Python Bytes: #319 CSS-Style Queries for... JSON? :
Python Bytes: #319 CSS-Style Queries for... JSON?
by:
blow post content copied from Planet Python
click here to view original post
<a href='https://www.youtube.com/watch?v=rvhdSQvzYaM' style='font-weight: bold;'>Watch on YouTube</a><br> <br> <p><strong>About the show</strong></p> <p>Sponsored by <a href="http://pythonbytes.fm/foundershub2022"><strong>Microsoft for Startups Founders Hub</strong></a>.</p> <p><strong>Connect with the hosts</strong></p> <ul> <li>Michael: <a href="https://fosstodon.org/@mkennedy"><strong>@[email protected]</strong></a></li> <li>Brian: <a href="https://fosstodon.org/@brianokken"><strong>@[email protected]</strong></a></li> <li>Show: <a href="https://fosstodon.org/@pythonbytes"><strong>@[email protected]</strong></a></li> </ul> <p>Join us on YouTube at <a href="https://pythonbytes.fm/stream/live"><strong>pythonbytes.fm/stream/live</strong></a> to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too.</p> <p><strong>Michael #1:</strong> <a href="https://nedbatchelder.com/blog/202211/secure_maintainer_workflow.html"><strong>Secure maintainer workflow</strong></a></p> <ul> <li>by <a href="https://nedbatchelder.com/"><strong>Ned Batchelder</strong></a></li> <li>We are the magicians, but also the gatekeepers for our users</li> <li>Terminal sessions with implicit access to credentials <ul> <li>first is unlikely: a bad guy gets onto my computer and uses the credentials to cause havoc</li> <li>second way is a more serious concern: I could unknowingly run evil or buggy code that uses my credentials in bad ways.</li> </ul></li> <li>Mitigations <ul> <li><strong>1Password:</strong> where possible, I store credentials in <a href="https://1password.com/">1Password</a>, and use tooling to get them into environment variables. <ul> <li>Side bar: Do not use lastpass, see end segment</li> <li>I can have the credentials in the environment for just long enough to use them. This works well for things like PyPI credentials, which are used rarely and could cause significant damage.</li> </ul></li> <li><strong>Docker:</strong> To really isolate unknown code, I use a Docker container.</li> </ul></li> </ul> <p><strong>Brian #2:</strong> <strong>Tools for parsing HTML and JSON</strong></p> <ul> <li>Learned these from <a href="https://scrapecrow.com/year-of-writing-in-review.html">A Year of Writing about Web Scraping in Review</a></li> <li><a href="https://parsel.readthedocs.io/en/latest/index.html">Parsel</a> - extract and remove data from HTML using XPath and CSS selectors</li> <li><a href="https://pypi.org/project/jmespath/">jmespath</a> - “James Path” - declaratively specify how to extract elements from a JSON document</li> </ul> <p><strong>Michael #3:</strong> <a href="https://github.com/github/git-sizer"><strong>git-sizer</strong></a></p> <ul> <li>Compute various size metrics for a Git repository, flagging those that might cause problems.</li> <li><p>Tip, partial clone: git clone <strong>--filter=blob:none</strong> URL</p> <pre><code> # Stats for training.talkpython.fm # Full: git clone repo Receiving objects: 100% (118820/118820), 514.31 MiB | 28.83 MiB/s, done. Resolving deltas: 100% (71763/71763), done. Updating files: 100% (10792/10792), done. 1.01 GB on disk # Partial: git clone --filter=blob:none repo Receiving objects: 100% (10120/10120), 220.25 MiB | 24.92 MiB/s, done. Resolving deltas: 100% (1454/1454), done. Updating files: 100% (10792/10792), done. 694.4 MB on disk </code></pre></li> <li><p><a href="https://github.com/git/git/blob/master/Documentation/technical/partial-clone.txt">Partial clone</a> is a performance optimization that “allows Git to function without having a complete copy of the repository. The goal of this work is to allow Git better handle extremely large repositories.” When changing branches, Git may download more missing files.</p></li> <li>Not the same as shallow clones or sparse checkouts <ul> <li>Consider shallow clones for CI/CD/deployment</li> <li>Sparse checkouts for a slice of a monorepo</li> </ul></li> </ul> <p><strong>Brian #4:</strong> <a href="https://death.andgravity.com/dataclasses"><strong>Dataclasses without type annotations</strong></a></p> <ul> <li>Probably file this under “don’t try this at home”. <ul> <li>Or maybe “try this at home, but not at work”.</li> <li>Or just “that Brian fella is a bad influence”. <ul> <li>What! It’s not me. It’s Adrian, the dude that wrote the article.</li> </ul></li> </ul></li> <li>Unless you’re using a type checker, for dataclasses, “… use any type you want. If you're not using a static type checker, no one is going to care what type you use.” <pre><code> @dataclass class Literally: anything: ("can go", "in here") as_long_as: lambda: "it can be evaluated" # Now, I've noticed a tendency for this program to get rather silly. hell: with_("from __future__ import annotations") it_s: not even.evaluated it: just.has(to=be) * syntactically[valid] # Right! Stop that! It's SILLY! </code></pre></li> </ul> <p><strong>Extras</strong> </p> <p>Michael:</p> <ul> <li><a href="https://www.theverge.com/2022/12/22/23523322/lastpass-data-breach-cloud-encrypted-password-vault-hackers">LastPass story</a> just keeps getting worse <ul> <li>We will see problems in supply chains because of this too</li> <li>A whole 2 hour discussion diving into what I touched on: <a href="https://ift.tt/iz0CRVI> </ul></li> <li>Got your <a href="https://www.apple.com/mac-mini/">new mac mini</a> yet? Or <a href="https://www.apple.com/macbook-pro-14-and-16/">MacBook Pro</a>?</li> </ul> <p><strong>Joke:</strong> <a href="https://www.reddit.com/r/ProgrammerHumor/comments/107xuhu/no_better_place_to_put_it/">Developer/maker, what’s my purpose?</a></p>
January 18, 2023 at 01:30PM
Click here for more details...
=============================
The original post is available in Planet Python by
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
by:
blow post content copied from Planet Python
click here to view original post
<a href='https://www.youtube.com/watch?v=rvhdSQvzYaM' style='font-weight: bold;'>Watch on YouTube</a><br> <br> <p><strong>About the show</strong></p> <p>Sponsored by <a href="http://pythonbytes.fm/foundershub2022"><strong>Microsoft for Startups Founders Hub</strong></a>.</p> <p><strong>Connect with the hosts</strong></p> <ul> <li>Michael: <a href="https://fosstodon.org/@mkennedy"><strong>@[email protected]</strong></a></li> <li>Brian: <a href="https://fosstodon.org/@brianokken"><strong>@[email protected]</strong></a></li> <li>Show: <a href="https://fosstodon.org/@pythonbytes"><strong>@[email protected]</strong></a></li> </ul> <p>Join us on YouTube at <a href="https://pythonbytes.fm/stream/live"><strong>pythonbytes.fm/stream/live</strong></a> to be part of the audience. Usually Tuesdays at 11am PT. Older video versions available there too.</p> <p><strong>Michael #1:</strong> <a href="https://nedbatchelder.com/blog/202211/secure_maintainer_workflow.html"><strong>Secure maintainer workflow</strong></a></p> <ul> <li>by <a href="https://nedbatchelder.com/"><strong>Ned Batchelder</strong></a></li> <li>We are the magicians, but also the gatekeepers for our users</li> <li>Terminal sessions with implicit access to credentials <ul> <li>first is unlikely: a bad guy gets onto my computer and uses the credentials to cause havoc</li> <li>second way is a more serious concern: I could unknowingly run evil or buggy code that uses my credentials in bad ways.</li> </ul></li> <li>Mitigations <ul> <li><strong>1Password:</strong> where possible, I store credentials in <a href="https://1password.com/">1Password</a>, and use tooling to get them into environment variables. <ul> <li>Side bar: Do not use lastpass, see end segment</li> <li>I can have the credentials in the environment for just long enough to use them. This works well for things like PyPI credentials, which are used rarely and could cause significant damage.</li> </ul></li> <li><strong>Docker:</strong> To really isolate unknown code, I use a Docker container.</li> </ul></li> </ul> <p><strong>Brian #2:</strong> <strong>Tools for parsing HTML and JSON</strong></p> <ul> <li>Learned these from <a href="https://scrapecrow.com/year-of-writing-in-review.html">A Year of Writing about Web Scraping in Review</a></li> <li><a href="https://parsel.readthedocs.io/en/latest/index.html">Parsel</a> - extract and remove data from HTML using XPath and CSS selectors</li> <li><a href="https://pypi.org/project/jmespath/">jmespath</a> - “James Path” - declaratively specify how to extract elements from a JSON document</li> </ul> <p><strong>Michael #3:</strong> <a href="https://github.com/github/git-sizer"><strong>git-sizer</strong></a></p> <ul> <li>Compute various size metrics for a Git repository, flagging those that might cause problems.</li> <li><p>Tip, partial clone: git clone <strong>--filter=blob:none</strong> URL</p> <pre><code> # Stats for training.talkpython.fm # Full: git clone repo Receiving objects: 100% (118820/118820), 514.31 MiB | 28.83 MiB/s, done. Resolving deltas: 100% (71763/71763), done. Updating files: 100% (10792/10792), done. 1.01 GB on disk # Partial: git clone --filter=blob:none repo Receiving objects: 100% (10120/10120), 220.25 MiB | 24.92 MiB/s, done. Resolving deltas: 100% (1454/1454), done. Updating files: 100% (10792/10792), done. 694.4 MB on disk </code></pre></li> <li><p><a href="https://github.com/git/git/blob/master/Documentation/technical/partial-clone.txt">Partial clone</a> is a performance optimization that “allows Git to function without having a complete copy of the repository. The goal of this work is to allow Git better handle extremely large repositories.” When changing branches, Git may download more missing files.</p></li> <li>Not the same as shallow clones or sparse checkouts <ul> <li>Consider shallow clones for CI/CD/deployment</li> <li>Sparse checkouts for a slice of a monorepo</li> </ul></li> </ul> <p><strong>Brian #4:</strong> <a href="https://death.andgravity.com/dataclasses"><strong>Dataclasses without type annotations</strong></a></p> <ul> <li>Probably file this under “don’t try this at home”. <ul> <li>Or maybe “try this at home, but not at work”.</li> <li>Or just “that Brian fella is a bad influence”. <ul> <li>What! It’s not me. It’s Adrian, the dude that wrote the article.</li> </ul></li> </ul></li> <li>Unless you’re using a type checker, for dataclasses, “… use any type you want. If you're not using a static type checker, no one is going to care what type you use.” <pre><code> @dataclass class Literally: anything: ("can go", "in here") as_long_as: lambda: "it can be evaluated" # Now, I've noticed a tendency for this program to get rather silly. hell: with_("from __future__ import annotations") it_s: not even.evaluated it: just.has(to=be) * syntactically[valid] # Right! Stop that! It's SILLY! </code></pre></li> </ul> <p><strong>Extras</strong> </p> <p>Michael:</p> <ul> <li><a href="https://www.theverge.com/2022/12/22/23523322/lastpass-data-breach-cloud-encrypted-password-vault-hackers">LastPass story</a> just keeps getting worse <ul> <li>We will see problems in supply chains because of this too</li> <li>A whole 2 hour discussion diving into what I touched on: <a href="https://ift.tt/iz0CRVI> </ul></li> <li>Got your <a href="https://www.apple.com/mac-mini/">new mac mini</a> yet? Or <a href="https://www.apple.com/macbook-pro-14-and-16/">MacBook Pro</a>?</li> </ul> <p><strong>Joke:</strong> <a href="https://www.reddit.com/r/ProgrammerHumor/comments/107xuhu/no_better_place_to_put_it/">Developer/maker, what’s my purpose?</a></p>
January 18, 2023 at 01:30PM
Click here for more details...
=============================
The original post is available in Planet Python by
this post has been published as it is through automation. Automation script brings all the top bloggers post under a single umbrella.
The purpose of this blog, Follow the top Salesforce bloggers and collect all blogs in a single place through automation.
============================
Post a Comment