Summary
A proposal to encourage the use of named args
Plenty of perfs related work
The 2023 JetBain's Python survey is out
Security is a PSF focus, again
Encouraging the use of named args
Ever been in this situation where you have a lot of variables to be passed as keyword arguments with the same name?
It's verbose and redundant:
reticulating(
splines=splines,
number=number,
confirm=confirm
)
Well, a proposal (PEP to be drafted later) suggests we could allow this:
reticulating(
splines=,
number=,
confirm=
)
I would like that very much, as I have the habit of using the same name again and again for consistency when I pass things around.
Perfs, perfs, perfs
2023 has definitely seen a lot of talking about Python speed, and this month is not an exception.
The PyCompiled project got released, with the goal of compiling stdlib modules, and already demonstrating 2-3X gains on difflib and tomlib.
Guido himself promoted a presentation of his colleague, Brandt Bucher, who gives a very interesting rundown of the future JIT that will land in Python 3.13. It confirms what we all suspected, that the reason we didn't see much change on that front in 3.12 was because they had to layout the foundations for the JIT to be introduced later on.
Matt Harrison tweeted about a new nvida demo of a tool called "cudf.pandas", which promises to speed up any numpy/pandas script by 10-1000x without any code change, running it on the GPU automagically.
And finally, there is some excitement around subinterepreters, since Python 3.13 should expose them to user space. If you don't know what that is, there is an excellent tutorial by real Python on it. But in short, it's a way to create several separate Python interpreters, each having their own GIL, but without creating new processes. Anthony Shaw made an attempt to "get FastAPI running inside PEP554 sub interpreters by using the hypercorn asyncio worker daemons with shared sockets" and he "tested it with 20 workers (ie 20 sub interpreters) and then ran Apache Bench. It didn’t blink". I would welcome a subinterpreter based gunicorn personally, so I can finally share caches and pools between my workers. Something that is costly between multiple processes.
2023 Python dev survey is out
It's this time of the year, where the excellent IDE shop JetBrain sets up a Python survey. While there is a lot to say about the quality of the questions and the bias of the whole form, it's still one of the best windows we have on the Python community at large.
And JetBrain generously computes and publishes the results every time.
I encourage you to participate. It's not very long, and it's an interesting snapshot of the pythonistas, which can only get better with more diverse and numerous inputs.
Security, again
This year we talked a bit about the new focus of the PSF on security. They had quite a lot of things to deal with between the typo squatting, the malwares, etc. In fact, this month again, they had to take drastic measures, indicating on their status page:
New user registration on PyPI is temporarily suspended. The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion, especially with multiple PyPI administrators on leave.
The new security team is not going to have time to rest.
And they don't, since they completed their first security audit.
Interestingly, there is also a proposal of Software Bill-of-Material for CPython. A SBOM is a comprehensive inventory of all components that make up a software.
It's funny to see Python growing out of its scripting roots to join, step by step, the world of corporate friendly languages.