia-meetup/events/306769708/

Security updates for Thursday
Security updates have been issued by Debian (php7.4, python-django, and python3.9), Fedora (bluez, iwd, libell, and radare2), Mageia (chromium-browser-stable, mosquitto, tomcat, tomcat packages, and vim), Oracle (firefox, grub2, python3, thunderbird, and webkit2gtk3), Red Hat (fence-agents, php:7.4, and python-jinja2), SUSE (assimp-devel, crane, ffmpeg-4, freetype2, helm, kernel, kured, python-Django, python-Jinja2, python311-Django4, and tomcat), and Ubuntu (alpine, djoser, l … ⌘ Read more

golang 每日一庫之 gopsutil
shirou/gopsutil 是一個用 Go 語言實現的跨平臺系統信息採集庫，其設計靈感來源於 Python 的 psutil。它爲開發者提供了一套統一、簡潔的 API，用於獲取底層操作系統的各項指標數據，如 CPU、內存、磁盤、網絡、主機信息以及進程狀態等。下面我們將從多個方面詳細介紹這個庫的功能、設計特點、使用示例以及應用場景。庫簡介——跨平臺支持 gopsutil ⌘ Read more

Go 語言中的 LangGraph：基於 LangGraphgo 的 AI 任務編排
在 AI 任務編排領域，LangChain 提供了 LangGraph，幫助開發者搭建複雜、多步驟、有狀態的 AI 工作流。但這個庫主要基於 Python，而在 Go 語言生態中，如何實現類似的 AI 任務編排呢？今天，我們來介紹 langgraphgo，一個爲 Golang 量身定製的 AI 任務流管理框架。通 langgraphgo，你可以高效地構建 AI 代碼審計、對話系統、多智能體協作等應 ⌘ Read more

@andros@twtxt.andros.dev If something fits in a CSV file, it typically doesn’t require a database. I agree with that. Depending on the application, more complicated queries might benefit from a database, though. I don’t know awk very well, but I could imagine that grep, sed and cut reach their CSV processing limits rather quickly when you have to deal with escaped (multiline) fields.

I only very rarely have to deal with CSV files or databases in my day to day life. Maybe, these classic Unix tools offer some tricks I’m not aware of. When I have some more complicated CSV input, I generally reach for Python.

Ontem voltei a pegar no Django depois de 10 anos para um side-project. É como se fosse um regresso a um lugar onde um dia se foi feliz.

Tem a sua personalidade e tal, mas continuo a adorar os seus pormenores e as suas escolhas sobre como deve funcionar uma framework web.

Também fiquei muito agradado de ver que muito pouco mudou desde há uma década no que toca à forma fundamental como o Django faz as coisas. Talvez isso não seja apreciado pela juventude habituada a ciclos de upgrade rápidos e drásticos, mas pra mim foi um grande alívio ver que não tenho de me atualizar muito para montar um pequeno projeto.

Há gente djangueira por aí?

#python #django

yaegi：讓你的 Go 代碼擁有動態腳本能力
在 Go 語言的世界裏，靜態編譯是其一大特色，能夠保證性能和安全性。然而，有些場景下，我們希望像 Python 或 JavaScript 一樣，支持運行時動態執行代碼，比如插件化架構、規則引擎、腳本解釋器等。今天，我們來介紹一個強大的 Go 解釋器庫——yaegi，它能讓 Go 代碼在運行時執行動態腳本。yaegi 簡介yaegi 是一個用 Go 語言編寫的 Go 解釋器。它可以在運行時解析和執行 ⌘ Read more

looks good now!
description = 🏗 Full-Stack developer (Mainly Python) ✍ Writer[...]

I’m developing a tutorial for the Django Girls. Does anyone here have experience with #Django ? #python

The project is a POC (Proof of Concept) that went into production and the company has customers who are using it. The developers had been working for several years, without testing, structure, isolation and so on. The company hired me to transform the project into a real product. There are in my hands 422 python files to transform that they beg me a refactore, architecture and testing. Every developer’s bad dream.
My first step is to read and understand the tree because there are apps inside other apps call each other. I am very determined to work on a new repository.

@prologic@twtxt.net Which one? I don’t mind the ternary operator at all. In fact, I often find myself missing it in Go. I don’t find the two alternatives particularly elegant:

foo := "eggs"
if bar {
    foo = "spam"
}

Or:

var foo string
if bar {
    foo = "spam"
} else {
    foo = "eggs"
}

To my eye, this just would look a lot nicer:

foo := bar ? "spam" : "eggs"

Or at least as the Pythons do it:

foo = "spam" if bar else "eggs"

The ternary operator especially shines with relatively short expressions.

For many years I have found Flask to be too basic a tool for modern development. But since I create APIs using Flask with Pydantic to validate the input data, some middlewares for parsing and Blueprint to separate the code into modules… I must admit that I am super comfortable, fast and easy to test.
#flask #python #pydantic

Anon donates ~23 XMR to Monero General Fund
An anonymous contributor has donated a total of 23.4965657 XMR (~5.1K USD)1 to the Monero General Fund address2.

plowsof’s monero-fund-watch 3 Python script tweeted4 the donation alert earlier today:

💝 +23.4965657 #xmr 💝 $5155.15

This is an ongoing story and the report will be updated when new information is available.

1. [https://www.p2pool.io/explorer/tx/27cd1a2f3b032d8a267c6372f6c3ee5a539f511 … ⌘ Read more

What is clean architecture? That’s a good question.

You think of a pattern for ordering code with good decisions isolating technologies (you can change the web framework or database without break the business logic), easy to test (you only test interfaces and use cases), sharing code between frameworks (entities and use cases), scalability, modulations and standardizing names. Clean architecture is not perfect, it has a learning curve and some abstraction in each technology. You can even find rejection with yours colleagues.
I have a good article on this topic.
https://programadorwebvalencia.com/implementando-arquitectura-limpia-en-python/
#python

[LFH] Revuo Monero is looking for python and golang (hugo) contributors!

There are a handful of open issues in Revuo Monero’s repositories: Calc and main. Feel free to take a peek and help if you are capable of and got the volunteering enthusiasm in you!

Links:

• https://github.com/rottenwheel/revuo-weekly/issues
  
• https://github.com/rottenwheel/moner.ooo/issues
  

rottenwheel.com ⌘ Read more

Yes, it’s a mini python cgi script which implements IndieAuth

I just finished testing an interface with 95 cases! #testing #python

@prologic@twtxt.net mediacms! it’s janky yeah but it does the job ultimately (even if sometimes videos don’t encode and i gotta do some weird python venv shit to force the encode lol…)

The fact that the official Python docs don’t clearly state what a function returns, grinds my gears. This has cost me so much time over the years. You always have to read through a huge block of text.

Image

You could at least put a list of possible return values in there (always at the same location, please!), here’s a mockup:

Image

I want to share the video of my last talk: Creating an Instagram in Django for an Iberian lynx https://www.youtube.com/watch?v=dW69cYIULh8 (Spanish) #django #python

everoddandeven proposes bounty for monero-cpp Python bindings module
everoddandeven1 has proposed a bounty2 for creating a Python module that exposes the core functionalities of the monero-cpp library 3:

This module should enable Python developers to interact with monero-cpp API using a Pythonic interface without needing to write or interact with C++ code directly.

Total Bounty: 0 XMR (to date)

• Code is ope … ⌘ Read more

01Studio CanMV K230 Python Powered AI Development Board with RISC V Edge Computing
The distributor Youyeetoo recently highlighted the 01Studio CanMV K230 AI development board, built on Canaan’s K230 chip. This board includes features such as neural network acceleration, flexible camera interfaces, 4K video support, and onboard Wi-Fi connectivity. CanMV is an open-source project maintained by Canaan, aimed at integrating Python-based programming into edge AI app … ⌘ Read more

python cgi script which handles micropub and writes content to twtxt file. I was want micropub+microsub for twtverse but seems i burned (due choice wrong stack?): https://privatebin.net/?0b598b91ac186855#BfRKjLUQz5KUFJNekJBb5V2qvtEe8xQN8nenYbkez2XR

Introducing Annotated Logger: A Python package to aid in adding metadata to logs
We’re open sourcing Annotated Logger, a Python package that helps make logs searchable with consistent metadata.

The post [Introducing Annotated Logger: A Python package to aid in adding metadata to logs](https://github.blog/developer-skills/programming-languages-and-frameworks/introducing-annotated-logger-a-python-package-to-aid-in-a … ⌘ Read more

在 Go 中如果獲取 goroutine 的 id？
如果你使用過如 Python、Java 等主流支持併發的編程語言，那麼通常都能夠比較容易的獲得進程和線程的 id。但是在 Go 語言，沒有直接提供對多進程和多線程的支持，而是提供了 goroutine 來支持併發編程。不過在 Go 中，獲取 goroutine 的 id 並不像其他編程語言那樣容易，但依然有辦法，本文就來介紹下如何實現。獲取當前進程的 id首先，雖然 Go 沒有提供多進程編程，但啓 ⌘ Read more

nahuhh releases ‘basicswap-bash’ v0.14.1
nahuhh (ofrnxmr)1 has released basicswap-bash 2 version 0.14.13:

A suite of bash scripts to install and manage BasicSwapDEX on Windows(WSL)/Debian/Ubuntu/Arch/Fedora

* placeorders: use python to check offer size
* setup: update tails
* fix $PATH detection
* fix restore from seed
* install: xfce .profile use in .xsessionrc

Installation instructions are available on the Github release page3.

… ⌘ Read more

Octoverse: AI leads Python to top language as the number of global developers surges
In this year’s Octoverse report, we study how public and open source activity on GitHub shows how AI is expanding as the global developer community surges in size.

The post Octoverse: AI leads Python to top language as the number of global developers surges appeared first on The GitHub Blog. ⌘ Read more