Podcasts about Web development

In this episode, Laura Cantor shares key takeaways from her experience at Vendors in Partnership, including emerging trends in retail, the growing importance of meaningful partnerships, and how brands can cut through the noise in a tech-saturated landscape.  She dives into why people—and the partnerships they build—are still the foundation of innovation and growth, even as AI continues to transform the industry.  Laura also highlights tactical approaches that are driving real results today, including insights on high-impact ecommerce solutions like AfterSell, a platform helping brands maximize revenue through post-purchase optimization.  In This Conversation We Discuss: [00:00] Intro [02:38] Learning the value of brand building [06:20] Sponsor: Migrate [08:19] Prioritizing learning over job titles [12:46] Sponsor: Intelligems [14:46] Overcoming organizational status quo [17:08] Streamlining operations for future tech [21:06] Sponsor: Electric eye [22:14] Optimizing brands for agentic AI search [23:43] Monetizing traffic through retail networks [25:34] Callouts [25:44] Leveraging partnerships for mutual wins [28:00] Emphasizing human strategy alongside AI  Resources: Subscribe to Honest Ecommerce on Youtube Women's apparel specialty retailer nyandcompany.com/ Follow Laura Cantor linkedin.com/in/lauracantor/ Migrate and grow more klaviyo.com/honest Book a demo today at intelligems.io/ Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

————— COACHING —————Vous êtes leader tech ou product face à des défis majeurs ?

If you've ever been to PyCon, you know one of the best parts of the expo hall is Startup Row, a stretch of booths where early-stage companies built on Python show off what they're creating. But only attendees get to walk that lane, so let's bring it to everyone. In this episode, we stroll down Startup Row together. We kick things off with the organizers, Jason and Shay, who share the program's origin story going back to Paul Graham and the PSF, plus some surprising stats, including two unicorns among the alumni. Then we meet five startups: Tetrix, bringing AI to institutional investing in private markets. Arcjet, security that lives inside your app as an SDK. Phemeral.dev, serverless hosting built for Python web apps. CapiscIO, an identity and authority layer for AI agents. And Pixeltable, a multimodal database from Marcel Kornacker, co-creator of Apache Parquet. See if you can spot the theme running through them all. Let's go for a walk. Episode sponsors AgentField AI Talk Python Courses Links from the show Guests Naunidh Bhalla: linkedin.com Grant Gittes: linkedin.com Marcel Kornacker: linkedin.com Beon de Nood: linkedin.com Chinmaya Joshi: linkedin.com David Mytton: linkedin.com Shea Tate-Di Donna: linkedin.com Jason Rowley: linkedin.com Azul Garza: github.com Renée Rosillo: linkedin.com Tetrix: tetrix.co Tetrix Jobs: tetrix.co Arcjet: arcjet.com Pixeltable: pixeltable.com Phemeral.dev: phemeral.dev CapiscIO: capisc.io Episode #551 deep-dive: talkpython.fm/551 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Kevin McLaughlin is a Google Analytics and Tag Manager expert specializing in building custom Google Analytics implementations that give you consistent, accurate, and easy to use results that actually help you make better business and product decisions.  Because of his years of experience in product development and management, he knows how to implement your marketing analytics tools so you can derive new insights from your data. As a developer and engineer, Kevin can deal with any level of technical-detail, from quick audits to in-depth, custom javascript setups and maintenance.  He has worked at both large companies and small startups and have setup analytics for both as well as many blogs, small businesses, and non-profits.  Kevin is currently developing several web-applications myself, which keeps me up to date on the latest web technologies and how to implement analytics effectively with them. In This Conversation We Discuss:  [00:30] Intro [01:30] Solving messy data gaps in business [03:33] Building tools to fix your own pain [04:50] Rebuilding analytics for a new internet era [06:20] Adapting to a more privacy-first internet [06:56] Moving beyond session-centric measurement [08:15] Aligning analytics with real shopping sessions [09:24] Shifting from plug-and-play to custom reporting [10:25] Callout [10:36] Overcoming the GA4 learning curve shock [12:37] Unlocking power in custom GA4 explorations [13:13] Fixing tracking before analyzing performance [14:37] Breaking down how GA4 actually receives data [16:53] Understanding why GA4 misses real orders [18:23] Fixing missing orders with server-side tracking [20:44] Choosing build vs buy analytics tools [21:31] Keeping analytics simple for early-stage stores [22:37] Avoiding over-optimization too early [25:01] Staying grounded in real customer acquisition [25:47] Combining clean data with real interpretation [26:49] Making GA4 implementation simple for merchants Resources: Subscribe to Honest Ecommerce on Youtube The leading GA4 integration for Shopify slideruleanalytics.com/ Follow Kevin McLaughlin https://www.linkedin.com/in/kevin-mclaughlin-1900/ If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

Topics covered in this episode: Vulnerability and malware checks in uv HTTP GET requests with the Python standard library Millions of AI agents imperiled by critical vulnerability in open source package alembic-git-revisions Extras Joke Watch on YouTube About the show Goodbye and Thanks Brian Thanks Calvin for being part of this and future episodes! Also new time for the live show. Thanks Brian for all the hard work over the years. Calvin #1: Vulnerability and malware checks in uv release just yesterday by Astral https://astral.sh/blog/uv-audit uv audit scans dependencies for known vulnerabilities and abandoned packages via the OSV database — runs 4–10x faster than pip-audit Malware check runs on every install/sync, catching actively malicious packages (credential stealers, etc.) before they execute — including ones PyPI quarantined but lockfiles can still reference Enable malware scanning with UV_MALWARE_CHECK=1 — it's opt-in and in preview Future roadmap includes a resolver that steers toward vulnerability-free versions and install-time warnings scoped to newly added deps only Michael #2: HTTP GET requests with the Python standard library If you're doing HTTP in Python, you're probably using one of three popular libraries: requests, httpx, or urllib3. There have been issues with httpx lately. Niquest is another option: Drop-in replacement for Requests. Automatic HTTP/1.1, HTTP/2, and HTTP/3. WebSocket, and SSE included. But maybe less is more, especially in the age of agentic AI A good candidate needs two things to be true at once, not one: the used surface is small, and the behavior behind that surface is shallow. Calvin #3: Millions of AI agents imperiled by critical vulnerability in open source package "BadHost" (CVE-2026-48710) is a critical vulnerability in Starlette — the ASGI framework underlying FastAPI — with 325 million weekly downloads; also affects vLLM, LiteLLM, and most MCP server tooling The exploit is trivial: injecting a single character into an HTTP Host header bypasses path-based authentication, and can lead to credential theft, SSRF, and in some cases remote code execution MCP servers are a prime target since they store credentials for external services (email, databases, cloud accounts) — exposed data in the wild includes biopharma clinical trial DBs, full mailboxes, HR/PII pipelines, and AWS topology Fix is available — patch to Starlette 1.0.1 immediately; use the free scanner at mcp-scan.nemesis.services to check if your servers are still running a vulnerable version Open source sustainability footnote: the maintainer triages near-daily security reports solo, in his free time — most are AI-generated noise, and real ones like this still compete for the same evenings and weekends Michael #4: alembic-git-revisions By Julien Danjou from Mergify Automatic Alembic migration chaining based on git commit history. No more Multiple head revisions are present for given argument 'head'. See the introductory article Caused by two migrations landed with the same down_revision, and Alembic doesn't know which one comes first. The fix is always the same: someone manually edits the migration file to re-chain the revisions. The insight: git already knows the order Extras Calvin: GNU make can do pattern matching in the target. Not new at all, mentioned in the 1994-era docs. just and task don't have this super power on the target name yet. train-%: uv run ./train.py $* --save-hyper-params --overwrite $(TRAIN_ARGS) Michael: Updated my HTTP client using packages from httpx to httpx2: listmonk, umami, and memberful. For motivation, see this reddit thread. Joke: Accurate

Catherine Hayden is the Chief Marketing Officer at Kate Farms, the #1 doctor-recommended plant-based nutrition brand. Since joining the company in 2018, she has helped scale Kate Farms through rapid growth, multiple funding rounds, and its acquisition by Danone, while building an omnichannel business spanning healthcare, direct-to-consumer, subscription, Amazon, and retail. Catherine began her career as a Registered Dietitian, giving her a unique perspective at the intersection of healthcare, nutrition, and consumer behavior. Today, she leads brand strategy, commercial growth, innovation, and integration across both healthcare and consumer channels. Kate Farms was founded to solve a deeply personal problem. After being diagnosed with cerebral palsy at age five, Kate struggled to tolerate existing nutrition formulas and relied on a feeding tube for nourishment. What began as a solution for one child has since grown into a company that has nourished more than 600,000 people. In this episode, Catherine shares how Kate Farms evolved from a healthcare-focused company into a high-growth Ecommerce and omnichannel brand, including lessons on building DTC alongside Amazon, uncovering customer insights that reshaped the business, and expanding awareness and access without sacrificing growth. In This Conversation We Discuss: [00:29] Intro [01:42] Serving customers across every life stage [02:02] Scaling impact from one success story [03:36] Validating demand before scaling [05:48] Episode Sponsor: Klaviyo [07:55] Learning complex channels through partnerships [10:36] Balancing trust with Ecommerce growth [12:32] Episode Sponsor: Intelligems [14:32] Using customer insights to guide strategy [17:40] Connecting brand awareness to conversions [19:13] Expanding reach while maintaining growth [22:13] Episode Sponsor: Electric Eye [23:20] Creating loyalty beyond product discounts [26:45] Winning customers through better products [27:17] Callout [27:27] Making great products easier to access Resources: Subscribe to Honest Ecommerce on Youtube Plant-based tube feeding formulas and shakes katefarms.com/ Follow Catherine Hayden linkedin.com/in/catherine-hayden-28233816 Migrate and grow more klaviyo.com/honest  Schedule an intro call with one of our experts electriceye.io/connect Book a demo today at intelligems.io/ If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

————— COACHING —————Vous êtes leader tech ou product face à des défis majeurs ?

Today's podcast is a recording of a call that Rich had with a company in the midwest who RIch had already spent two solid hours on the phone with, auditing their website and explaining in detail why their current website and SEO was terrible, and how Level 10 could help them do it much, much better. But even after two hours, they were… understandably… still skeptical. Their trust with web companies was non-existent, and they needed a real boost to get over the finish line.

Topics covered in this episode: CVE-2026-48710: A Maintainer's Perspective daily-stars-explorer Markdown to pdf with pandoc and typst postman2pytest Extras Joke Watch on YouTube About the show Brian #1: CVE-2026-48710: A Maintainer's Perspective Marcelo Trylesinski suggested by Lee Luocks Short version: users of Starlette: upgrade to Starlette 1.0.1 security professionals: we can't treat open source projects like corporations This top link is a Starlette security advisory with the title Missing Host header validation poisons request.url.path, bypassing path-based security checks The CVE apparently caused some negative press targeting starlette. However, “the vulnerability came from the application pattern and the deployment, never from something Starlette intended.” A quote from an OSTIF article: “This bug is a classic “responsibility gap” where if this maintainer didn't patch, thousands of exposed projects would have to individually secure their projects. In doing this work, they've voluntarily taken on the responsibility to protect the ecosystem from long-term systemic harm. As with all open source projects, they owed us nothing and could have left this to be everyone else's problem and took the extraordinary steps of helping the ecosystem.” Both X40 D-Sec and Ars Technica expected immediate fixes and responses from Starlette. That's not good. We can do better. Michael #2: daily-stars-explorer Explore the full history of any GitHub repository.

Bob Verlaat and Nick Nijhof are Amsterdam-based entrepreneurs and Co-Founders of Hears, the fast-growing hearing protection brand redefining earplugs through premium design and industry-leading sound clarity. Prior to Hears, the duo successfully scaled luxury sleep wellness brand Dore & Rose to $30M in revenue, building deep expertise in branding, Ecommerce, and consumer behavior. Their entrepreneurial journey has been shaped by creating products that solve real consumer problems while building emotionally resonant brands. After Bob experienced hearing damage and persistent tinnitus from loud music, the pair became increasingly aware of the global problem of noise-induced hearing loss and the lack of earplugs people actually wanted to wear. Existing products compromised sound quality, looked unattractive, and failed to fit seamlessly into modern lifestyles. Driven by that personal frustration, Bob and Nick spent 1.5 years researching and developing Hears from scratch, investing in patented filter technology and an award-winning heart-shaped design focused on preserving natural sound while protecting hearing. Since launching in 2024, Hears has generated $7M in first-year revenue, won the Red Dot Design Award, and partnered with globally recognized brands and venues including Yves Saint Laurent and Pacha Ibiza. In This Conversation We Discuss: [00:32] Intro [00:58] Launching products with clear positioning  [01:31] Solving everyday problems through Ecommerce  [03:14] Leveraging past mistakes to scale faster  [06:33] Episode Sponsor: Klaviyo [08:32] Finding product ideas through personal pain  [09:49] Testing creatives to accelerate growth  [11:01] Balancing brand building with direct sales  [11:57] Leveraging organic content before paid scaling  [13:51] Episode Sponsor: Intelligems [15:52] Optimizing products for global scalability  [19:14] Episode Sponsor: Electric Eye [20:23] Designing products customers instantly notice  [22:20] Protecting products through patented innovation  [23:25] Callout [23:34] Using social proof to increase conversions  Resources: Subscribe to Honest Ecommerce on Youtube Engineered for maximum sound blocking, reduce disruptive noise, helping you fall asleep faster, stay asleep longer and wake up fully rested hears.com/ Follow Bob Verlaat linkedin.com/in/bobverlaat/ Follow Nick Nijhof https://www.linkedin.com/in/nicknijhof/ Book a demo today at intelligems.io/ Migrate and grow more klaviyo.com/honest  Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

You wake up, brew the coffee, open GitHub, and there it is. Another pull request on your open source project. Thirteen thousand lines added. No issue filed first. No discussion. Just "here, please review this for me." Over the past year, GitHub activity has spiked roughly twelve times in a few short months, and a huge chunk of that signal is landing on the same small group of maintainers who were already stretched thin. The curl bug bounty got buried under AI-generated noise. Jazzband, the home of Django classics like pip-tools and the Django debug toolbar, hit what its maintainer called an "apocalypse" and started sunsetting. Even CPython just shipped fresh guidelines on AI-assisted contributions this week. So what does all of this actually look like from the receiving end of the pull request? On this episode, Paolo Melchiorre joins us to tell that story from inside the maintainer's chair. Paolo is a director of the Django Software Foundation, an organizer of PyCon Italy, a Django Girls coach, and he has spent the past year carefully collecting examples of how AI is reshaping open source contributions. The good, the bad, and the extra fingers. We dig into his PyCon US talk on AI-assisted contributions and maintainer load, why AI is best understood as an amplifier rather than a new kind of contributor, the wildly different policies across 86 open source foundations, whether projects banning AI today are reacting to last year's models. Episode sponsors AgentField AI Talk Python Courses Links from the show Guest Paolo Melchiorre: github.com DSF: www.djangoproject.com djangonaut-space: djangonaut.space PyCon Italia: 2026.pycon.it uDjango: github.com My PyCon US 2026 post: www.paulox.net AI-Assisted Contributions and Maintainer Load: www.paulox.net Senior Engineer Tries Vibe Coding: www.youtube.com Code Rabbit AI PR Reviews: www.coderabbit.ai GitHub Usage Graphs: github.blog Update on CPython's AI Policies: fosstodon.org High-Quality Chaos from Curl: daniel.haxx.se The Generative AI Policy Landscape in Open Source: redmonk.com Watch this episode on YouTube: youtube.com Episode #550 deep-dive: talkpython.fm/550 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Jason Zigelbaum is the solo founder behind Zigpoll—the zero-party data platform trusted by Sony, HP, Kraft Heinz, and Hallmark.  Zigpoll collected over 100 million survey responses and counting. Third-party cookies are going away. Ad platforms are losing signal. Brands that don't collect first-party data are flying blind. Zigpoll fixes that.  Zigpoll makes it dead simple to launch contextual surveys that ask the right questions, at the right time, in the right channel so brands can stop guessing and start knowing.  How brands use Zigpoll:  - Discover how customers found you with post-purchase surveys - Improve products with real customer feedback  - Boost sales with on-site CRO surveys - Recover lost sales with abandoned cart & exit intent surveys  - Segment audiences by demographics and psychographics for higher-ROI campaigns  What makes it easy:  - No code. Installs on Shopify in seconds  - Surveys in any language with built-in translation  - Conditional logic and follow-up questions that dig deeper  - Triggers for post-purchase, abandoned cart, fulfillment, exit intent  - Deliver via SMS, email, or on-site  - Pipes data directly into Klaviyo, ActiveCampaign, Gorgias & more In This Conversation We Discuss:  [00:00] Intro [02:31] Starting with what you already know  [04:35] Uncovering your business blind spots  [07:38] Lowering mental friction for your users  [09:06] Eliminating the guesswork from strategies  [11:07] Callouts [11:07] Catching errors with your users' feedback  [13:35] Segmenting buyers to understand habits  [17:24] Using AI as a powerful force multiplier [22:21] Testing concepts without real users  Resources: Subscribe to Honest Ecommerce on Youtube Survey & feedback platform.zigpoll.com/ Follow Jason Zigelbaum LinkedIn linkedin.com/in/jason-zigelbaum If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

In this episode of Elixir Wizards, hosts Charles Suggs and Emma Whamond sit down with Saša Jurić, Elixir mentor and author of Elixir in Action, to discuss software craftsmanship in the age of AI. As AI coding tools become increasingly capable, Saša argues that the real challenge isn't generating code, it's maintaining quality, clarity, and shared understanding within a codebase. We explore the difference between correct code and good code, and why code is more than a set of instructions for a machine to execute. Code is also documentation, communication, and a long-term investment that future developers must be able to understand and maintain. Saša shares his concerns about the growing "theater of pull requests," where teams go through the motions of code review without creating meaningful opportunities for learning, feedback, or knowledge sharing. The hosts and Saša talk about practical ways to work effectively with AI, including taking smaller steps, carefully reviewing AI-generated code, and using AI as a collaborative tool rather than an autonomous developer. Throughout the discussion, Saša challenges the industry's obsession with speed and makes the case that the principles of good software development (incremental progress, clear communication, and human judgment) remain important in the age of AI. Key Topics Discussed The difference between correct code and good code Code as communication, documentation, and shared understanding The "theater of pull requests" and ineffective review practices How AI is changing software development workflows Using AI as a collaborator rather than a replacement Why smaller, incremental changes lead to better outcomes Human oversight in AI-assisted development Balancing development speed with maintainability Pull request size and review effectiveness Commit history as a tool for storytelling and context The risks of accumulating technical debt faster with AI Testing and validating AI-generated code Refactoring AI-generated solutions for clarity Applying agile principles to AI-assisted workflows The role of experience and judgment in software design Why software craftsmanship still matters in the age of AI Links mentioned Code Complete by Steve McConnell https://khmerbamboo.wordpress.com/wp-content/uploads/2014/09/code-complete-2nd-edition-v413hav.pdf Harness AI for DevOps, Testing, and AppSec https://www.harness.io/ Claude Code https://claude.com/product/claude-code Claude Code GitHub https://github.com/anthropics/claude-code Pull Request for Oban https://github.com/oban-bg/oban/pull/331 SMPP https://en.wikipedia.org/wiki/Short_Message_Peer-to-Peer OpenAI Codex https://chatgpt.com/codex/ Opus AI https://opus.ai/ Tidewave https://tidewave.ai/ Credo Static Code Analysis https://github.com/rrrene/credo https://smartlogic.io/podcast/elixir-wizards/s11-e09-static-code-analyzer-elixir-credo-ruby-rubocop/ Link to Sasa's X post https://x.com/sasajuric/status/2029522378196238503 Saša Jurić “Tell Me A Story” at Goatmire https://www.youtube.com/watch?v=GOrKfCs-mr0 https://meks.quest/blogs/the-theatre-of-pull-requests-and-code-review Looks Good to Me: Constructive Code Reviews by Adrienne Braganza https://www.manning.com/books/looks-good-to-me Towards Maintainable Elixir: Testing https://medium.com/very-big-things/towards-maintainable-elixir-testing-b32ac0604b99 TDD, Where Did It All Go Wrong (Ian Cooper) https://youtu.be/EZ05e7EMOLMSpecial Guest: Saša Jurić.

Your documentation has two audiences now - humans reading the rendered HTML, and AI agents trying to make sense of your library. Rich Iannone and Michael Chow from Posit are back on Talk Python with a brand new Python documentation tool called Great Docs that takes both seriously. Rich is the creator of Great Tables, and before that the R package GT, the man has a serious eye for design, and he's pointed that energy at the Python docs ecosystem. We'll talk about how Great Docs spins up a polished site in three commands, why every page ships as Markdown for your favorite LLM, how it leans on Quarto for executable code blocks and tabbed install sections, and where it lands against Sphinx, MkDocs, and Zensical. Plus, you'll meet Tablin. Here we go. Episode sponsors Sentry Error Monitoring, Code talkpython26 Temporal Talk Python Courses Links from the show Guests Michael Chow: github.com Rich lannone: github.com Python Web Security with OWASP Top 10 and Agentic AI Course: talkpython.fm Great Docs: posit-dev.github.io/great-docs Great Tables: posit-dev.github.io GT Episode: talkpython.fm Sphinx: www.sphinx-doc.org mkdocs: www.mkdocs.org Zensical: zensical.org Hugo: gohugo.io Ghost: ghost.org Rs pkgdown: pkgdown.r-lib.org Quarto: quarto.org quickstart: posit-dev.github.io llms.txt file: llmstxt.org llms.txt: talkpython.fm mcp: talkpython.fm cli: talkpython.fm Watch this episode on YouTube: youtube.com Episode #549 deep-dive: talkpython.fm/549 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Topics covered in this episode: Dumb Ways for an Open Source Project to Die How to create a pylock.toml lockfile https://github.com/facebook/Lifeguard Choosing a Python Logging Library in 2026 Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Dumb Ways for an Open Source Project to Die Core categories The maintainer left The maintainer is still there Sabotage and capture The release pipeline broke Force majeure The world moved on The project split - Examples Bulma PRs still from 2023, issues and PRs with no maintainer response for years, last release 1.5 years ago diskcache Similar, got hired by OpenAI, crickets after that Brian #2: How to create a pylock.toml lockfile Tim Hopper Tim walks through using uv, pip and pdm to create pylock.toml files. Recommendation: use uv export --format pylock.toml -o pylock.toml He also has How to install from a pylock.toml lockfile with pip but the short version is: use -r because tools treat it like a requirements file Michael #3: https://github.com/facebook/Lifeguard Lifeguard is a static analyzer to detect Lazy Imports incompatibilities and ease the adoption overhead for Lazy Imports in Python. I'm more excited about lazy imports after my Cutting Python Web App Memory Over 31% experience Some Python patterns depend on imports executing immediately. For example: Module-level side effects — a module that registers a handler or modifies global state at import time will behave differently if that import is deferred. The registry pattern — a module that registers itself (e.g., adding to a global dict) when imported will silently fail to register under Lazy Imports. sys.modules manipulation — code that reads or writes sys.modules assumes prior imports have already executed. Metaclasses and __init_subclass__ — class creation side effects may depend on imports being resolved. Project Stage: Beta Lifeguard is in active development. We are aiming to be ready for general use by the Python 3.15 final release. Brian #4: Choosing a Python Logging Library in 2026 Ayooluwa Isaiah " which libraries matter, how they compare, where they overlap with the standard module, and when each one makes sense.” The slant with this article is the need to log json output, which seems reasonable as things like API entry and exit point logging will include json. Covered libraries standard library logging with a hat tip to python-json-logger Same site has a guide to setting up python-json-logger structlog Loguru Logbook picologging Some benchmarks with structlog, stdlib+json, and Loguru, with structlog coming out faster I liked the Loguru example I'm going to have to try @logger.catch and logger.exception() for easily logging exceptions and serialize=True to enable JSON output. Extras Brian: When Women Stopped Coding - Planet Money segment , spotted on BlueSky from Savannah Ostrowski Lean TDD is now leaner Still working on audio version, but some great changes in 0.7.1 version Ch 6, TDD Interpretations, move ATDD and some of BDD to chapter Ch 7, Change name to TDD with Teams: BDD and ATDD Ch 9, Lean TDD, streamline steps and chapter Ch 10, Change name to Lean TDD with Teams: Lean ATDD Ch 11, Lean TDD with AI, Add short discussion about guardrails and security Michael: New course: Python Web Security: OWASP Top 10 with Agentic AI All courses now with Spanish subtitles, see announcement Joke: Stop texting me

Hilary Dubin is co-CEO and head of Jones' digital product & behavioral support program. She graduated from the University of Pennsylvania magna cum laude, majoring in cognitive science with a concentration in computation and cognition, an honors thesis on the effects of gender, realism, and role of virtual agents, and a minor from Wharton in consumer psychology.  She worked in David Brainard's visual neuroscience lab for 3 years and published 4 papers and supplementary materials on illumination discrimination (color perception). After Penn, she was selected as one of ten Americans to be a Ventures Fellow in the Excel Ventures incubator program in Tel Aviv, and continued on to be the inaugural member, and later program lead, of the US Associate Product Manager Program at Atlassian.  She worked as a product manager at Atlassian for 5 years, ultimately as Head of Confluence Editions & Admin Experience where she launched Confluence Premium & Free into multi-million dollar product offerings with 2M+ users. She hired & managed two PMs and lead a team of over 30 developers.  Prior to founding Jones, she and Caroline founded Cozier together, a sleep & loungewear brand designing ethical, effortlessly chic garments for every/body. Hilary started vaping casually in 2017 when the JUUL seemed relatively harmless and fun.  When the world went on lockdown in 2020, her casual vaping habit became a daily crutch for coping with stress and working from home. After over a year of unsuccessful cold-turkey quit attempts, she finally kicked her vaping habit in 2022 when Caroline suggested she try NRT.  Outside of work, Hilary loves hiking, backcountry skiing, trying to find the best burger in NYC, and playing with other people's dogs. In This Conversation We Discuss: [00:00] Intro [02:34] Creating products from personal pain points [06:52] Sponsor: Klaviyo  [08:59] Meeting potential customers where they are [10:47] Adapting products based on user feedback [13:48] Testing market demand with waitlists [16:02] Sponsor: Electric Eye [17:10] Maximizing personal networks for growth [18:34] Gathering behavioral data in early days [19:52] Callouts [20:02] Launching a product to engaged audiences  [22:09] Sponsor: Intelligems [24:09] Pivoting marketing to bridge early limitations [26:24] Driving organic traffic with relatable content  [30:33] Adding modern value to traditional products Resources: Subscribe to Honest Ecommerce on Youtube Nicotime mints and social app to quit vaping quitwithjones.com/ Follow Hilary Dubin linkedin.com/in/hilary-dubin-374156b4/ Follow Caroline Vasquez Huber linkedin.com/in/caroline-vasquez-huber Book a demo today at intelligems.io/ Schedule an intro call with one of our experts electriceye.io/connect Get your free demo klaviyo.com/honest If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

Topics covered in this episode: Using Django Tasks in production Co-authored with Claude? PyPI packages are increasing rapidly httpx2 Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: Using Django Tasks in production Tim Schilling shares how the Djangonaut Space website has been using Django's new tasks framework and some of the info missing from the official Django docs. Tasks require a third party package, django-tasks-db to actually run the tasks. Article walks through all changes necessary to get an email process running to notify admins of new testimonials. Cool simple example. With the db backend, you can monitor progress of tasks in the admin, to see which tasks are scheduled, completed, or have errors. Some wishes for the community to implement new tutorial in the Django docs Django Debug toolbar panel for tasks test/mock backend Great title for wish list: Thinks I'd like to see, but I'm too lazy to implement myself. Michael #2: Co-authored with Claude? Via Nik T. We don't put “executed on macOS”, “edited with PyCharm”, etc. in our commits. Why Claude? Seems like a growth hack to me, that I don't really care to participate in. Some projects that have formalized their thoughts on this: The Generative AI Policy Landscape in Open Source Adjust to turn off in ~/.claude/settings.json see the docs. { "attribution": { "commit": "", "pr": "" } } Brian #3: PyPI packages are increasing rapidly Artem Golubin There's been an increase of published packages per week on PyPI A pretty big increase in the last handful of months. 30% increase since 2025, clearly due to AI Artem is building hexora, a malicious Python code detector. Cool package too, it can: Audit project dependencies to catch potential supply-chain attacks Detect malicious scripts found on platforms like Pastebin, GitHub, or open directories Analyze IoC files from past security incidents Audit new packages uploaded to PyPi. Artem is using hexora to analyze recently published pypi packages and many are obviously vibecoded and trigger false positives for abuses of eval, exec, and subprocess Side note: I don't think that's necessarily a false positive. Not malicious, but maybe a stupid-code-detector? Lots are LLM related, Lots have bots contributing code Publishing rate is crazy, dozens to hundreds of published versions in a day is a bug, not a feature Brian's proposal, PyPI should limit releases per day for any package to something a sane human would do, even if they make a mistake on a release, to maybe like 2-3, definitely under 10, in a day. And if the repo has obvious agent contributors listed, maybe lower to the limit to 1-2 a day? Honestly, “move fast and break things” doesn't apply to breaking the commons. Michael #4: httpx2 More on the httpx, httpxyz, etc changes: Pydantic people started their own fork, httpx2. Michiel says “while we think httpxyz was definitely needed, we welcome httpx2 and think it should be the ‘blessed' fork.” Kludex, who is among other things maintainer of Starlette, was considering a fork As it stands, httpx2 is lacking the performance improvements they added to httpxyz. But it will not be long before they will add those, too. Also they already made some smart decisions: they are switching from certifi to truststore they are switching to compression.zstd on Python 3.14+, enabling zstd compression by default they merged httpcore and vendored it in their repository Discussion on Hacker News Extras Brian: The Four Horsemen of the LLM Apocalypse - Anarcat Django/JetBrains 2026 developer survey is open Pyrefly 1.0 : “meaning we are confident that Pyrefly is ready for production use.” Michael: Just about ready to release Python Web Security: OWASP Top 10 with Agentic AI course. Be sure to be on the courses newsletter to get notified. Joke: Proud Parents

Ethan Haber is an inventor, founder, and CEO who built Happy Habitats—an award-winning, industry-recognized small-pet products brand—from the ground up with no outside funding.  Under his leadership, the company achieved distribution across North America and beyond, brought the business to six figures in 2025, and earned multiple Best in Show awards at Superzoo and Global Pet Expo.  Ethan is credited as a key inventor on Happy Habitats' Halo and Roam products, which are protected by U.S. utility patents #12,219,927 and #12,465,021, and he is launching a new product with a major big-box retailer next month.  In This Conversation We Discuss: [00:00] Intro [01:49] Identifying niches with stagnant innovation  [04:10] Partnering with experienced agencies  [04:56] Sponsor: Migrate [06:54] Scaling into national retail chains  [09:08] Finding the right marketplace partner  [10:20] Sponsor: Intelligems [12:18] Shifting ad spend to marketplace advertising  [14:00] Starting complementary product ecosystems [15:01] Callouts [15:11] Persisting through buyer objections  [16:29] Maximizing cost efficiency in product design [17:08] Sponsor: Electric Eye [00:00] Maximizing cost efficiency in product design  Resources: Subscribe to Honest Ecommerce on Youtube Walk Your Hamster Anywhere happyhabitats.net/ Follow Ethan Haber linkedin.com/in/ethan-haber-124040168/ Book a demo today at intelligems.io/ Migrate and grow more klaviyo.com/honest Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

Sean Wendt is the founder of dtcmvp. dtcmvp connects shopify partners with leaders at established brands. From intros to insights, they handle everything: you reach your ideal audience, build a better product, and attract more brands.  In This Conversation We Discuss: [00:00] Intro [01:30] Understanding prospects' rejection [05:48] Defining the role of outbound sales reps [10:54] Crafting a strong offer for your outreach [12:29] Callouts [12:39] Increasing discovery with paid consultations [15:00] Aligning solutions with existing goals [21:51] Determining the right time to scale outreach  [24:39] Designing workflows around busy calendars  Resources: Subscribe to Honest Ecommerce on Youtube Shopify's Modern Expert Network dtcmvp.com    Follow Sean Wendt  linkedin.com/in/seanwendt If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

In Season 15 episode 3, Charles Suggs sits down with Greg Medland, aka “The Elixir Fixer,” to talk about the current state of hiring and the software jobs market in 2026.   Greg shares what he's seeing from both sides of the hiring process as an Elixir-focused recruiter, from shifting company expectations to the growing importance of specialization, communication skills, and real-world product thinking. We discuss how the market has changed since the 2021–2022 hiring boom, why things feel more uncertain today, and how developers are adapting to a slower, more competitive landscape.   The conversation also explores how AI is affecting hiring workflows, résumé quality, technical interviews, and even the rise of fraudulent candidates. Greg explains why human relationships and reputation still matter more than ever, especially in smaller ecosystems like Elixir where community connections carry real weight.   Along the way, we talk about what junior developers are up against, why senior engineers with domain expertise continue to stand out, and what developers can do to position themselves more effectively in today's market. Greg shares practical advice for building a sustainable career, developing a clear professional identity, and navigating a rapidly changing industry.   Topics discussed in this episode: The current state of the Elixir job market Hiring trends and market shifts since 2021–2022 How AI is changing hiring and recruiting workflows Fraudulent candidates and AI-generated résumés Domain expertise vs. generalist engineering skills Product thinking and customer-focused development What companies are looking for in 2026 Junior developer challenges in the current market Why senior specialists remain in demand Networking and relationship-building in tech Open source contributions and visibility in the Elixir community Standing out in a crowded hiring environment Résumé quality and application strategies The role of personal branding for developers Remote work trends and geographic hiring patterns Technical interview expectations and evaluation changes Startup vs. enterprise hiring differences Human connection in an increasingly automated industry Career resilience and long-term positioning Building a sustainable software engineering career   Links mentioned: Socially Responsible Recruitment https://sr2rec.com/en/ Greg's LinkedIn https://www.linkedin.com/in/elixirfixer/ Greg's email address: greg@sr2rec.com

What if your database worked more like Git? Every change captured as an immutable event you can replay, instead of a single mutating row that quietly forgets its own history. That's event sourcing, and Chris May is back on Talk Python, fresh off our Datastar panel, to walk us through what it actually looks like in Python. We'll cover the core patterns, the libraries to reach for, when not to use it, and why event sourcing turns out to be a surprisingly good fit for AI-assisted coding. Episode sponsors Sentry Error Monitoring, Code talkpython26 Temporal Talk Python Courses Links from the show Guest Chris May: everydaysuperpowers.dev Intro to event sourcing e-book: everydaysuperpowers.gumroad.com Domain-Driven Design: The Power of CQRS and Event Sourcing: How CQRS/ES Redefine Building Scalable System: ricofritzsche.me DDD: www.amazon.com Understanding Eventsourcing (Martin Dilger): www.amazon.com Event Sourcing Explained using Football Video: www.youtube.com Why I finally embraced event sourcing and why you should too article: everydaysuperpowers.dev valkey: valkey.io diskcache: talkpython.fm eventsourcing package: github.com eventsourcing docs: eventsourcing.readthedocs.io John Bywater: github.com Datastar: data-star.dev Microconf: microconf.com Event Modeling & Event Sourcing Podcast: podcast.eventmodeling.org Python Package Guides for AI Agents: github.com Iodine tablets AI joke: x.com KurrentDb: www.kurrent.io Watch this episode on YouTube: youtube.com Episode #548 deep-dive: talkpython.fm/548 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Topics covered in this episode: httpxyz one month in Learn concurrency - a deep dive into multithreading with Python pip 26.1 - lockfiles and dependency cooldowns Python 3.15 sentinal values from PEP 661 Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: httpxyz one month in First version of httpxyz contained just the fixes to get zstd working, and the fixes to get the test suite running on python 3.14, some ‘housekeeping' changes related to the renaming End of March: a compatibility shim that allows you to use httpxyz even with third-party packages that import httpx themselves, as long as you import httpxyz first. Importing httpxyz automatically registers it under the httpx name in sys.modules , see https://httpxyz.org/httpx-compatibility/ Fixed a WHOLE bunch of performance related issues by forking httpcore Brian #2: Learn concurrency - a deep dive into multithreading with Python Nikos Vaggalis “Whenever you are trying to speed up code using multiple cores, always ask yourself: “Do these threads need to talk to each other right now?” If the answer is yes, it will be slow. The best parallel code splits a big job into completely isolated chunks, processes them separately, and merges the results at the finish line.” Good overview of thread concurrency with Python and how that's been improved dramatically with free-threaded Python Defines lots of terms you come across, including “embarrassingly parallel multithreading” There's a counter example that's nice Start with a shared resource, a counter, and multiple threads updating it Attempt to fix with threading.Lock(), which fixes it, but slows things down Good explanation of why Proper fix with concurrent.futures and separating the work of different threads so that they can be independent and their results can be combined when they're all finished. Michael #3: pip 26.1 - lockfiles and dependency cooldowns Python 3.9 is no longer supported Experimental: installing from pylock files Dependency cooldowns (see my post about this) Lifting several 2020 resolver limitations Brian #4: Python 3.15 sentinal values from PEP 661 MISSING = sentinel("MISSING") def next_value(default: int | MISSING = MISSING): ... if default is MISSING: ... Take a name str as a constructor parameter Intended to be compared with is operator, similar to None Sentinal objects can be used as a type, also similar to None and can be combined with other types with |. Unlike None, sentinal values are truthy. (Elipses ... are also truthy) This seems like a strange choice. but I guess it must have made sense to someone. It does force you to use is instead of depending on False-ness, so I guess it'll make code using sentinels more readable. Interesting that the PEP was started in 2021, and we're finally getting it this year. Extras Brian: Before GitHub - Armin Ronacher tenacity - cross-platform multi-track audio editor/recorder learned about it from Armin's article Joke: Joke option Make it myself Seems similar to what people think about software now Links httpxyz one month in httpxyz.org/httpx-compatibility Learn concurrency - a deep dive into multithreading with Python pip 26.1 - lockfiles and dependency cooldowns my post about this Python 3.15 sentinal values from PEP 661 Before GitHub tenacity Make it myself

Gustavo Cardona is VP of Technology at Levain Bakery, where he leads IT infrastructure and data strategy to bridge innovative technology with the operational reality of a craft-focused, omnichannel retail business.  He's responsible for building Levain's enterprise systems, including integrating Toast, NetSuite, and CrunchTime into a unified data platform, migrating the organization to real-time reporting with Tableau, and developing a multi-year technology roadmap. Gustavo's approach focuses on what he calls the "adoption challenge"—ensuring technology actually gets used rather than just implemented.  He's currently leading Levain's Emerging Tech Strategy with a focus on operational efficiency, product innovation, and decision intelligence through responsible AI governance.  In This Conversation We Discuss: [00:00] Intro [02:35] Networking with peers at conferences  [06:10] Sponsor: Klaviyo [08:17] Leveraging past experience in a new role  [11:36] Sponsor: Intelligems [13:36] Cultivating adaptability and resourcefulness [15:54] Identifying bottlenecks in daily operations  [19:29] Sponsor: Electric Eye [20:41] Identifying team pain points on the ground [23:17] Callouts  [23:27] Keeping a human in the loop for AI tools  [27:51] Making your product the hero instead of tech  Resources: Subscribe to Honest Ecommerce on Youtube New York City's Most Famous Cookies levainbakery.com/    Follow Gustavo Cardona linkedin.com/in/cardonagustavo Migrate and grow more klaviyo.com/honest Book a demo today at intelligems.io/ Schedule an intro call with one of our expertselectriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

In Season 15 episode 2, Elixir Wizards Sundi Myint and Charles Suggs chat with Micah Cooper to talk about distributed systems, data replication, and what it actually looks like to build these ideas in Elixir.   Micah shares his journey from Ruby to Elixir and walks us through Visor, a library he's building based on the Viewstamps replication algorithm. Inspired by systems like TigerBeetle, Visor explores how you can replicate state across nodes using GenServers, giving you fault tolerance and recovery without relying entirely on traditional database patterns.   We talk about the difference between distributed systems and data replication, where things tend to get misunderstood, and what changes when you start thinking about state this way. The conversation also touches on event sourcing, tradeoffs in system design, and how Elixir's distributed model makes some of these concepts more approachable than you might expect.   Along the way, we talk about building for curiosity, experimenting with new ideas, and how projects like this push the ecosystem forward.   Topics discussed in this episode: Building Visor and working with the Viewstamps replication model Replicating GenServer state across nodes Distributed systems vs. data replication Lessons from TigerBeetle and financial system design Event sourcing challenges and tradeoffs Rethinking database-first architectures Snapshotting, recovery, and fault tolerance The role of Elixir's distributed model Experimentation, learning, and building for curiosity   Links mentioned: Micah's GitHub https://github.com/mrmicahcooper Micah's GitLab https://gitlab.com/mrmicahcooper The Visor repository: https://gitlab.com/mrmicahcooper/visor Visor Hex Package https://hex.pm/packages/visor Ruby on Rails https://rubyonrails.org/ Phoenix LiveView Framework https://www.phoenixframework.org/ Zig Programming Language https://ziglang.org/ TigerBeetle https://tigerbeetle.com/ TigerBeetle internal docs https://github.com/tigerbeetle/tigerbeetle/tree/main/docs/internals The BEAM https://www.erlang-solutions.com/blog/the-beam-erlangs-virtual-machine/ GenServer https://hexdocs.pm/elixir/GenServer.html Apache Kafka https://github.com/apache/kafka RabbitMQ https://www.rabbitmq.com/ Redpanda https://www.redpanda.com/ SQL https://www.ibm.com/think/topics/structured-query-language Kubernetes https://kubernetes.io/ YAML https://yaml.org/ Nomad Workload Orchestrator https://developer.hashicorp.com/nomad Flutter https://flutter.dev/ Commanded https://hexdocs.pm/commanded/Commanded.html Go Programming Language https://go.dev/ Clojure Programming Language https://clojure.org/ Nebulex https://hexdocs.pm/nebulex/Nebulex.html Mnesia https://www.erlang.org/doc/apps/mnesia/mnesia.html Cachex https://hexdocs.pm/cachex/Cachex.html libgraph https://hexdocs.pm/libgraph/Graph.html Horde https://hexdocs.pm/horde/Horde.Registry.html NocFree split keyboard https://www.nocfree.com/ Micah's LinkedIn https://www.linkedin.com/in/micah-cooper-4a737560/ 

When OpenAI trained GPT-3, they didn't roll their own orchestration layer. They used Ray, an open source Python framework born out of the same Berkeley research lab lineage that gave us Apache Spark. And here's the twist: Ray was originally built for reinforcement learning research, then quietly faded as RL hit a wall. Until ChatGPT showed up. Suddenly reinforcement learning was back, as the post-training step that turns a raw language model into something genuinely useful. Edward Oakes and Richard Liaw, two founding engineers behind Ray and Anyscale, join me on Talk Python to tell that story. We'll trace Ray from its RISE Lab origins at UC Berkeley to powering some of the largest training runs in the world. We'll talk about what Ray actually is, a distributed execution engine for AI workloads, and how a few lines of Python become work running across hundreds of GPUs. We'll cover Ray Data for multimodal pipelines, the dashboard, the VS Code remote debugger, KubRay for Kubernetes, and where Ray fits alongside Dask, multiprocessing, and asyncio. If you've ever stared at a single-machine Python script and thought, "there has to be a better way to scale this", this one's for you Episode sponsors Sentry Error Monitoring, Code talkpython26 AgentField AI Talk Python Courses Links from the show Guests Richard Liaw: github.com Edward Oakes: github.com Ray: www.ray.io Example code (we used for walk-through): docs.ray.io Getting Started with Ray: docs.ray.io Ray Libraries: docs.ray.io kuberay: github.com Watch this episode on YouTube: youtube.com Episode #547 deep-dive: talkpython.fm/547 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Topics covered in this episode: profiling-explorer Reverting the incremental GC in Python 3.14 and 3.15 VSCode AI Co-author defaults to on, then off django freeze Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: profiling-explorer Adam Johnson And intro post Python: introducing profiling-explorer “profiling-explorer is a tool for exploring profiling data from Python's built-in profilers, which are stored in pstats files. ” Features Dark mode Click the calls, internal ms, or cumulative ms column headers to sort by that column. Use the search box to filter by filename or function name. Hover by a filename + line number pair to reveal the copy button, which copies the location to your clipboard for faster opening. Click the callers or callees links on the right of a row (not pictured above) to see the callers or callees of that function. Michael #2: Reverting the incremental GC in Python 3.14 and 3.15 Python 3.14 shipped with a new incremental garbage collector, but production reports of severe memory pressure (Neil Schemenauer measured up to 5× peak RSS on pathological cyclic workloads) have pushed the core team and Steering Council to revert it in both 3.14 and 3.15 - returning to the 3.13-era generational GC. This is the second time the inc GC has been pulled back: it was also reverted right before 3.13.0 final, and it shipped in 3.14 without going through the PEP process. The tradeoff is real: Neil's benchmarks showed max GC pause times of 1.3ms with inc GC versus 26ms with the generational one - great for latency-sensitive apps, terrible for memory-constrained ones. Release manager Hugo van Kemenade will ship 3.14.5 early with the revert, and Gregory Smith floated the idea of a 3.14.5rc1 - the first patch-release RC since 3.9.2 back in 2021. Tim Peters spent the thread doing live forensics on Windows, running a toy deque program that should cap at 1GB and watching it balloon to 15.6GB on a 16GB machine - and discovered the gen0 collector effectively never fires under the new scheme. Tim's bigger meta-point: CPython has a chronic shortage of real-world GC benchmarks, pyperformance has "basically no interesting" cyclic workloads, and users almost never share real data - so core devs keep flying blind on changes like this. Django maintainer Adam Johnson published a blog post mid-thread documenting a real memory "leak" in Django's migration system caused by inc GC, with a manual gc.collect() workaround - the listener-facing receipt that this wasn't just theoretical. If the inc GC comes back for 3.16, it'll go through a proper PEP, and the discussion is already shifting toward keeping both collectors available via a startup flag - which Neil and Sergey Miryanov have both prototyped. Brian #3: VSCode AI Co-author defaults to on, then off VSCode merges Enabling ai co author by default - 3 week ago Ton's of “why would you do this” and related comments VSCode merges Change default for git.addAICoAuthor to off - yesterday Take-away, don't rely on default, set addAICoAuthor to off yourself Michael #4: django freeze Convert your dynamic django site to a static one with one line of code. Just run python manage.py generate_static_site :) Features Generate the static version of your Django site, optionally compressed .zip file Generate/download the static site using urls (only superuser and staff) Follow sitemap.xml urls Follow internal links founded in each page Follow redirects Report invalid/broken urls Selectively include/exclude media and static files Custom base url (very useful if the static site will run in a specific folder different by the document-root) Convert urls to relative urls (very useful if the static site will run offline or in an unknown folder different by the document-root) Prevent local directory index Extras Brian: Thinking Less, Trusting More: GenAI's Impacts on Students' Cognitive Habits Michael: Vercel breached, employee to blame Introducing the new Talk Python web player GitHub uptime (a couple of views 1, 2) Joke: Friends in tech

Xander Shepherd is the co-founder of Artet, a brand that is changing the way we gather, toast, and experience cocktail culture. Rooted in tradition with a modern twist, Artet was founded by two brothers, and their cousin who wanted to create an alcohol-free alternative that blends sophisticated mixology with nuanced botanical flavors.  With its amaro-inspired aperitif and a selection of elevated canned spritzes, Artet offers a hemp-derived Delta-9 THC-infused experience that is both refined and approachable—perfect for those seeking an NA option to savor at the table amongst family and friends.  In This Conversation We Discuss: [00:00] Intro [02:17] Finding Ecommerce ideas in daily life  [05:48] Experimenting in small, safe spaces [10:29] Sponsor: Migrate [12:27] Reshaping customer perspectives [18:22] Callouts [18:32] Navigating customer purchase friction [21:11] Presenting your product as opportunity [25:05] Sponsor: Intelligems [27:05] Navigating state-by-state THC rules [31:50] Protecting customers with age checks [36:22] Sponsor: Electric Eye [37:31] Setting high standards for the industry [47:10] Connecting customers to buying paths  Resources: Subscribe to Honest Ecommerce on Youtube The original THC aperitif artet.com/ Follow Xander Shepherd linkedin.com/in/xandershepherd/ Migrate and grow more klaviyo.com/honest    Book a demo today at intelligems.io/ Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

The cloud is convenient until it isn't. You upload your photos, sync your contacts, click through the cookie banners. Then prices go up again or you read about a family that lost their entire Google account over a medical photo sent to a doctor. At some point, the question shifts from "why would I run this myself?" to "why aren't I?" My guest this week is Alex Kretzschmar, head of DevRel at Tailscale, longtime host of the Self-Hosted podcast, and co-founder of Linuxserver.io. We cover what self-hosting really means in 2026, the apps worth running yourself like Immich and Home Assistant, why Docker Compose ties it all together, and how Tailscale lets you reach any of it from anywhere, without opening a single port. If you've been thinking about pulling your digital life back behind your own walls, this is your roadmap. Episode sponsors Temporal Talk Python Courses Links from the show Guest Alex Kretzschmar: alex.ktz.me Bitflip podcast: bitflip.show Self-Hosted podcast (Alex's previous show): selfhosted.show Perfect Media Server: perfectmediaserver.com KTZ Systems on YouTube: youtube.com/@ktzsystems Linuxserver.io (co-founded by Alex): linuxserver.io "How Tailscale Works" blog post: tailscale.com/blog/how-tailscale-works https://tailscale.com/: tailscale.com Self-hosted apps discussed Awesome Self-Hosted (GitHub list): github.com Immich (Google Photos alternative): immich.app Home Assistant: home-assistant.io Open Home Foundation: openhomefoundation.org Plausible Analytics: plausible.io Umami Analytics: umami.is Python integration for umami: pypi.org Pi-hole: pi-hole.net AdGuard Home: adguard.com NextDNS: nextdns.io Coolify: coolify.io Docker + ufw: docs.docker.com Storage, backup & filesystem OpenZFS: openzfs.org ZFS.rent (offsite ZFS replication): zfs.rent Backblaze: backblaze.com Hetzner Storage Box: hetzner.com DigitalOcean: digitalocean.com Secrets management mentioned OpenBao (open-source Vault fork): openbao.org HashiCorp Vault: hashicorp.com Bitwarden: bitwarden.com 1Password: 1password.com Hardware mentioned Proxmox VE: proxmox.com Minisforum MS01: minisforum.com Zima Board / Zima OS: zimaspace.com Other references Cory Doctorow on "enshittification" (Cory's blog where he coined the term): pluralistic.net Linus Tech Tips' WAN Show (Linus mentioned NAS-building going mainstream): linustechtips.com Watch this episode on YouTube: youtube.com Episode #546 deep-dive: talkpython.fm/546 Episode transcripts: talkpython.fm Theme Song: Developer Rap

Scott Dancy is the founder and CEO of Azuna, a fast-growing challenger brand in at-home odor elimination. Since launching in 2019, Scott has scaled Azuna into a serious category disruptor. Prior to launching Azuna, Scott built, scaled, and sold several companies across cybersecurity, staffing, and energy - with curiosity as his fuel.  During the dot-com boom, Scott was the youngest member of the cybersecurity board, working directly with the Attorney General to navigate the rapidly changing early years of the internet. He is a graduate of the University of Rochester and resides in Buffalo, NY where Azuna is based.  In This Conversation We Discuss: [00:00] Intro [00:47] Tripling revenue by solving everyday problems  [03:00] Reinvesting profits to outlast competitions [05:25] Sponsor: Klaviyo [07:32] Learning from mistakes at every stage  [12:23] Sponsor: Intelligems [14:23] Building LTV when first orders barely profit [17:02] Grinding to millions without ever going viral [20:14] Sponsor: Electric Eye [21:22] Learning when to keep things in-house  [23:27] Calllouts [23:37] Building equity culture across your whole team  [23:05] Creating a team culture people refuse to leave  Resources: Subscribe to Honest Ecommerce on Youtube Naturally effective odor eliminators azunafresh.com/ Follow Scott Dancy linkedin.com/in/scott-dancy-189542200 Get your free demo klaviyo.com/honest Book a demo today at intelligems.io/ Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews!

The panel digs into the Cloudflare vs Vercel turf war over Next.js, breaking down what it really means that one engineer vibe coded a full framework rewrite in a week for $1,100 using Claude Code. Then things get spicy: from the Lovable data breach to an early Anthropic model escaping its sandbox, the crew debates whether the wave of AI security incidents is systemic, and what the build vs buy collapse means for developers rolling their own tools in the AI agent era. Resources One Engineer, One AI, One Week: Cloudflare Just Rebuilt Next.js: https://bytesizedbets.com/p/one-engineer-one-ai-one-week-cloudflare Cloudflare's vibe-coded Next.js replacement starts a turf war: https://cybernews.com/security/hackers-find-critical-flaws-in-cloudflares-nextjs-alternative/ How we rebuilt Next.js with AI in one week: https://blog.cloudflare.com/vinext/ JavaScript survey reveals gripes against Next.js: https://www.devclass.com/development/2026/02/10/javascript-survey-reveals-gripes-against-date-handling-webpack-and-nextjs-and-that-typescript-has-won/4090262 Claude Code's source code appears to have leaked — here's what we know: https://venturebeat.com/technology/claude-codes-source-code-appears-to-have-leaked-heres-what-we-know Anthropic accidentally exposes Claude Code source code: https://www.theregister.com/2026/03/31/anthropic_claude_code_source_code/ Claude Mythos Preview (Anthropic Red Team blog): https://red.anthropic.com/2026/mythos-preview/ Claude Mythos Preview — BBC coverage: https://www.bbc.com/news/articles/crk1py1jgzko We want to hear from you! How did you find us? Did you see us on Twitter? In a newsletter? Or maybe we were recommended by a friend? Fill out our listener survey! https://t.co/oKVAEXipxu Let us know by sending an email to our producer, Elizabeth, at elizabeth.becz@logrocket.com, or tweet at us at PodRocketPod. Check out our newsletter! https://blog.logrocket.com/the-replay-newsletter/ Follow us. Get free stickers. Follow us on Apple Podcasts, fill out this form, and we'll send you free PodRocket stickers! What does LogRocket do? LogRocket provides AI-first session replay and analytics that surfaces the UX and technical issues impacting user experiences. Start understanding where your users are struggling by trying it for free at LogRocket.com. Try LogRocket for free today. Chapters 00:00 Introduction & Panelist Welcome 02:00 Cloudflare Rewrote Next.js for $1,100 — Does It Matter? 06:30 Vercel Lock-In, Open Next & the Adapter Debate 09:00 AI Security Incidents — Lovable, Anthropic Source Code Leak & More 12:30 Is the Security Crisis Systemic or a People Problem? 16:00 Rolling Your Own Stack With AI Is a Terrible Idea 18:30 Mythos, Zero-Day Bugs & Anthropic's Security Credibility 22:00 Is Anthropic's "Safety First" Framing Just Marketing? 26:00 Fleet Management, Agent Burnout & Brain Fry 28:30 Hot Take — Noel: Software Is Getting Worse and AI Is to Blame 32:30 Hot Take — Paul: The Second Internet & Claude Code's Future 36:30 Hot Take — Jack: The Highlander Reboot Is Going to Slap 37:30 Hot Take — Paige: Think Before You Grant OAuth Permissions 40:00 Wrapping UpSpecial Guest: Jack Herrington.

Favour Obasi-ike, MBA, MS breaks down the relationship between SEO and PPC advertising. He explains that while PPC provides short-term visibility and acts as a catalyst for brand awareness, SEO builds the long-term foundation that makes ads more cost-effective. Favour emphasizes that these two strategies should not be siloed; instead, they must work together. By ranking organically for specific keywords, businesses can lower their ad spend for those same keywords. The conversation also touches on the importance of content pillars, Google Search Console, and the value of organizing your digital assets to prevent overwhelm.Who is this for?Business owners, digital marketers, and entrepreneurs looking to understand the differences and synergies between Search Engine Optimization (SEO) and Pay-Per-Click (PPC) advertising. It's highly valuable for anyone wanting to build a sustainable, long-term marketing strategy while leveraging short-term wins through paid ads.Key Moments & Timestamps01:42 — The Core Difference: Understanding SEO (Search Engine Optimization) vs. SEM/PPC (Search Engine Marketing).03:34 — Short-Term vs. Long-Term: Why PPC is for short-term wins and SEO is for long-term sustainability.06:00 — The Synergy: How ranking organically for a keyword lowers the cost of bidding on that same keyword in ads.11:10 — Cross-Platform Strategy: Connecting your website to Google Search Console and Pinterest to build domain authority.32:47 — Tracking Success: Using Google Alerts and Search Console to track brand mentions and backlinks.107:41 — Final Takeaway: Organize your content pillars and don't feel overwhelmed by the technical aspects of SEO.FAQsQ: Should I focus on SEO or PPC first?A: You should focus on SEO first to build a strong foundation. PPC is a catalyst that drives immediate traffic, but if your website isn't optimized organically, you will end up paying higher costs per click over time.Q: How long does it take for ads to mature?A: Depending on the platform, it typically takes 7 to 28 days for an ad campaign to exit the learning phase and mature based on the target audience.Q: How do SEO and ads work together?A: When you rank organically for a specific keyword (e.g., "real estate planning") on your website, Google recognizes your authority. When you run ads for that same keyword, your cost per click is often lower because the destination link is highly relevant and authoritative.Action StepsBuild Your Foundation: Ensure your website is connected to Google Search Console so search engines can index your pages.Align Your Keywords: Use the same keywords in your organic content (URLs, titles) that you plan to bid on in your PPC campaigns.Set Up Alerts: Use Google Alerts to track when your brand or business is mentioned online to monitor your growing authority.Organize Content Pillars: Structure your website content into clear pillars and clusters to make it easier for both users and search engines to navigate.Book a Consultation: Reach out to Favour at info@playinc.online or favour@playinc.online to hire his SEO agency and streamline your digital marketing strategy.Ready to Rank? Book Your SEO & Web Dev Services Today

Topics covered in this episode: Django Modern Rest Already playing with Python 3.15 Cutting Python Web App Memory Over 31% tryke - A Rust-based Ptyhon test runner with a Jest-style API Extras Joke Watch on YouTube About the show Sponsored by us! Support our work through: Our courses at Talk Python Training The Complete pytest Course Patreon Supporters Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Michael #1: Django Modern Rest Modern REST framework for Django with types and async support Supports Pydantic, Attrs, and msgspec Has ai coding support with llms.txt See an example at the “showcase” section Brian #2: Already playing with Python 3.15 3.15.0a8, 2.14.4 and 3.13.13 are out Hugo von Kemenade beta comes in May, CRs in Sept, and Final planned for October But still, there's awesome stuff here already, here's what I'm looking forward to: PEP 810: Explicit lazy imports PEP 814: frozendict built-in type PEP 798: Unpacking in comprehensions with * and ** PEP 686: Python now uses UTF-8 as the default encoding Michael #3: Cutting Python Web App Memory Over 31% I cut 3.2 GB of memory usage from our Python web apps using five techniques: async workers import isolation the Raw+DC database pattern local imports for heavy libraries disk-based caching See the full article for details. Brian #4: tryke - A Rust-based Ptyhon test runner with a Jest-style API Justin Chapman Watch mode, Native async support, Fast test discovery, In-source testing, Support for doctests, Client/server mode for fast editor integrations, Pretty, per-assertion diagnostics, Filtering and marks, Changed mode (like pytest-picked), Concurrent tests, Soft assertions, JSON, JUnit, Dot, and LLM reporters Honestly haven't tried it yet, but you know, I'm kinda a fan of thinking outside the box with testing strategies so I welcome new ideas. Extras Brian: Why are't we uv yet? Interesting take on the “agents prefer pip” Problem with analysis. Many projects are libraries and don't publish uv.lock file Even with uv, it still often seen as a developer preference for non-libarries. You can sitll use uv with requirements.txt PyCon US 2026 talks schedule is up Interesting that there's an AI track now. I won't be attending, but I might have a bot watch the videos and summarize for me. :) What has technology done to us? Justin Jackson Lean TDD new cover Also, 0.6.1 is so ready for me to start f-ing reading the audio book and get on with this shipping the actual f-ing book and yes I realize I seem like I'm old because I use “f-ing” while typing. Michael: Python 3.14.4 is out Beanie 2.1 release Joke: HumanDB - Blazingly slow. Emotionally consistent.

Cleo is the Co-Founder of Barrière and also serves as the brand's CEO and brand-lead. Before starting Barrière with her Co-Founder, Alexa Adams, in 2020, Cleo had over a decade of experience in corporate fashion and styling.  She was inspired to leave the corporate world and start Barrière to offer a chic, yet medically-effective masking option to customers during the global pandemic. This led her and Alexa to expanding the brand into transdermal supplement patches, as inspired by her own issues with nutritional deficiencies.  Before starting Barrière, Cleo's most recent professional roles included Brand Manager at Moda Operandi and Director of Special Projects at Saks Fifth Avenue, where she led brand, marketing, and e-commerce strategy for these top fashion destinations.  In This Conversation We Discuss: [00:00] Intro [02:19] Finding inspiration from personal pain points [05:04] Sponsor: Klaviyo [07:03] Setting your own standards when regulations fall short [10:26] Avoiding the one-size-fits-all trap in product design [12:16] Sponsor: Intelligems [14:15] Seeding products to spark word-of-mouth online [16:18] Choosing product confidence over paid promotion [18:35] Measuring the long-term return on free samples [20:07] Sponsor: Electric Eye [21:16] Thinking creatively when marketing funds run dry  [22:48] Callouts [22:58] Owning customer relationships through websites  Resources: Subscribe to Honest Ecommerce on Youtube Wear your vitamins mybarriere.com/ Follow Cleo Davis-Urman linkedin.com/in/cleo-davis-urman-91928322/ Get your free demo klaviyo.com/honest Book a demo today at intelligems.io/ Schedule an intro call with one of our experts electriceye.io/connect If you're enjoying the show, we'd love it if you left Honest Ecommerce a review on Apple Podcasts. It makes a huge impact on the success of the podcast, and we love reading every one of your reviews.

Favour Obasi-ike, MBA, MS and guest speakers (including Celese Williams and Rocki) discuss the problem-to-solution framework of converting traffic into revenue. Favour explains that traffic must first be intentionally created by planting "seeds" (content) across the web and nurturing them over time.He shares a real-life example of a client who returned after three years because of consistent, long-term marketing efforts. The conversation also highlights the importance of creating "easy buttons" to reduce friction in the buying process and the resurgence of community-based marketing (like Skool and Patreon) as a reliable revenue driver.Who is this for?Business owners, digital marketers, and entrepreneurs looking to turn their website visitors into paying customers. It's highly valuable for anyone wanting to understand the mechanics of traffic generation, the importance of planting "content seeds" for long-term SEO, and how to optimize the customer journey for higher conversions.Key Moments & Timestamps01:43 — The Traffic Prerequisite: Why you must intentionally create traffic before you can convert it.03:26 — Quality over Quantity: The "sandcastle" analogy for building valuable, structured traffic.05:50 — Planting Seeds: Why articles and SEO content are like seeds that can yield recurring traffic for years.08:23 — Building Authority: How consistent messaging turns you into the go-to solution when a customer is finally ready to buy.11:08 — Real-Life Case Study: A client who paid an invoice and returned for a 12-week marketing sprint after three years of nurturing.14:26 — The Power of CTAs: How well-designed calls-to-action can increase conversions by 38% to over 160%.16:10 — Guest Insight (Celeste): Why consumers want the easiest path to purchase and how to create "easy buttons" in your business.17:46 — Guest Insight (Rocky): The resurgence of community-based marketing (Skool, Patreon, Facebook groups) and the growing, yet controversial, impact of AI-generated ads.FAQsQ: How do I create traffic in the first place?A: Traffic is created by consistently publishing valuable content (seeds) on your website and distributing those links across platforms like Pinterest, Reddit, LinkedIn, and YouTube to build an interconnected web of authority.Q: How long does it take for SEO content to generate revenue?A: SEO is a long-term strategy. You should give your content pillars at least 24 months to build capacity. However, the content you publish today can continue to drive traffic and revenue for years to come.Q: What is the easiest way to increase conversions on my website?A: Reduce friction. Create "easy buttons" by minimizing the number of steps, forms, or questions a customer has to navigate before making a purchase or booking a service.Action StepsPlant Your Seeds: Commit to a 24-month content strategy where you consistently publish and update articles on your website.Distribute Your Links: Share your website links across multiple platforms (Pinterest, LinkedIn, YouTube) to create an interconnected web of traffic sources.Audit Your CTAs: Review your website's calls-to-action. Ensure they are clear, compelling, and strategically placed to maximize click-through rates.Create "Easy Buttons": Simplify your booking or checkout process. Remove unnecessary questions or steps that might cause a potential customer to abandon the process.Build a Community: Consider launching a community group (via Skool, Patreon, or Facebook) to nurture your audience and build long-term trust.Ready to Rank? Book Your SEO & Web Dev Services Today

Favour Obasi-ike, MBA, MS and guest speakers (including Celeste and Jason) discuss the mechanics of getting discovered on Pinterest. Favour explains that Pinterest is a visual search engine powered by an algorithm called "Pixie," which prioritizes relevance, uniqueness, and content quality. He shares actionable strategies for connecting your website's RSS feed to automatically generate pins, using colors (hex codes) to influence search results, and expanding keyword lists using broad, exact, and phrase match types.The conversation highlights Pinterest's long lifespan for content, noting that pins from years ago can still drive significant traffic today.Who is this for?Business owners, digital marketers, and content creators looking to leverage Pinterest as a visual search engine. It's highly valuable for anyone wanting to understand Pinterest's algorithm (Pixie), how to optimize pins for discoverability, and how to use Pinterest to drive long-term, recurring traffic to their website.SummaryFavour Obasi-ike and guest speakers (including Celese Williams and Jason) discuss the mechanics of getting discovered on Pinterest. Favour explains that Pinterest is a visual search engine powered by an algorithm called "Pixie," which prioritizes relevance, uniqueness, and content quality. He shares actionable strategies for connecting your website's RSS feed to automatically generate pins, using colors (hex codes) to influence search results, and expanding keyword lists using broad, exact, and phrase match types. The conversation highlights Pinterest's long lifespan for content, noting that pins from years ago can still drive significant traffic today.Key Moments & Timestamps01:20 — Meet Pixie: Introduction to Pinterest's algorithm and the key elements of discoverability.02:50 — Automation Hack: How to connect your website's RSS feed to a Pinterest Business account to auto-generate pins.04:45 — The Four Elements of Discoverability: Relevance, uniqueness, content quality, and engagement.06:06 — The Power of Color: How hex codes and background colors (e.g., purple) influence what ads and related pins show up next to your content.08:01 — The Psychology of "Saves": Why the number of saves is the strongest indicator of value on Pinterest.10:08 — Keyword Expansion Strategy: How to turn 25 broad keywords into 75+ keywords using quotation marks and brackets.15:38 — Content Syndication: Connecting Instagram to Pinterest to create multiple traffic pathways for a single piece of content.18:27 — Guest Insight (Celeste): Why Pinterest is an underutilized goldmine for product-based businesses and artists.19:22 — The Lifespan of a Pin: Why Pinterest content lives forever and how updating old articles can trigger a resurgence in traffic.FAQsQ: What is Pinterest's algorithm called and what does it look for?A: Pinterest's algorithm is called "Pixie." It looks for relevance (keywords, titles, descriptions), uniqueness (trends, colors), and content quality (image dimensions, mobile optimization).Q: How can I automatically create pins from my website?A: Create a free Pinterest Business account, go to your settings, and connect your website's RSS feed. When you publish an article with images, Pinterest will automatically pull those images and create pins linking back to your site.Q: How do I find the right keywords for Pinterest?A: Start with broad keywords related to your niche. Then, expand your list by adding quotation marks (phrase match) and brackets (exact match) to those same keywords. You can also use trends.pinterest.com to see what's currently popular.Action StepsSwitch to a Business Account: If you haven't already, convert your Pinterest profile to a free Business account to access analytics and website integration.Connect Your RSS Feed: Link your website to Pinterest so your blog images automatically generate pins.Optimize for Color: Be intentional about the colors and hex codes in your images, as Pinterest's visual search groups similar colors together.Expand Your Keywords: Take a list of 25 broad keywords and create variations using quotation marks and brackets to capture different search intents.Update Old Content: Refresh old articles on your website to trigger a resurgence of traffic from existing pins on Pinterest.Ready to Rank? Book Your SEO & Web Dev Services Today

The OWASP Top 10 just got a fresh update, and there are some big changes: supply chain attacks, exceptional condition handling, and more. Tanya Janca is back on Talk Python to walk us through every single one of them. And we're not just talking theory, we're going to turn Claude Code loose on a real open source project and see what it finds. Let's do it. Episode sponsors Temporal Talk Python Courses Links from the show DevSec Station Podcast: www.devsecstation.com SheHacksPurple Newsletter: newsletter.shehackspurple.ca owasp.org: owasp.org owasp.org/Top10/2025: owasp.org from here: github.com Kinto: github.com A01:2025 - Broken Access Control: owasp.org A02:2025 - SecuA02 Security Misconfiguration: owasp.org ASP.NET: ASP.NET A03:2025 - Software Supply Chain Failures: owasp.org A04:2025 - Cryptographic Failures: owasp.org A05:2025 - Injection: owasp.org A06:2025 - Insecure Design: owasp.org A07:2025 - Authentication Failures: owasp.org A08:2025 - Software or Data Integrity Failures: owasp.org A09:2025 - Security Logging and Alerting Failures: owasp.org A10 Mishandling of Exceptional Conditions: owasp.org https://github.com/KeygraphHQ/shannon: github.com anthropic.com/news/mozilla-firefox-security: www.anthropic.com generalpurpose.com/the-distillation/claude-mythos-what-it-means-for-your-business: www.generalpurpose.com Python Example Concepts: blobs.talkpython.fm Watch this episode on YouTube: youtube.com Episode #545 deep-dive: talkpython.fm/545 Episode transcripts: talkpython.fm Theme Song: Developer Rap

When you pip install a package with compiled code, the wheel you get is built for CPU features from 2009. Want newer optimizations like AVX2? Your installer has no way to ask for them. GPU support? You're on your own configuring special index URLs. The result is fat binaries, nearly gigabyte-sized wheels, and install pages that read like puzzle books. A coalition from NVIDIA, Astral, and QuanSight has been working on Wheel Next: A set of PEPs that let packages declare what hardware they need and let installers like uv pick the right build automatically. Just uv pip install torch and it works. I sit down with Jonathan Dekhtiar from NVIDIA, Ralf Gommers from Quansight and the NumPy and SciPy teams, and Charlie Marsh, founder of Astral and creator of uv, to dig into all of it. Episode sponsors Sentry Error Monitoring, Code talkpython26 Temporal Talk Python Courses Links from the show Guests Charlie Marsh: github.com Ralf Gommers: github.com Jonathan Dekhtiar: github.com CPU dispatcher: numpy.org build options: numpy.org Red Hat RHEL: www.redhat.com Red Hat RHEL AI: www.redhat.com RedHats presentation: wheelnext.dev CUDA release: developer.nvidia.com requires a PEP: discuss.python.org WheelNext: wheelnext.dev Github repo: github.com PEP 817: peps.python.org PEP 825: discuss.python.org uv: docs.astral.sh A variant-enabled build of uv: astral.sh pyx: astral.sh pypackaging-native: pypackaging-native.github.io PEP 784: peps.python.org Watch this episode on YouTube: youtube.com Episode #544 deep-dive: talkpython.fm/544 Episode transcripts: talkpython.fm Theme Song: Developer Rap