https://pantsbuild.org/ logo
Join SlackCommunities
Powered by
# random
  • w
    ๐Ÿ˜ฎ 5
    ๐Ÿ™ 1
  • w
    Anyone else have GH down right now? https://www.githubstatus.com
    h
    • 2
    • 2
  • w
    Has anyone done/tried this? Kinda curious about using python on my iPad natively https://docs.python.org/3.13/using/ios.html
  • w
  • w
    Throwing it out there, but has anyone used 
    uniffi-rs
    to build for iOS platforms? https://github.com/mozilla/uniffi-rs I'm trying to figure out why the size of my staticlib is so large, while basically being a no-op. I feel like I've misconfigured the world
    • 1
    • 1
  • h
    To the 4sq expats here, this is sad: https://foursquare.com/city-guide-sunset/
    ๐Ÿ˜ž 2
  • c
  • h
    ๐Ÿ‘€
    ๐Ÿซ  3
    9๏ธโƒฃ 1
  • w
    Binging on EuroRust content right now, ran into this talk by Charlie Marsh about UV. Really great talks, with some surprises about how UV works and performance tweaks

    https://www.youtube.com/watch?v=zOY9mc-zRxk&list=PLH6-VpZ3SvUWox7mJDLNCu_E0gl7a-fP3&index=16โ–พ

    c
    • 2
    • 2
  • w
    And a similar one from Charlie at Jane Street - mentions some other optimizations re: range requests on package metadata.

    https://www.youtube.com/watch?v=gSKTfG1GXYQโ–พ

    โค๏ธ 2
    c
    • 2
    • 4
  • b
    I'm going to be at PyCon AU this weekend, speaking on Sunday (not about Pants). Anyone else? Feel free to come find me
    ๐ŸŽ‰ 2
  • c
    I'm currently exploring what I can use ChatGPT for.. and tried it on the most recent question in general, and here's the result (unedited from ChatGPT, so take the information with a grain of salt) ๐Ÿงต
    b
    p
    • 3
    • 5
  • c
    https://star-history.com/#pantsbuild/pants&Date I missed we blew past 3k stars..!
    ๐ŸŽ‰ 2
  • w
    Linux folk might wanna upgrade their packages - this is an interesting priv escalation. The example I saw uses Python to take over https://blog.qualys.com/vulnerabilities-threat-research/2024/11/19/qualys-tru-uncove[โ€ฆ]ive-local-privilege-escalation-vulnerabilities-in-needrestart
  • f
    The "joys" of Linux and Open Source: On Kubuntu 24.04, 
    kdialog
    goes into an infinite loop when VSCode tries to open a system dialog via it and so nothing appears. https://bugs.kde.org/show_bug.cgi?id=494160. Fixed in 24.10 but unlikely to be fixed in 24.04. So reliable!
  • b
    python-build-standalone
    is now an Astral project: https://astral.sh/blog/python-build-standalone
    ๐ŸŽ‰ 3
    w
    p
    • 3
    • 3
  • w
    https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection Pip cache poisoning - pretty neat breakdown. I'd never heard of zizmor, but seems to be a static analysis for GHA. It would be beyond hilarious if zizmor was malware for exfiltrating GHA tokens, and this whole post was to introduce why people should use it.
    b
    • 2
    • 2
  • c
    I'm not sure how to phrase this exactly but... why does Build Event Protocol <https://bazel.build/remote/bep> exist? Like why isn't it "just" OpenTelemetry? Just what was written first historical contingency? Actuality doing something totally different?
  • w
  • c
    For Python folks, that also need to work with data in binary form.. this could potentially be interesting then (random self-plug, for a new baby project taking shape): https://github.com/kaos/structclasses ((and yes, this may lead to me spending more time on Python related projects again... potentially)) As is more usual than not, docs are lacking. But questions/feedback/etc most welcome. (I know there's type hints in the code, but no, I've not bothered actually running a typechecker on it yet, so I know there'll be issues in that area ๐Ÿ˜› )
    w
    • 2
    • 34
  • p
    I'm curious: does anyone else use a 
    pex_binary
    to generate a "self-extracting virtualenv archive"? I wrote an entry point (actually an "executable") for a pex that just makes the pex extract itself. I wonder if that is a common pattern or not. Here's where I'm adding the 
    pex_binary(executable=...)
    : https://github.com/StackStorm/st2/pull/6307
    c
    • 2
    • 5
  • w
    Rust Nation UK just released their 2025 talks - and I've been binging a bunch of them: https://www.youtube.com/playlist?list=PL1AoGvxomykSSFFL4Qav3wKzL-dsi9I5L Here was one of the PyO3 developers talking about how cool a python tokio async runtime would be
  • w
    Finally getting this new feature into Suspenders - just have to figure out how to show errors, because vscode likes silently failing
    suspenders-codelens.mov
    ๐Ÿ‘ 3
    ๐Ÿ‘๐Ÿป 1
    • 1
    • 1
  • p
    completely not pants related, but does anyone know if it's possible to make a python library that runs code on startup without needing to be imported? I am thinking of something that runs some code during install to add a sitecustomize (or a pth file? I don't know what these are yet), but my knowledge of python packaging/bootstrap is not super strong
    b
    • 2
    • 1
  • b
    I have created pex for my EMR serverless. when I unzip the pex I can see a module inside .deps/jsonschema.. but the script which is importing it is not able find this module. I provide main.py and pex to emr with boto3 from a lambda. I created pex_binary in build. does anyone faced similar issues? if someone suggest better way to run pyspark script on emr when dependency is also on other repos of the Monorepo.
    b
    • 2
    • 3
  • w
    Neat, Ruff's working on a type checker - that would be a great one to speed up - typechecking is horribly slow https://github.com/astral-sh/ruff/blob/2bcd2b41470706fac9e9e995be3721caf2271b02/crates/red_knot/README.md
    b
    h
    • 3
    • 11
  • w
    TIL Anaconda isn't free anymore. I used it for a weekend many years ago, and found it more convoluted (and system breaking) than just installing vanilla python - and I've never touched it since https://www.theregister.com/2024/08/08/anaconda_puts_the_squeeze_on/
    g
    c
    • 3
    • 6
  • w
    This was a fun watch. Dude is super chill

    https://www.youtube.com/watch?v=GxTdBkcn1jMโ–พ

  • c
  • w
    How had I never heard of slopsquatting before - SUUUUCH a good name https://www.kaspersky.com.au/blog/ai-slopsquatting-supply-chain-risk/34833/