Python News Brief (Q2 2021)

Honeybadger's quarterly briefings keep you up to date on the most important developments in your programming communities. We curate the news so you can spend more time focusing on what's really important.

• Events: Conferences and meetups. Upcoming and recently completed.
• Security: Recent vulnerability reports
• Projects: News about major community projects
• Trending Topics: Summaries of the big topics everyone's talking about
• Standout Content: Content that didn't fit in other sections, but that was too cool to leave out.

Events

EuroPython 2021 on Jul 26 - Aug 1 (online)

The largest Python Conference in Europe.

• Jun 29: special discounts on business tickets for company teams.
• Jun 25: free tickets for Python Core Developers.
• Jun 17: the schedule is published.
• May 31: session list is available.
• May 17: talk voting is open (to see what users would like to hear about during the event).
• May 10: extending call for proposals.
• May 4: call for sponsors.
• Apr 27: speaker mentorship program, for bridging the gap between developing and experienced speakers.
• Apr 26: call for proposals.
• Apr 21: call for financial aid.
• Apr 21: ticket sales started.
• Apr 16: launching the conference website.
• Apr 7: presenting the new logo.

PyCon US 2021 (us.pycon.org) on May 5 - May 20

PyCon is the largest annual gathering for the community using and developing the open-source Python programming language. It is produced and underwritten by the Python Software Foundation, the 501(c)(3) nonprofit organization dedicated to advancing and promoting Python. Through PyCon, the PSF advances its mission of growing the international community of Python programmers.

• May 18: Jeff Fischer nicely provided his notes on the event.
• date-unknown: talks are available for free on YouTube.
• date-unknown: these are the event highlights (cool infographics inside).

DjangoCon US 2021 on Oct 21 - Oct 23

An online event dedicated to teaching, inspiring and sharing with members of the Django community.

• date-unknown: call for proposals is open.

DjangoCon Europe 2021 on Jun 2 - Jun 6

• date-unknown: the schedule is now available.

Python for ML and AI Global Summit ‘21 on Apr 8 - Apr 9

This online event aims to reduce the noise around the immense amount of information about AI and machine learning.

• date-unknown: Junior Track Live Stream is available on their official YouTube Channel.

PyCon Israel 2021 on May 2 - May 3

PyCon Israel is an annual multi-day event focused on the Python programming language, with approximately 700 participants from various disciplines. While the common denominator is the Python programming language, the topics to be presented relate to many fields, including: DevOps, cloud computing, scientific computing, data science, web programming, cyber security, community engagement and more. In recent years, Python has become a very popular multi-purpose programming language used by many well known international companies.

• date-unknown: some videos available (General track) on their YouTube Channel.

PyCon India 2021 on 09/17/2021 - 09/20/2021

The largest gathering of Pythonistas in India for the Python programming language.

• Jun 24: keynote speaker announce: Ajith Kumar B P, who worked as a senior scientist with Inter-University Accelerator Centre, New Delhi from 1985-2021.
• Jun 18: call for In-kind sponsors (a type of sponsorship where the sponsor agrees to provide swags (either physical or virtual, value-in-kind) instead of cash as part of the sponsorship agreement).
• Jun 2: keynote speaker announce: Sebastian Ramirez, creator or FastAPI and Typer.
• May 20: keynote speaker announce: Alolita Sharma, a Principal Technologist at AWS.
• May 17: announcing Birds of a Feather (BoF) (informal gatherings of like-minded individuals who wish to discuss a certain topic without a pre-planned agenda) and poster presentation CFP (a graphical summary of projects or ideas).
• May 8: tickets are live.
• May 6: Pyflames is a "precursor" event for Pycon India 2021, where Python communities across India are coming together to organize a series of meetups.

PyTorch ecosystem day on Apr 21

A virtual one-day event that focuses completely on the PyTorch ecosystem and Industry PyTorch communities.

• May 10: a recap of the event (Morning/EMEA Opening Talks, Evening/APAC Opening Talks).

SciPy 2021 on Jul 12 - Jul 18 (online)

The annual SciPy Conference brings together attendees from industry, academia, and government to showcase their latest projects, learn from skilled users and developers, and collaborate on code development.

• date-unknown: the schedule.
• date-unknown: tickets.

Real Python Office Hours on EVERY-WEEK

Real Python Office Hours is a weekly hangout where members of Real Python get the chance to meet fellow Pythonistas to chat about your learning progress, ask questions, and discuss Python tips & tricks via screen sharing.

Security

• May 20: There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to convince another local or adjacent user to start a pydoc server could access the server and use it to disclose sensitive information belonging to the other user that they would not normally be able to access. The highest risk of this flaw is to data confidentiality. This flaw affects Python versions before 3.8.9, Python versions before 3.9.3 and Python versions before 3.10.0a7.
• May 6: In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This (in some situations) allows attackers to bypass access control that is based on IP addresses.
• May 2: The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions <1.10.15 in 1.x series and affects 2.0.0 and 2.0.1 and 2.x series. This is the same as CVE-2020-13944 & CVE-2020-17515 but the implemented fix did not fix the issue completely. Update to Airflow 1.10.15 or 2.0.2. Please also update your Python version to the latest available PATCH releases of the installed MINOR versions, example update to Python 3.6.13 if you are on Python 3.6.

Projects

FastAPI

FastAPI is a modern, fast, web framework for building APIs with Python 3.6+ and based on standard Python type hints.

• May 10: version 0.65.0 released, upgrading Starlette to 0.14.2, with several bug fixes and features from Starlette.
• May 7: version 0.64.0 released with support for adding multiple examples in request bodies, path, query, cookie and header parameters.

Flask

Flask is a micro web framework.

• May 11: a new major version of Flask was released on May 11, representing two years of work from the Pallets team and a significant number of changes and exciting new features, including initial async-await support (covered in this blogpost). If you're interested in some comments/discussion around this release, here you can find the "official" reddit post.

Django

Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design.

• Apr 6: Django 3.2 release (release notes). This represents also the final feature release of a major release series of Django, triggering the initial steps for moving towards a 4.x version.

TensorFlow

TensorFlow is an end-to-end open source platform for machine learning. It has a comprehensive, flexible ecosystem of tools, libraries and community resources that lets researchers push the state-of-the-art in ML and developers easily build and deploy ML powered applications.

• Jun 7: PluggableDevice is a new mechanism introduced by the TensorFlow community allowing to run existing TensorFlow programs on new devices without the need for the user to change the code (as it was before, most of the times). More technical details here.
• May 27: the TensorFlow teams open sources TensorFlow Decision Forests (TF-DF), a collection of production-ready state-of-the-art algorithms for training, serving and interpreting decision forest models.
• May 13: TensorFlow 2.5.0 released (release details here).

PyTorch

An open source machine learning framework that accelerates the path from research prototyping to production deployment.

• Jun 15: PyTorch 1.9 release announce.
• Jun 15: new libraries or libraries updates coming along with the PyTorch 1.9 release.
• May 25: a PyTorch Enterprise Support Program enables service providers to develop and offer tailored enterprise-grade support to their customers.

Numpy

NumPy is the fundamental package for scientific computing in Python.

• Jun 22: version 1.21.0 released.

Trending Topics

Type Hints. (30)

In the last months the future of type hints was at the center of a complicated debate in the Python community. This post by Sebastian Ramirez, the creator of FastAPI is a good summary of what happened, with some decision made by the Python Steering Council being rolled back after the pressure made by the impact of how type hints would have been treated and defined in future Python versions (especially 3.10, and 3.11).

• The Future of FastAPI and Pydantic is bright
  • Sebastian Ramirez
  • A very nice overview on the issue written by one of the main actors involved in the decision that was made.
• Unpopular Opinion: Type hints are a mistake
  • u/FuriousBugger
  • A Reddit discussion on the topic of type hints.
• IMPORTANT: PEP 563, PEP 649 and the future of Pydantic
  • Samuel Colvin
  • The Github issue where a lot of the debate took place.
• PEP 649: Deferred Evaluation of Annotations Using Descriptors, round 2
  • Larry Hastings
  • A very long and detailed discussion of the issue on python-dev about whether PEP 649 is a good idea.
• PEP 563, PEP 649, and the Future of Python Type Annotations
  • David Amos
  • Another concise overview on the issue.

Web frameworks/libraries. (15)

Flask 2.0 was released in Q2, with FastAPI gaining more and more popularity among the community. There was some debate around these two micro-frameworks: some regarding the new features introduced with Flask 2.0, others regarding async support/pros-and-cons, and some others regarding comparisons between these libraries.

• FastAPI vs Flask - The Complete Guide
  • Christopher Samiullah
  • Understand why FastAPI is taking the Python community by storm.
• Flask 2.0 Must Know Top Features
  • Suresh Kumar
  • A good summary on the new features introduced with Flask 2.0.

A faster Python (10)

There is always some debate around "what will be next" on Python, what are the targets and goals. One of the major weaknesses of this language is its speed, so when Microsoft gave Guido Van Rossum the freedom to pick a project to work on, he decided to try and making CPython faster (they're hiring 🤠). Moreover, Facebook just released Cinder, Instagram's internal performance-oriented production version of CPython.

• Q&A with Guido van Rossum, Inventor of Python
  • Microsoft Reactor
  • An interview with Guido Van Rossum.
• Cinder: Instagram's internal performance oriented production version of CPython 3.8
  • u/SanguozhiTongsuYan
  • A debated Reddit post on Cinder.
• The 2021 Python Language Summit: Making CPython Faster
  • Unknown (Python Software Foundation)
  • A good article on the topic.
• Python programming: we want to make the language twice as fast, says its creator
  • u/sportifynews
  • A reddit post with some debate on the topic.
• Guido van Rossum’s Ambitious Plans for Improving Python Performance
  • David Cassel
  • Another good blog post on this topic.

Standout Content

Worth a star

• bodywork: Deploy machine learning projects developed in Python to Kubernetes.
• gradio: Quickly create customizable UI components around your models.
• ward: Ward is a Python testing framework with a focus on productivity and readability.
• recommenders: best practices for building recommendation systems (by Microsoft).
• dagster: a data orchestrator for machine learning, analytics, and ETL.
• tkinter-designer: speed up GUI development process in Python.
• rapidfuzz: fast string matching library.
• pyWhat: identify anything.
• textual: create rich terminal applications.
• pyunity: a Python implementation of the Unity Engine.
• splashgen: create splash pages.
• spotify-readme: if you just need to be cool.

Articles

• Why the sad face?: An article on code formatting by Łukasz Langa, creator of Black.
• Async Python Web Frameworks comparison: a comparison of the main Python async web frameworks, and the reddit discussion on it.
• Demystifying Asynchronous Programming in Python: do you know what coroutines are?
• Python creator Guido Van Rossum reviews popular programming languages: the opinion of Python creator on other programming languages.