Python Bytes: #237 Separate your SQL and Python, asynchronously with aiosql

<p><strong>Watch the live stream:</strong></p> <a href='https://www.youtube.com/watch?v=SXBdtq97xl4' style='font-weight: bold;'>Watch on YouTube</a><br> <br> <p><strong>About the show</strong></p> <p>Sponsored by Sentry:</p> <ul> <li>Sign up at <a href="https://pythonbytes.fm/sentry"><strong>pythonbytes.fm/sentry</strong></a></li> <li>And please, when signing up, click <strong><em>Got a promo code? Redeem</em></strong> and enter <strong>PYTHONBYTES</strong></li> </ul> <p>Special guest: <strong>Mike Groves</strong></p> <p><strong>Michael #1:</strong> <a href="https://github.com/willmcgugan/textual"><strong>Textual</strong></a></p> <ul> <li>Textual (Rich.tui) is a TUI (Text User Interface) framework for Python using Rich as a renderer.</li> <li>Rich TUI will integrate tightly with its parent project, Rich.</li> <li>This project is currently a work in progress and may not be usable for a while.</li> </ul> <p><strong>Brian #2:</strong> <strong>Pinning application dependencies with pip-tools compile</strong></p> <ul> <li>via John Hagen</li> <li><a href="https://github.com/jazzband/pip-tools">pip-tools</a> has more functionality than this, but compile alone is quite useful</li> <li>Start with a loose list of dependencies in <code>requirements.in</code>:</li> </ul> <pre><code> rich </code></pre> <ul> <li>Can have things like &gt;= and such if you have fixed dependencies.</li> <li>Now <code>pip install pip-tools</code>, and <code>pip-compile requirements.in</code></li> <li>or <code>python -m piptools compile requirements.in</code> <ul> <li>both have same effect.</li> </ul></li> <li>Now you’ll have a <code>requirements.txt</code> file with pinned dependencies:</li> </ul> <pre><code> # autogenerated by: pip-compile requirements.in click==7.1.2 # via typer colorama==0.4.4 # via rich commonmark==0.9.1 # via rich pygments==2.9.0 # via rich rich==10.2.2 # via -r requirements.in typer==0.3.2 # via -r requirements.in </code></pre> <ul> <li>Now, do the same with a <code>dev-requirements.ini</code> to create <code>dev-requirements.txt</code>.</li> <li>Then, of course:</li> </ul> <pre><code> - `pip install -r requirements.txt` - `pip install -r dev-requirements.txt` - And test your application. - All good? Push changes. </code></pre> <ul> <li>To force <code>pip-compile</code> to update all packages in an existing <code>requirements.txt</code>, run <code>pip-compile --upgrade</code>.</li> <li>John provided an example project that uses this workflow: <a href="https://github.com/johnthagen/python-blueprint">python-blueprint</a></li> </ul> <p><strong>Mike #3:</strong> <a href="https://github.com/se2p/pynguin"><strong>Pynguin</strong></a></p> <ul> <li>Automated test generation</li> <li><strong>Pynguin</strong> is a framework that allows automated unit test generation for Python. It is an extensible tool that allows the implementation of various test-generation approaches.</li> </ul> <p><strong>Michael #4:</strong> <a href="https://github.com/pypa/advisory-db"><strong>Python Advisory DB</strong></a></p> <ul> <li>via <a href="https://twitter.com/btskinn/status/1400212636193542147"><strong>Brian Skinn</strong></a></li> <li>A community owned repository of advisories for packages published on <a href="https://pypi.org"><strong>pypi.org</strong></a><strong>.</strong></li> <li>Much of the existing set of vulnerabilities are collected from the <a href="https://nvd.nist.gov/vuln/data-feeds">National Vulnerability Database CVE</a> feed.</li> <li>Vulnerabilities are integrated into the <a href="https://osv.dev">Open Source Vulnerabilities</a> project, which provides an API to query for vulnerabilities.</li> <li>Longer term, we are working with the PyPI team to <a href="https://github.com/pypa/warehouse/issues/9407">build a pipeline</a> to automatically get these vulnerabilities [listed] into PyPI.</li> <li>Tracks known security issues with the packages, for example:</li> </ul> <pre><code> PYSEC-2020-28.yaml id: PYSEC-2020-28 package: name: bleach ecosystem: PyPI details: In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tags are whitelisted and the keyword argument strip=False. affects: ranges: - type: ECOSYSTEM fixed: 3.1.2 versions: - '0.1' - 0.1.1 - 0.1.2 - '0.2' ... </code></pre> <p><strong>Brian #5:</strong> <a href="https://towardsdatascience.com/the-correct-way-to-overload-functions-in-python-b11b50ca7336"><strong>Function Overloading with singledispatch and multipledispatch</strong></a></p> <ul> <li>by Martin Heinz</li> <li>I kinda avoid using the phrase “The Correct Way to …”, but you do you, Martin.</li> <li>In C/C++, we can overload functions, which means multiple functions with the same name but different parameter types just work. </li> <li>In Python, you can’t do that automatically, but you can do it.</li> <li>It’s in the stdlib with <code>functools</code> and <code>singledispatch</code>:</li> </ul> <pre><code> from functools import singledispatch from datetime import date, time @singledispatch def format(arg): return arg @format.register def _(arg: date): return f"{arg.day}-{arg.month}-{arg.year}" @format.register(time) def _(arg): return f"{arg.hour}:{arg.minute}:{arg.second}" </code></pre> <ul> <li>Now <code>format</code> works like two functions:</li> </ul> <pre><code> print(format(date(2021, 5, 26))) # 26-5-2021 print(format(time(19, 22, 15))) # 19:22:15 </code></pre> <ul> <li>What if you want to switch on the type of multiple parameters? <a href="https://pypi.org/project/multipledispatch/">multipledispatch</a>, a third party package, does the trick:</li> </ul> <pre><code> from multipledispatch import dispatch @dispatch(list, str) def concatenate(a, b): a.append(b) return a @dispatch(str, str) def concatenate(a, b): return a + b print(concatenate(["a", "b"], "c")) # ['a', 'b', 'c'] print(concatenate("Hello", "World")) # HelloWorld </code></pre> <p><strong>Mike #6:</strong> <a href="https://nackjicholson.github.io/aiosql/"><strong>Aiosql</strong></a></p> <ul> <li>Fast Async SQL Template Engine</li> <li>Lightweight replacement for ORM libraries such as SQLAlchemy.</li> </ul> <p><strong>Extras</strong></p> <p><strong>Michael</strong></p> <ul> <li>SoftwareX Journal, Elsevier has had an open-access software journal, via Daniel Mulkey. There's even a <a href="https://www.sciencedirect.com/journal/softwarex/special-issue/103XKC9DRLV"><strong>special issue collection</strong></a> on software contributing to gravitational wave discovery.</li> <li>Python 3.10.0b2 is available</li> <li>Django security releases issued: 3.2.4, 3.1.12, and 2.2.24</li> <li>Talks <a href="https://www.youtube.com/watch?v=z_hm5oX7ZlE&amp;list=PL2Uw4_HvXqvYk1Y5P8kryoyd83L_0Uk5K"><strong>on YouTube</strong></a> for PyCon 2021.</li> <li><a href="https://twitter.com/jmaxfieldbrown/status/1401933861081124874"><strong>aicsimageio</strong></a> <a href="https://twitter.com/jmaxfieldbrown/status/1401933861081124874">4.0 released</a>, lots of goodness for bio-image analysis and microscopy, thanks Madison Swain-Bowden.</li> </ul> <p><strong>Mike</strong></p> <ul> <li><strong><a href="https://www.prettyfwd.com/t/c7l72nBxQjqGATzdz9DDLA/">Postponement of PEP 563 in 3.10</a></strong></li> </ul> <p><strong>Joke</strong> </p> <p><a href="https://twitter.com/AikidoUke/status/1397406450377543683"><strong>Bank robbers</strong></a></p> <ul> <li><a href="https://twitter.com/brianokken/status/1402293369007534080?s=20">A book about Rich</a> <img src="https://ift.tt/3iuTqRT" alt="" /></li> </ul>

from Planet Python
via read more