Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Content provided by Michael Kennedy and Brian Okken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael Kennedy and Brian Okken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!

#442 Cloud bills in scientific notation

22:34
 
Share
 

Manage episode 497139022 series 1305988
Content provided by Michael Kennedy and Brian Okken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael Kennedy and Brian Okken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Topics covered in this episode:
Watch on YouTube
About the show

Sponsored by us! Support our work through:

Connect with the hosts

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Brian #1: Open Source Security work isn't “Special”

  • Seth Larson
  • It seems like security is special in a sense that we don’t want just anyone working on the security aspect of a project. We just want the trusted maintainers, right?
  • Seth is arguing that this is the wrong mindset
  • It makes more sense that we maybe have security experts contribute to many projects, and that someone working on security for just one project doesn’t benefit from scale.
    • “Maintainers don’t see how other projects are triaging vulnerabilities and can’t learn from each other. They can’t compare notes on what they are seeing and whether they are doing the right thing. Isolation in security work breeds a culture of fear. Fear of doing the wrong thing and making your users unsafe.”
    • “These “security contributors” could be maintainers or contributors of other open source projects that know about security, they could be foundations offering up resources to their ecosystem, or engineers at companies helping their dependency graph.”
  • But how do we build trust in these individuals?
    • Meeting in person works.
    • But there are other ways as well.
  • I’d personally love to have someone contact me about a project of mine regarding a security problem or process that the project could/should follow. Especially if I could see other projects I trust already trusting this individual to work on the other projects.

Michael #2: uv v0.8

  • Changes
    • Install Python executables into a directory on the PATH
    • Register Python versions with the Windows Registry
    • Prompt before removing an existing directory in uv venv
    • Bump --python-platform linux to manylinux_2_28
    • Make uv_build the default build backend in uv init
    • And many more
  • And uv v0.8.1
  • And uv v0.8.2
  • And uv v0.8.3
    • Adds Add CPython 3.14.0rc1

Brian #3: Extra, Extra, Extra

Michael #4: Announcing Toad - a universal UI for agentic coding in the terminal

  • by Will McGugan
  • A universal front-end for AI in the terminal.
  • Watch the video.

Joke: Heaviest objects in the universe

And … Cloud Architects 2025 “They send us our cloud bills in scientific notation… “ 🙂

  continue reading

446 episodes

Artwork

#442 Cloud bills in scientific notation

Python Bytes

1,842 subscribers

published

iconShare
 
Manage episode 497139022 series 1305988
Content provided by Michael Kennedy and Brian Okken. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Michael Kennedy and Brian Okken or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Topics covered in this episode:
Watch on YouTube
About the show

Sponsored by us! Support our work through:

Connect with the hosts

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Brian #1: Open Source Security work isn't “Special”

  • Seth Larson
  • It seems like security is special in a sense that we don’t want just anyone working on the security aspect of a project. We just want the trusted maintainers, right?
  • Seth is arguing that this is the wrong mindset
  • It makes more sense that we maybe have security experts contribute to many projects, and that someone working on security for just one project doesn’t benefit from scale.
    • “Maintainers don’t see how other projects are triaging vulnerabilities and can’t learn from each other. They can’t compare notes on what they are seeing and whether they are doing the right thing. Isolation in security work breeds a culture of fear. Fear of doing the wrong thing and making your users unsafe.”
    • “These “security contributors” could be maintainers or contributors of other open source projects that know about security, they could be foundations offering up resources to their ecosystem, or engineers at companies helping their dependency graph.”
  • But how do we build trust in these individuals?
    • Meeting in person works.
    • But there are other ways as well.
  • I’d personally love to have someone contact me about a project of mine regarding a security problem or process that the project could/should follow. Especially if I could see other projects I trust already trusting this individual to work on the other projects.

Michael #2: uv v0.8

  • Changes
    • Install Python executables into a directory on the PATH
    • Register Python versions with the Windows Registry
    • Prompt before removing an existing directory in uv venv
    • Bump --python-platform linux to manylinux_2_28
    • Make uv_build the default build backend in uv init
    • And many more
  • And uv v0.8.1
  • And uv v0.8.2
  • And uv v0.8.3
    • Adds Add CPython 3.14.0rc1

Brian #3: Extra, Extra, Extra

Michael #4: Announcing Toad - a universal UI for agentic coding in the terminal

  • by Will McGugan
  • A universal front-end for AI in the terminal.
  • Watch the video.

Joke: Heaviest objects in the universe

And … Cloud Architects 2025 “They send us our cloud bills in scientific notation… “ 🙂

  continue reading

446 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play