and a .exe

how do you expect people to contribute

or review

anything

yes and what about isn't this is how to upload ur exe files??

Wait is there like comments option for that?

you need to usually expose your source code in an open source project

especially if you want people to participate, collaborate, review

here the image that you are giving back is that it's just a scam/hack attempt

Its gonna cool if u send me a video how to explain that or doing that am kinda new intro GitHub

Github is typically used to store and share the source code of your project

You don't typically check in the executable binaries

I still dont get it

There is a feature for sharing binaries on Github as well, but you don't generally check them in

May you send me a tutorial?

For that

The issue Clem is referring to is that downloading and running an executable on your computer if you don't know exactly what it does or where it came from can be very dangerous

So people typically will not be willing to just run the exe file you yourself built

But if you provide the source code for your tool, they may be willing to build and run it themselves

You may start with the basics of git: https://git-scm.com/docs/gittutorial

Ah i see but may you send me a video for that??

Don't hesitate to ask questions on the way if needed

A video for how running an exe can be dangerous?

no? For how to turn off that issue

it's not something you can turn off @wet barn

The issue is just that you didn't put the code for your tool in your github repository

Before building that .exe, you had some source code right?

Am not but my program is totally safe and ya i understand It Some of antivirus gonna tell u that is unkown App But it still tho

Mhm

Would you trust a random stranger online?

Also just in case i used Auto py to exe to convert it

The problem is that your word is not good enough. People have to be able to confirm for themselves that your tool is safe.

No :<

and you're right to think so 😄

But if you upload your code, people can do that.

So how i can fix that?

https://media.tenor.com/xRF_8aickxwAAAAM/silly-cat-silly-car.gif

Put your source code in your github repository.

May u show me a screenshot?

like how to do it

The git basics will tell you how to do that

https://docs.github.com/en/get-started/start-your-journey/about-github-and-git <- Github has comprehensive documentation available for what both Git and Github is, and how to use it.

also one more thing is that gonna only shows my source code to anyone or anyone can edit it and use it?

My tool isn't open source project tho

Anyone can see it and use it. They won't be able to change your repository, but they can clone it and fork it.

That's fine, but I think it's very unlikely people will agree to use it in that case.

:<

Because of above mentioned safety concerns.

Fine i will work on that soon as possible

But is that enough gonna make prove that is my tool is safe?

Yes

Ok anyway is there like a comments or reviews??

Because if your tool is doing something malicious, it will be visible in the code.

Ya i get it

There is an issue tracking system built into Github that people can use to report bugs for example.

It makes sense why the antivirus sometimes tells me there is smh wrong on my app

Antivirus will typically report any exe downloaded from the internet with a signature it doesn't recognize.

Because there's no way to verify that it's not harmful.

i didn't really know how to verify it in frist place

Ok so is that for GitHub or my exe tool Converter that i used it?

Like for example i used Auto py to exe

To convert the source code intro exe file

I'm not sure what you're asking.

@dire quartz its enough to add the source code of the tool to let the users know this is safe?

It makes you seem a lot more trustworthy at least

Since people aren't forced to run an executable you built (which could contain anything)

And since they can inspect your code for malicious elements

hm...

Asking someone to run an executable is like asking them to sign a contract without letting them read what the contract is about

So what i can do?

:|

You put your source code in your github repository

Didn't u say this isn't enough?

I said it will increase your trustworthiness significantly

@dire quartz after i uploaded source code is there anything else to do?

To get people to use your tool?

wise

@dire quartz done!

Now Anyone can use it for now!

https://media.tenor.com/txmXtZgMQ-IAAAAM/dance-anime.gif

Ever need to view multiple log files at once, in a unified time order? I just released version 0.11 of logmerger, an in-the-terminal GUI with mouse and vertical and horizontal scrolling support to view multiple log files merged into a single vertical timeline. Previous versions handle text, CSV, .gz-compressed, log files, plus PCAP packet capture files (example files are included to demonstrate merging a packet capture with contemporaneous client and server logs).

Since it runs in the terminal (using the incredible textual Python library), logmerger can be run over an SSH session in a terminal window.

This new release includes support for JSONL files, where each log line is a separate JSON object string. Plus some performance speedups and support for Python 3.14. Repo with sample log files: https://github.com/ptmcg/logmerger

<@&831776746206265384> multi channel spam #web-development message

Also check history of his msgs. It is already multi days spam

!rule 9

Can you stop trying to recruit people? It's against server rules

It is not paid work. Also, posting something less than once a week is considered spam?

I have a running Docker container, which I know the ID of. it features a python interpreter and it has a volume mounted to my code base folder. I also bind port 8000 to 8000 (though no server inside the docker is using that port)

I would like to use that running container as a python interpreter from pycharm on the host machine. any idea how I could do that? I see I can configure a docker with tcp server information, but ofc if I set localhost:8000 it states server failed to respond (since no server is running in the docker itself)

Any reason you can't use https://www.jetbrains.com/help/pycharm/using-docker-as-a-remote-interpreter.html?

because I want to use an existing container, not a container created by pycharm from an image

You mean like you have a toolbox container you want to develop inside of?

Quack coder here, what is the latest release of Python, Jupyter notebook, Anaconda, MySQL SQLITE? 🪐

3.13.2, 7.33, 2024.10-1, 9.2.0, 3.49.1, respectively

(most people don't run the latest MySQL)

Water The latest stable releases? The latest Python release with pandas is 3.9 no??

Those are the latest stable releases

Pandas supports 3.9 and higher

If there is no server running within the container is that a networking issue?

yes exactly !

basically having the env inside the container (but I'm okay to have it globally if it's easier)

I know vscode can do this

If u will be ever wishing using vs code for it, I can give the recipe

In fact my colleagues ask me to write tutorial for visual debugger usage in vscode for
Python.. I should do it

I should look into vscode I guess

no way to do it with pycharm? I have pycharm pro

I stress that the container will be started completely independently of the IDE

no idea. I know that pycharm has containers features, but i never went to it since... i did not like how heavy it is

I stress that the container will be started completely independently of the IDE
i can aslo stress that vscode can do that, connecting to independently started container and providing full features, intellisense, library navigations, visual debugger from inside such container

neat

in vscode it works like...

I guess it's time for me to switch IDE

in vscode u install dev containers (but don't use dev containers themselves from official tutorial,they are crap)
u get the menu of Docker at the left then accessable and can just pick runnable container and "Attach vscode" to it

even automatable as a script this action if desired

U get opened after that second window of vscode, from within container

u install Python / Pytest explorer extension (automatable somehow but i was lazy to automate yet), and do "Ctrl+Shift+P -> Reload window" if necessary if smth glitched

everything works from that correctly assuming your docker global python is the correct default anyway (if no, then in bottom-right pick another python)

from there vscode should works as regular, u can use Visual debugger to run app, u can use visual debugger for pytest/unittest tests

Or actually may be u need installing only Docker Extension i think (dev containers may be not needed)

i could check it i guess

since going to write tutorial, going to check then

checked. Dev Containers are obligatory, necessary button is not active otherwise

i will try to write more detailed tutorial soon how to use python in vscode, my colleague wishes to switch for python from pycharm to vscode too 😏

I will try to do it too (tomorrow likely) and see if I struggle somewhere

you threw a lot of key steps so I guess I could be able to figure it out, without requiring you to spend time on a full tutorial 😄 haha

(not that it cannt be useful for others, ofc)

(or maybe for me, if eventually I cannt do it)

thx for the details anyway ! tomorrow I'll check

well, focus of my tutorial will be mainly => How to use Visual debugger for python in vscode
Without docker, for app, for unit tests, and with docker. 😏

very simple tbh article, as just a bunch of config files and which buttons to press

my colleague in company showed some horrors like using pdb debugger as main one 🤦‍♂️

wishing... for people to use IDEs to their full capacity

in our company most environments do not get launched without docker in any easy way, so understandable necessity and potentially a reason why someone used pdb

here I need docker because some stuffs are compiled C++, and my macos is just too broken to compile it reliably ; so I use docker as the main dev environment ; but since then I was kind of unable to debug the python code base 😄 would help to get a debugger back

@rapid sparrow thx for the explanations, it seems to work relatively fluently. I now must learn how to use the debugger of vscode I guess, because that one seems quite less intuitive as in pycharm (aka my break points do not stop)

aaaaah ok, it is because I have no plugin (or something like that) to run a unit test file and make it pass through unit tests 😄 gonna check that

okay, found my way ! it works like a charm code
lol, get it? (py)charm -> (vs)code

....

aaaaaaanyway

holy crap ; I remember why I didnt want to use vscode

is there a way to use Pyright as linter, instead of Pylance ? the later keeps yelling at me for using this type as a type annotation in a dataclass:

Foo = NewType('Foo', Literal['auto', 'yes', 'no'])

@dataclass
class Bar:
  foo: Foo # Variable not allowed in type expressionPylance

only happens if the new type extends Literal ; for other new types I have no issue

You might want to ask in #type-hinting

https://typing.python.org/en/latest/spec/aliases.html#newtype

NewType accepts exactly two arguments: a name for the new unique type, and a base class. The latter should be a proper class (i.e., not a type construct like Union, etc.), or another unique type created by calling NewType.

I don't know why this restriction exists

aaaaaaaah, I totally overlooked it

thank you !

I guess I will just remove the NewType here

what I find wierd is that I dont have this warning if I use a Union, only if I introduce a Literal . but good note for the proper usage of NewType though

I'm guessing this is an OK channel to ask about PyCharm. I've never really used it before, and now I chose to "Create a Script" when I started it up, and the project contains a script.py file and a .venv folder. I'm much more used to using VSCode, where I have to explicitly create and activate my venv. How does the venv work in PyCharm? Is is already activated seeing as it's automatically created?

When creating a new project, PyCharm expects to create a new venv or be pointed to an existing one. By default it will create one and use it for that project. You can see which one is active in the bottom right, in your status bar.
And #editors-ides might be a little more on topic.

Thanks

hi everyone!
can anyone help me configuring grafana on an application i'm working on?

👀

ask your questions with more precision regarding what is the problem u have

i am dealing often with grafana
and recently writing infrastructure as a code configuration add it to my homelab too

so i could be sharing my iac code for autoconfiguration if desired in a single tofu apply command

For homelab i do the simple approach of doing things through Terraform to setup Docker Containers at my Hetzner server

I recently banged my head against the fact that the Grafana running inside Percona Management and Monitoring has its API turned off, ugh. Couldn't automate its configuration.

Created a CLI-tool for OS automation. Not sure if anyone has already done it. It's a prototype. Here is the code and way to run it on your device.
https://github.com/Protyasha-Roy/ion

Give it a star :_)

https://darklab8.github.io/blog/article_visual_debugger_in_vscode.html

💪 i did it

i wrote the article of how to configure vscode debugger for python for all popular web backend projects and using it with docker

Now i can share it to my colleague that wished migrating from pycharm too 🤣

Somewhat tempting sharing with other colleagues, one of them presented using PDB cli debugger as a main one recently -_- Not sure if i will offend him or not with doing that though, hopefully not.

Nicely done

gonna compare with what I eventually did, to see if I omitted some details

looks like it is correct

For anyone that might be interested, I wrote a blog post about using copier to bootstrap Python projects: https://blog.dusktreader.dev/2025/04/06/bootstrapping-python-projects-with-copier/

I released a few weeks ago the second stable version of psp (Python Scaffolding Projects) to start a new Python project in seconds. Visit the repo: https://github.com/MatteoGuadrini/psp and the docs: https://psp.readthedocs.io/en/latest/ to learn more about it.
This is a demo: https://asciinema.org/a/707474

has anyone got a key authenticator and generator?

For?

i have a python script i just want an offline basic product key auth and a seperate script that generates them

for 2fa?

I created a tree visualization logger to analyze AI-generated Python code more efficiently.
It enables accurate understanding of how functions work, even in entirely unfamiliar codebases.

https://github.com/EasyDevv/pyhunt

<@&831776746206265384> 5 times the msg is spammed

zero other msgs, pure spam user

Sorry, that wasn't my intention — I'm not very familiar with Discord.

Sorry, that wasn't my intention — I'm not very familiar with Discord.

!rule 6

spam like thiat requires writing to @balmy mulch and receiving approval before doing the spam

in general good rule to be not writing it in more than single channel at once
and not writing msgs like that more often than 1 per month.
If it is written in multi channels at the same time => it is viewed super negatively.

Alright, sorry for the inconvenience.

Interactive pytest execution tool

hello guys !
I am not really sure if this is the right channel for this topic so you tell me.

there is something i never really could have tell. for example, i currently have a low cost vps, and I would like to have the basic set of knowledge to tell from the ressources of the VPS, how many containers can I put, which projects can be handled, etc...

I need to at least have some concepts be named to me so I know what to look for <3

Sure, your main limiting factor is going to be the amount of memory (RAM). The top utility is one of many ways to see which things are using how much memory.

You have to look at what each thing needs
You can have one tiny container with the extra small version of Python that runs a single file
Or you can have an absolutely gigantic container that comes with 30 GB of GPU dependencies

Alright, now let's say I want to host a discord bot, a website, a blog, and few more little projects on my vps. Of course I'd use containers so when i shut down one service the other still run, so i can do updates/fixes without stopping the whole server. But I have no idea if my server could handle all these projects. I know the spects but they're just numbers.

I do not know how much each project takes in terms of ressources, and i don't have any clue how to calculate it. Maybe through performance tests to see how much ressources each project peaks at?

i use htop as first one to go tool that i have available right away.

but then i configured more advanced stuff (i have at this point already serious homelab)

with infra code (public code if needed) i configured grafana stack 😏 that with cadvisor metrics (exported via alloy docker prometheus exporter i have full visualization into how my containers run, plus logging, plus other stuff)

Basically run them one at a time and see how much more memory the system is using. Kinda like how they figure out the load limit on bridges.. they drive bigger and bigger trucks over it until it collapses 🙂

proper monitoring gives u benefits like auto parsed json logs with visibility of logging levels and easy quering of specific ones

hmmm okay. I was wondering if there are some concepts for ressource calculation, or complexity, because it feels like i'm missing something. I'm not looking for tools but for concepts, just like "DRY Code" or anything else you see?

or maybe methods of calculating the ressources required by a function, a program, a project, etc...

i have some stuff like that, but clarify what u mean as resource calculations?

this

ah, u mean active RAM and CPU usage? as well as spiked usage of it

ya ya

that would be amazing

OK, so the most fundamental tool to learn here is called ps

being able to tell: oh well this VPS won't be enough to handle these services, but this one seems just fine

that's called profiling. Memory and CPU profiling to be more precise. The best one is done with Flamegraphs
As u can see precisely each function taking current usage of memory, or total one accumulated
same for CPU usage

Here's, for example, a ps command to get the memory usage for a specific running process:
ps -p YOUR_PID -o %mem,vsz,rss

in python things are a bit more limited https://docs.python.org/3/library/profile.html
It offers as std only CLU profiler, making it exported to flamegraph is some sort of effort i never tried yet (i did only in other languages)
I know u shoudl be able to get same in python with some efffort

(Which is percentage of total memory used, virtual memory allocated, and actually-resident memory size, respectively)

Besides that Per function/code place stuff is possible to view with more wide scope, that will be then Tracing
Tracing is more precisely controlled what u wished to cover with it, and serves usually as "first tool" to signal about problems
profiling is used later when u know for sure problem is present

awesome !

thanks for these ressources !

u can configure tracing with Grafana / Tempo + Open telemetry stuff

also, do you have some methods to predict the profiling BEFORE testing?

Logging like that u can configure with Grafana + Loki + some lib for json logging

Before testing? only theoretical knowledge that araised from... learning Discipline Data structures and Algorithms

I guess these tools will monitor an already running program. Isn't there a way to approximate how much my program will consume? Like I know that a discord bot will take less ressources that a full ultra HD 250fps video game, but that's jsut by experience. I nver "calculated" it XD

we learn all in uni this discipline to predict how much stuff will be consuming before it will be running
Basic knowledge of data structures, algorithms complexity

There's a whole set of approaches collectively known as "static analysis" but they can't be perfect, and usually it's just easier to run the code and torture-test it.

alright so just f around and find out i guess

that's great

That's pure theoretical though, real numbers u discover only at runtime 😄 and real debugging of what consumes the memory is possible only with memory profilers
Some languages in their IDE exactly highlight how much exact data struct and its attribute takes size in memory, that kind of helps for easier calculations what is exactly the problem a bit

thank you guys for you support, I see things VERY clearly now i'm actually very satisfied by your answers <3

Static analysis gets hard fast though, which is why we don't use it for everything everywhere https://dl.acm.org/doi/10.1145/3631882.3631885
https://ieeexplore.ieee.org/document/8669417

Some applications of it are popular and useful though: https://codeql.github.com/

https://github.com/brendangregg/FlameGraph if u will ever figure out how to run this amazing brendangregg stuff for python
U will get those beautiful flamegraphs for python too

may be some lib exists that already does that for you though

Flamegraphs Really help debugging memory/cpu problems

because make the navigation intuitive

Dask has a rad performance report built in if you use that

Dask is so good.

yeah, I will look at all these tools now that I know what i'm looking for

I only see flamegraphs when I use py-spy

I just wanted to know if I have to dig into predicting, or torture testing. Now I know that I will dig into tools for profiling and monitoring, and performance testing

it's so exciting

Specifically if you end up running things as Docker containers, knowing about the docker stats command is useful; will show you the footprint of everything running.

https://github.com/benfred/py-spy
Oh nice, someone did make simple flamegraph builder for python

i knew about that one and lost again, i should really try and put for me examples of usage somewhere

too much useful to miss

Damn. Thing like that deserves an article to highlight how to use it easily, i love writing about tools that simplify dev life
✍️ article to write to note

it'd be cool to have a dashboard of system level ressources (i.e what each program, including the kernel etc... is using0, and another of program level ressources (what each function etc... is using in that program/script)

nevermind i found the answer

yeah, personal blog over there https://darklab8.github.io/blog/articles.html

I've used this before, very good https://cilium.io/

Anything based on eBPF has the potential to be super powerful and useful, if done right.

This can figure out the dependencies between your systems and draw them for you etc

that's so inspiring !

This is supposedly also good but I've not yet tried it in anger https://falco.org/

https://github.com/ncabatoff/process-exporter
Should be doable with prometheus exporter for /proc
https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.exporter.process/
I would have connected it with Alloy into my Prometheus feeding Grafana GUI, it is multitool to export whatever desired metrics.
Then we google "Grafana Process Exporter Dashboards", to import already existing community dashboards

https://grafana.com/api/dashboards/13882/images/11637/image
https://devconnected.com/monitoring-linux-processes-using-prometheus-and-grafana/
And we get stuff like that, whatever we find

i prefer just use Cadvisor though dashboard for data per container

docker/cadvisor prometheus exporter in same Alloy

i run everything as containers, so not seeing big point to monitor processes
https://grafana.com/docs/alloy/latest/reference/components/prometheus/prometheus.exporter.cadvisor/

I really prefer the eBPF approach where possible, vs. directly 'shipping' metrics to a server.. but the advantage of the latter is that you can do anything you want with it, even if the kernel can't easily tell what you're doing.

So most people end up with a mix I suspect.

grafana it is ecosystem of solutions for every monitoring usage case. https://grafana.com/
prometheus and etc related to it

sort of nice when same ecosystem can solve... everything and viewing from all the possible angles

I've yet to fall in love with Grafana even though I've used it at jobs again and again.. It's just got a LOT of moving parts for my taste. It can certainly do everything though.

It got easier once I started configuring it with Terraform but still.

it was less good before, but i jumped vagon to it with full commitment right on time when it added super User friendly drilldown interfaces 😋
And i love Alloy, it made configurations really simple, Alloy is like "Terraform" full of providers to export everything in uniform way

i have homelab of grafana configured fully through terrafom (docker provider) 🙂 public code if u wish

at work same but in kuber

Cool. I should stand up better monitoring at home probably.

I have plenty of sensors, just not a real dashboard.

Would anyone happen to know if there is a way to suppress an error for a specific file pattern using mypy? I.e, in my case, ignoring all test files for pytest.

I would like to configure my pyproject.toml to ignore a specific error for any file that matches pytest's pattern of test_*.py, my first thought would be to do something like [[tool.mypy.overrides]] in the pyproject.toml, but this only allows specifying modules, not a file pattern. This should work, but is very verbose since I would need to specify every single module that contains tests (which may or may not have a common naming convention)

If I understand your goal correctly, I can think of a couple of ways..

# pyproject.toml
[tool.mypy]
exclude = '''(?x)(
    ^test_.*\.py$  # files starting with test_
)'''

...is the one that comes to mind first?

As seen here https://mypy.readthedocs.io/en/stable/config_file.html#confval-exclude

(single-quoted strings don't require escaping the backslash in TOML)

I did see the exclude param, though I am unsure how I could apply it the way I would like. I.e I do want mypy to run for these files, but I would like to only suppress specific mypy errors such as call-arg

Oh, I see.. so you don't want to fully exclude them, you just want them to have a more-relaxed set of mypy settings?

Is that more-correct to describe your goal?

I think you can do this?

[[tool.mypy.overrides]]
module = ["test_*", "tests.*"]
disable_error_code = ["import-untyped"]

and I guess here's the list of error codes you could specify there https://mypy.readthedocs.io/en/stable/error_code_list.html#error-code-list

Yeah, that is more what I am looking for

Let me se if that works, I was currently using module paths, if it matches file patterns as well, that would be perfect

Trying to do

[[tool.mypy.overrides]]
module = ["test_*.py"]
disable_error_code = ["call-arg"]

results in that code still erroring in all test files, i.e in test_my_pydantic_thing.py

The docs seem to suggest that it works, but I'll have to actually try it, I haven't done it quite this way before

Hmm. That's irritating. Let me read harder.

I'm guessing your tests are not themselves modules with __init__.py in the dirs?

some of them appear to be

I have a sketch of a script that would keep your pyproject.toml up to date with the list of test files, but that's kinda my best idea at the moment. It doesn't SEEM like pyproject.toml/mypy have a way to configure a wildcard match on files vs. module names, except in the specific case of the 'exclude' feature.

This is my current solution, it works, I just was trying to see if there was a nicer way to do this that I was missing

# pyproject.toml
[[tool.mypy.overrides]]
module = ["module1", "module2", ...]
disable_error_code = ["call-arg"]

This just means I need to write out any module that contains tests.

a script that would keep your pyproject.toml up to date with the list of test files
That could be neat, but might not be a really nice way of doing things

Ty for your help, I think this method might be the best option, I mostly just needed a sanity check that there was not a nice built-in way to do this

Just for grins I finished it and it seems to work

I'll share it in case it's interesting at all

https://paste.pythondiscord.com/55GQ

generates this in my test project in pyproject.toml

[[tool.mypy.overrides]]
module = [
    "tests.test_example1",
    "tests.test_example2",
]
disallow_untyped_defs = false
check_untyped_defs = true

Hypothetically you could wire this in as a pre-commit hook or something

Foirwarding as this might fit even better here 🤔

but i notice some examples build wheels and copy those over instead. Is there a reason for this?
people try to be overly smart and optimize docker image by not having in a second stage C libraries used to compile libs in the first stage

since u are very new one to Dockering python, i would recommend to simplify it all and throwing away this stuff

just copy dependencies lock

install

copy the rest of code

set python docker env vars to that u would see stdout logs (i forgot which ones)

and set your CMD. done

Python is interpreted logic fragile in C dependencies. very dangerous to try optimizing this stuff

I would not say i am new to Dockering python 😅 It is the optional wheels part i am curious about.

Anyway, that's the answer. When u copy stuff to Second Stage, u have clean Docker image size that just have only stuff u copied and nothing else

supposed to be helping in not bloating docker image size with C libs used in first stage

u could try comparing Image size with this step and without it and see if it actually helps

or if it only drop in the ocean that is not really helping

docker image ls to check image sizes after their building. most recent one should be your fresh build

Well, yes, i know that 🙂 But my questions was more - is there any big difference in making wheels in the build image and installing them in the app image, versus just making a venv in the build image and copying it wholesale into the app image?

🤔 i have no idea. Do check if there is in image sizes 🙂
That all that will matter essentially, as both methods are done only for that

As obvious difference only that venv copying will fail if its absolute path will change, and it contains symlinks to system python, so if smth changed in it, things could fail too

Same installation path, and same base image (so same system python)

Has anyone here had to generate a sbom for their project? What exactly is supposed to be included? Should I be listing all dependencies? Dependencies of dependencies? What about libs that are included, like already compiled c/c++?

There's more than one major standard, and a lot of it is really up to you https://about.gitlab.com/blog/2022/10/25/the-ultimate-guide-to-sboms/

To me, you want an attestation or whatever you choose to call it for every build artifact, and beyond that it feels like a matter of style

Here's a super dry listing of what the US gov't calls the minimums https://www.ntia.doc.gov/files/ntia/publications/sbom_minimum_elements_report.pdf

kind of a devops question I assume. I'm trying to setup a jenkins pipeline running with docker agent. by default it passes credentials using cli, which is unsecure (I get warnings from the agent). as recommanded (by the warning), I try to setup docker-credential-pass ; but it actually fails to work

resources on the internet as quite sparse, as it does not include running the pipeline as an agent and letting jenkins figure out the credentials to use from the System pannel (all resources use a withCredentials solution, with I do not want that)

I was wondering first, if someone had experience with that kind of setup. so then I could provide more details about what does not work

The mistake done in this part -> I'm trying to setup a jenkins pipeline

Github actions or Gitlab CI is more prefered as more beginer friendly option

yeah but we're using jenkins since day 1 here 😄 transition is not an option

Jenkins is interesting..I've used it to setup adhoc guis for running processes

Like a free style job with parameters

We run Jenkins pipelines for a good bit of integration but that is mainly because we can't use GitHub actions since we need to have runners in a different landscape than where our git repos are. #corporateissues

You know self-hosted actions runners are a thing, right?

https://docs.github.com/en/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners

Wrong solution, he needs CI for more arbitrary guy repo location

Like Jenkins, like Drone CI

No one needs Jenkins

But yes fair enough not everyone uses GitHub

Can't you use repository secrets?

Yes we use self hosted runners for other things (the whole git landscape is self hosted). But the caveat is where each system is located and what landscape. Jenkins is used because it is located in a different security zone. Git action does linting and other validation then kicks off Jenkins who pulls the repo then grabs a bunch of things from a vault and does stuff. No passing of user credentials either (re initial topic)

the secret is configured in jenkins System panel
the thing is that when running the pipeline on a docker agent, docker login is performed by jenkins automatically but the password is set with -p, and it triggers a warning

the warning message tells me to setup docker-credential-, and this is essentially where it goes wrong. before after I do that, jenkins is not able to find any gpg key (although pass is configured with one) and just fails to login

do different docker services in the same docker-compose and Dockerfile share base layers?

For example:

docker-compose.yml

  zosiam:
    build:
      context: .
      target: zosiam-deploy
    env_file:
      - ./backend/.env

  admin:
    build:
      context: .
      target: admin-deploy
    env_file:
      - ./backend/.env

Dockerfile

# Stage 1: Create Python base
FROM python:3.12-slim AS base
...

FROM base AS admin-deploy
WORKDIR /app/backend
CMD ["uv", "run", "admin/Home.py"]

FROM base AS zosiam-deploy
WORKDIR /app/backend
CMD ["uv", "run", "zosiam_session/main.py", "start"]

docker has caching locally

so on second rebuild at least, python:3.12-slim will be shared as local cache for sure

as for next steps of Dockerfile... i am not confident their layers will be shared, they will be trying to build themselves independently

Yeah that's what I fear is happening because the time it takes to setup the base layer is compounding.

I wonder if something likke this is possible:

docker-compose.yml
  web:
    build:
      context: .
      target: backend-deploy
    env_file:
      - ./backend/.env
    image: backend/latest

  zosiam:
    image: backend/latest
    command: ["uv", "run", "zosiam_session/main.py", "start"]
    env_file:
      - ./backend/.env

To reuse the image comign from web

entirely

🤔

interesting idea, a moment

good idea. that works

services:
  web:
    build:
      context: .
    command: ["sleep", "infinity"]

  zosiam:
    image: chain-web
    command: ["sleep", "infinity"]

corrected to working one
docker-compose build && docker-compose up

Nice! How do i figure out the image name for my web service?

by default docker-compose uses current folder name as project name, and adds service name as suffix.
So chain was folder i used it in, therefore built web became chain-web
U can specify fixed project name with -p arg
docker-compose -p smth build
docker-compose -p smth up
i think it is even specifyable with env var

Thanks, I will try the env route

I have a server that I am building different version of my app based on the branch, think of dev/prod/stage and these all use the same compose & dockerfiles for the most part, just different in source code. What is the caching behavior between these different docker composes and how can i cache obvious things like npm installs and apt installs, knowing that they'd be the same?

when i need to share same cached docker image between dev/prod/stage,
U build it once, and upload to Docker registry (from docker hub), or managed one (AWS container registry for example), or self hosted even (harbor) and etc
then the same image is reused to run tests, and being specified for deployment to staging and prod

We do it all automated at the level of Github Actions Ci configured 😏 on pull requests image is built and tested.
on merge to master, it is built, tested, and deployed to staging.
on click deploy to production, latest built in master is deployed

Mmm, that makes sense. But I think for us, having a separate managed image will be a maintenance problem, and so I wanted to go with a more cache based approach, I tried:

RUN --mount=type=cache,target=/var/cache/apt \
    --mount=type=cache,target=/var/lib/apt \
    apt-get update && apt-get install -y --no-install-recommends \
    ffmpeg gcc portaudio19-dev python3-dev libc6 poppler-utils &&  \
    rm -rf /var/lib/apt/lists/*

But this still takes as long as running it normally even though it has a buildkit cache mount. Did I do something wrong? I can also see that /var/cache/apt has lock and partial and partial is empty.

🤷‍♂️ never cached apt

we resolve this level of issues by abusing external registry to cache apt installations

md5 hash to calculate out of python lock file and Dockerfile lines up to python lock file.
build image with tag of this hash
pull when necessary (in CI) when needing to reuse the cache

Okay I see

Any guide on how I can do this?

> 1) Calculate md5 hash from dependencies file lock onto libraries. Whatever your language is. Lets call the value as builder_base_hash
> 2) Pull image image {{ builder_base_hash }} if it exists in docker registry, if not then build up to stage --builder. Save result to docker registry under tag  {{ builder_base_hash }}
> (Thus we implemented speed up twice for CI), as we are were able to cache half of longest CI in a way that its CI jobs can run at different runners, as we use remote for persistence
> 3) run full building of an image, til the code capable to run unit tests and push to docker registry under tag  build_${{ github.run_id }}
> 4) at unit test stage: pull the image  build_${{ github.run_id }} and run unit tests and other tests
> 5) if it passed them, than save the image as service_name_{{ github.run_number }} as fit for deployment , also mark it as latest and etc whatever tags u need (edited)

jobs:
  build-docker-image:
    name: Build docker image
    runs-on: [self-hosted, linux, x64]
    permissions:
      id-token: write
      contents: read
    outputs:
      image-tag: ${{ env.docker_image_tag }}
      image-url: ${{ steps.url.outputs.url }}
    steps:
      - uses: here action for id
        id: name
      - name: Set image URL
        id: url
        shell: python
        env:
          registry: "1111111111.dkr.ecr.eu-west-1.amazonaws.com/${{ inputs.ecr || steps.name.outputs.name }}"
        run: >
          with open(__import__('os').environ['GITHUB_OUTPUT'], 'a') as out:
            out.write(str.lower("url=${{ env.registry }}:${{env.docker_image_tag}}\n"))
      - name: Check out source repository
        uses: actions/checkout@v4
      - name: Generate dockerfile hash of base image
        id: base-url
        shell: python
        run: |
          hash = __import__('hashlib').sha256()
          try:
            with open('uv.lock', 'rb') as pipfile:
              hash.update(pipfile.read())
          except FileNotFoundError:
            hash = None
          else:
            with open('Dockerfile', 'rb') as dockerfile:
              for line in dockerfile:
                hash.update(line)
                if line.startswith(b'FROM $BASE'):
                  break
              else:
                # No FROM $BASE in Dockerfile
                hash = None
          if hash:
            with open(__import__('os').environ['GITHUB_OUTPUT'], 'a') as out:
              out.write(str.lower(
                "url=1111111111.dkr.ecr.eu-west-1.amazonaws.com/"
                f"${{ steps.name.outputs.name }}:{hash.hexdigest()}\n"
              ))

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Pull or build base image
        if: steps.base-url.outputs.url && success()
        run: >
          docker pull "${{ steps.base-url.outputs.url }}"
          || docker
          build --pull --no-cache
          --target builder
          -t "${{ steps.base-url.outputs.url }}"
          ${{ github.workspace }}
      - name: Build the docker image
       run: >
          docker-compose
          -f ${{ inputs.docker-compose }}
          -p ${{ github.run_id }}
          build
          ${{ inputs.build-args }}
          "${{ inputs.service || steps.name.outputs.name }}"

Extrapolate instruction from this (part of Github actions code)

Is there no way to disable the auto login and customize the command?

couldnt find. I will restart gently the tutorial step by step, maybe I missed something, and gonna provide more details about what goes wrong

maybe I will open a thread and notify you about it? so it will be easier to find it back

Btw, do you guys know if there's a way to fetch a commit message in a AWS CodePipeline triggered by GitHub Code Connections? I wanted to implement a little system like GitHub's own CI where if you prefix a commit message with [skip ci] it doesn't trigger the build. I tried the below buildspec file:

version: 0.2

env:
  git-credential-helper: yes

phases:
  install:
    runtime-versions:
      python: 3.12
    commands:
      - COMMIT_MESSAGE=$(git log -1 --pretty=%B)
      - if [[ "$COMMIT_MESSAGE" == *"[skip ci]"* ]]; then echo "Skipping build"; exit 0; fi

But it threw:

fatal: not a git repository (or any parent up to mount point /codebuild)
Stopping at filesystem boundary (GIT_DISCOVERY_ACROSS_FILESYSTEM not set).

[Container] 2025/04/09 18:15:33.812706 Command did not exit successfully COMMIT_MESSAGE=$(git log -1 --pretty=%B) exit status 128
[Container] 2025/04/09 18:15:33.846916 Phase complete: INSTALL State: FAILED
[Container] 2025/04/09 18:15:33.846931 Phase context status code: COMMAND_EXECUTION_ERROR Message: Error while executing command: COMMIT_MESSAGE=$(git log -1 --pretty=%B). Reason: exit status 128

Sure, I'd be interested in that! 😄

(gonna let you know as soon as I do it, but now it's nearly weekend so I think it will have to wait for Tuesday 😄 )

“Install” phase may be too early, I don’t think the repo is even checked out yet at that point? I could be misremembering

It's the "install" phase of the build stage, so there shouldn't be a problem. I've done some digging and it's actually cause the output format of my Source stage is a zip and not the git repo, but I'm having trouble enabling the permissions cause I'm not a workspace admin 😵

Aha, gotcha.

Hi

thank you for your response... (my delay was due to a authentication problem with discord i assume which is now resolved)
i am working on an application that is utilizing prometheus and loki to collect information and to have them presented on grafana as panels.
the application has some api's exposed and is written in fastapi (using https://github.com/trallnag/prometheus-fastapi-instrumentator)
as i'm trying to configure a panel to show how much each request have taken, i'm seeing multiple metrics (some appear to be custom without use) that are for http_request_duration_...
i assume this can be collected using the normal metrics exposed from prometheus, can you help me find the right query for this metric?

Anyone else using Celery in kubernetes? We just deploy a pod for each worker from a script. But I see there's this operator... https://github.com/celery/Celery-Kubernetes-Operator

we use Celery in Kubernetes

i have no idea why would u need Kubernetes operator for that

i think it is silly like using pip install hello_world/npm install hello_world to write hello world

it is just a matter of writing a single Deployment service after all

perhaps is for demo purpose. Like https://www.npmjs.com/package/hello-world-npm 😄

Depending on unnecessary extra maintained libs is dangerous

depending not justified libs is a problem for you to keep up with opinionated stuff of other people

u need to get sufficient benefits from doing that action

it is justified when u use helm charts and operators full of multiple kubernetes elements u don't wish to take care about on your own

but Celery workers are...mm... personal intimate stuff directly related to your own app configuration, out of single entity and it is silly to depend on third party solution for that (that nobody maintains anyway)

Kubernets ecosystem is fucked. Third party solutions like Operators and Helm charts do not have any typing validations, reading their documentation is a headache

if it was in better shape with native typing support, i could have understood celery operator usage, but it is not yet

movement to do... better in kube ecosystem, is still a movement in young state. Within this real simple stuff better to take care on your own

hope of lights in kubernetes ecosystem are currently so far

1. Just using terraform providers to work it (works meh for your own helm, but okay enough for third party helms. Works great for direct usage with kubernetes objects most of the time). My favourite choice.
2. Using KCL so far i see as the most promising one out of the existing similar choices (There are a lot of analogs spawning)

Yeah, I see your point about the operator being needlessly complicated overkill for celery jobs. I always hope, when I see an operator, that it's got some useful "convention over configuration" opinionated defaults I can leverage.

question

about deploying Bert through hugging face: Is a cloud server needed? It takes up 433,312 GB of storage on my pc through flask

Would you prefer Ec2 or Sage-maker to deploy a fine-tuned version of Bert and would you use fastapi or flask ?

no idea what is bert and never used Sage-maker
but regular EC2 is quite expensive unless u use stateless autoscalable architectured infrastructure.

highly likely configuring it properly is very much beyond your scope of effort

consider exploring Hetzner as a choice instead. it has quite cheap ARM64 instances, and cheap auction of servers
it should maximize server u can get for that

Is a cloud server needed?
Cloud is a fancy way to say you rent other people's machine. Using other people's machines or your is a choice to make depending on project requirements
Unless u are able to tap into the power of infra things which solve problems for you in terms of integrations.

meet bert: https://huggingface.co/google-bert

I typed beer by mistake 🤣

some extra note: It is regular thing for Cloud to be super expensive

Especially that's true when u need smth to run 100% of the time

then it is super expensive when u use Serverless features

There are some saving though when u implement thing like Cron jobbed Lambda that runs only once in 24 hours or once in an hour. but rarely all workflow is fitting such case

we use sagemaker and I know AWS bill is over 1M annually among everything else

For those reasons self hosting in Hetzner/OVH can be many times cheaper

It’s over $ 1 million USD?

Jeez Luis

yeah, multiple teams using lambdas, k8s clusters with dozens of microservices each, AI stuff, EC2, etc, etc.

but it's medium size company that serve digital products

It costs that much? I kinda strayed away from cloud servers due to the cost.

I woke up pumped about to deploy Bert, but now I am like “this could be expensive. Hmmm”.

can't compare to other similar scenarios but our devops team is small and doesn't seem it can afford to consider something else at the moment. When we moved from on premise to cloud, took us over a year of work and halted several projects for a while, I don't see management considering another migration

Ah man. Bert is just so big and I was pumped

A simple comparison in prices between managed premise and self hosted (in cloud too)

Datadog costs us 6-8 thousands dollars per month for 2% tracing, 3 days logs and 6 months metrics

Self hosted grafana stack in managed OVH kubernetes: 1 thousands dollars for 2 weeks logs, 6 months metrics and 10% tracing

So... The main overpricing appears from using Managed cloud objects in big providers like AWS, gcp, azure

Just going self hosted in regular VMs, or using cheap providers for cheap k8s changes prices

I just need to deploy it so it does not take up and destroy my pc

Would you say cloud servers in general are overhyped cancer that should not be used unless it is needed?

I would not say that
Renting servers is great. I don't wish to maintain my own servers even for pet projects

With renting servers I concentrate onto server infrastructure as a code

It is pretty great honestly

Quickly changing hardware power depending on my needs

Is sage maker just a version of a Ec2 instance with notebooks and stuff?

A bit depends on provider and project requirements.

I would say using AWS, GCP, Azure for regular mortal is hyped cancer. Those providers are over bloated and complex, better to know infra as a code tools like Opentofu or pulumi first / being DevOps engineer to deal with them

Minimal quality providers like Hetzner, OVH, Lenovo are good pick for most people

Cloud is life saver in simplifying operational costs to manage infra. Thanks gods for managed DBS too

What are the main features all cloud servers have? I am asking the features that are not polished or just added on versions of a service that is already a thing.

Minimal quality providers like Hetzner.
Has hourly, quick in a minute server VM creation and destruction.
Has maintained API and written terraform provider to interact as a code with it.

A bit above minimal but still close to it
also having ability to regulate server disk size separately with volumes.
And having private networks configurable and cloud level firewalls slot security.

Hetzner: Maximum cheap for pet projects and game servers

Above minimal, providers fiting being good enough to be used for serious yet still cheap work.
OVH, Lenovo
They have also Managed Databases, RDS analogs
And managed Kubernetes
And managed S3 can be having

I mean like s3, Ec2, Ecs, rds, lambda, and IAM. What is the gcp and azure versions of those and are those the absolute essentials with no features added? Some of these cloud providers have too many features.

The set of stuff u named is present only in big providers like AWS, gcp, azure.
They all for sure have have it, but I dunno exact names, I am AWS user too.

Here is a map for all db stuff at least name analogs across big providers and self hosted

Thank you

Can I DM you?

public channel communications only. They are they only ones which are beneficial and optimal for answerer too

Ok, what were you suggesting earlier for deployment that is not a cloud server?

I just need to load the model which takes up an insane amount of space and then run docker and deploy it. I think I need sage maker

i would recommend asking people at https://discord.gg/devops-sre-infrastructure-419745677585940482 server.
@hubt person is MLOps there and will answer best for example (don't point finger to me that i recommended asking him though)

Normally i would have recommended designing Stateless application running in Docker Swarm at Hetzner as starting point, configured via Terraform Docker provider (or heck even regular Docker-compose file) (Connected via DOCHER_HOST=ssh-way), or running in AWS ECS on ec2 spot instances
I think simple containerizations, works best, as simple enough for beginning, and good enough to serve close 5 years in terms of flexibility.
But my usage case is not ML related, for regular Backends running

but since u have MLOps, and may need videocards for your Bert stuff? there can be another answer better one, that MLOps people will answer better.
Optionally just google where to deploy bert reddit, and search over recommendations in addition

I would never point the finger and thank you

Best python lsp? Heard that pyright had better completion than pylsp.

A lot of people like https://github.com/DetachHead/basedpyright

What's up with that avatar though

Does "basedX" tools have anything in common?

what other basedx tools do you know of? i only know about basedmypy and they are friends

👍 probably none, just felt like a thing

I have this book before. aren’t read for more

How to verify

I forgot my password I can’t join this group

I somehow remember reading about being able to define dokku triggers in my deployment repo, like bash scripts in a folder named .dokku or such.

I can't find documentation for that anywhere. Am I misremembering?

Found it. https://dokku.com/docs/appendices/file-formats/app-json/?h=healthcheck#scripts

though not exactly what I was looking for.

My new tool S2 News tool. Please check it out and let me know your feedback. 😊

https://github.com/San2biswas/S2_News

Hello,

I'm working on python projects with collegues and i'd like to introduce robustness, using linter, typechecker, formatter, everything also integrated in a CICD pipeline

I use ruff as Linter and Formatter

i wanna use a typechecker, mypy is awful slow so i switched to pyright, but the vscode Pylance's Pyright does not give the same errors as the CLI which is an issue as i want to have a CICD running pyright too.

How can i have consistent typechecking / linting in my editor and my CICD ?

if I were in your situation, I'd spend some time investigating why pylance gives different errors as the CLI

I had a similar situation with mypy, and the answer turned out to be: the two different invocations were finding two different sets of config files. I wouldn't be surprised if that's what's happening in your case, too

@normal crystal ^^

I'll look into that

Oh ffs, you were right! I'm a dumbass...

Looking at pyright --verbose, it was only looking at my pyproject.toml, and not into my pyrightconfig.json

I moved my pyright config into my pyproject.toml and it does seem to give the same errors on Pylance and Pyright cli

Thanks

!rule 5

 def __init__(
        self,
        task: str = "zero-shot-classification",
        model: str = "roberta-large-mnli",
    ) -> None:
        tokenizer = AutoTokenizer.from_pretrained(model)
        device = "cuda:0" if torch.cuda.is_available() else "cpu"
        self.classifier = pipeline(
            task=task,
            model=model,
            device=device,
            framework="pt",
            torch_dtype=torch.float16,
            tokenizer=tokenizer,
        )

how can i deploy my own implementation of this pretrained bert model as a microservice or something because as it requires torch it needs to be in its own environment as it is very heavy

sorry if i use wrong terminology

full code:
https://github.com/saragarcia6123/Sentiverse/blob/main/backend/src/services/classifier.py

You say 'microservice' but how exactly do you need to use it? What's the most elegant way to expose it to whatever you want to have call it? That isn't always HTTP etc.

One common way is to make a container (Dockerfile-defined for example) to package your thing and then you have many options for running that container however you want.. but it's not always necessary or ideal.

hello

Hello guys !
I'm trying to setup devcontainer to enable me to use the debugger inside a python docker image, but i keep getting the error "invalid port #" i have indeed setup the ports in devcontainer.json, docker-compose and the Dockerfile associated with the image.

https://darklab8.github.io/blog/article_visual_debugger_in_vscode.html
I wrote article about easy correct usage of using python debugger inside docker image

my advice goes around, just launch docker-compose, and connect vscode directly to it

to hell with devcontainer.json, fragile piece of crap

Thanks !

Yes, sounds like a better choice to use it from within the container, but what's wrong with devcontainerp ?

I managed to set it up to connect to docker but it's super tedious to use

but what's wrong with devcontainerp ?
extra proprietary format to learn. -_- docker-compose itself configuration is enough and reusable for CI

docker-compose is made in quality way in Go

vscode is suffering from being written in JS

u don't expect quality and lack of crashes when stuff is written in JS

Ok so it does work like i intended by just opening up the proj in devcontainer

Only thing i'm looking for is super fast iteration time or debug stuff locally with minimal setup

Does anyone know if there is a maintained package that is compatible with the linux patch utility without relying on system packages? I found 2-3 that seemed to fit the bill but have been abandoned years ago

just for my own curiosity: do you want to apply a patch?

Exactly

The goal is essentially automating patching in a more portable way than relying on patch being installed

I assume you need to run on Windows

Yes, Windows is one of the target environments

I guess if I were in your position, and I couldn't just ship a "patch" binary that ran on windows, I'd consider using a different format -- one that python could apply

The main issue is that I need to apply patches that already exist. I'm not sure how feasible it is to convert these to another format

I gotta ask. Why do you need to apply patches on Windows?

In my experience, patch is used only for open-source software

Patches have been used for some datasets in my field for licensing reasons and I'm trying to ensure reproducibility. The licensing issues are also why this processing has to happen on the user's machine

It's admittedly a niche application

It's use primarily for open-source software is why I decided to ask on this channel, however

I sorta figured you had some niche requirements 🙂

how hard would it be to ship the cygwin DLL and the patch executable? (Hopefully "patch" on cygwin is an executable, and not ... shudder ... a Perl script. It's a plain executable on recent Ubuntu, fwiw)

I suspect it will take more time than I would like to spend - but given the lack of alternatives I'll have to investigate

can anyone dm me about my project im basic to coding of py can someone help me with my project for a game tool

Why not just ask in a help channel, #❓｜how-to-get-help

Hi can i have an interview coming up for devops in aws can anyone help me prepare with interviews?

Hello, which linux based image i should use in my docker to get python 3.12 on it?

https://hub.docker.com/_/python

I'm using python:3.13-slim-bullseye but should probably upgrade to 3.14 one of these days

https://hub.docker.com/layers/library/python/3.12/images/sha256-de246c447a140d6e60c72a8999d9051b752bf484e6e9e3e6a19413b8d370c010

you, of course, will want 3.12

Why are you pinning to bullseye?

No particularly good reason 🙂

I probably copied-n-pasted that line from somewhere.

I assume that pinning to bullseye is a bad idea. Is it? If so, can you ELI5 why?

btw I'm using Debian instead of Alpine mostly because I am already familiar with Debian's package manager, and need to install a few non-python things

I was going to ask you for an ELI5 for why I should do that

haw

"the blind leading the blind"

well, if bullseye is a LTS release, then you don't have to worry about it being obsolete for ... a while

although if that's what I really want, then I bet there's an "-lts" tag that I could be using 🤔

bookworm is clearly a better choice than bullseye though: https://www.debian.org/releases/

I guess the reason to pin is that you're in control of when you want to pay the price of upgrading.. the reason NOT to pin is that each incremental change you need to adapt to will be smaller, rather than all at once when you manually change the pin.

well said

What if you don't have anything OS-specific?

Hey everyone, my team is creating a meta package, and we maintain libraries within in. each library is its own repo. soemtimes these libraries reference each other (not very often, its a tree structure in which they are allowed to reference each other).

what is the premier way in python we can do dependency management and checks? and can we do it within out azure pipelines

i am willing to answer any questions

Just double-checking, you've already looked at the "monorepo" idea and decided you don't like it? Because it does make this particular scenario a lot easier arguably.

Yea i completely agree with you monorepo would have been way better but this is at work, so not in my control. honestly, i just want to know, what is the best tool to manage dependencies in repositories, and is that tool poetry. as my team is building it out, im just trying to understand what kind of issues can crop up in the future..

i feel like as we add more and more libraries, we are going to end up with a monster

It's a big damn hammer but honestly a big part of me wants to suggest Bazel here. It's really good at cross-language/cross-library/cross-whatever builds, under tight control.. it has a good plugin for 'hermetic' Python builds that don't depend on the system python version etc.

It requires learning its whole way of thinking about the problem but I have to admit it's a very solid way to decide to think about problems.

An example of how my bazel-est buddy uses it is to generate a 'virtual' library that implements his config-file format of choice in whatever language that part of the build needs. (He mixes a lot of Java and Python for whatever reason)

His config-file parser is a bazel build rule he wrote, and it's type-safe etc, pretty fun.

let me check out bazel, even if we dont go ahead with it, maybe i can learn a few things about dependencies and python versioning that may help me

uv dependcy manager is a win. 100 times faster than other python package managers.
Dependencies installed in seconds, resolving in seconds instead of minutes how it is in others
uv was written in rust

poetry is regular garbage in comparison

😢 lmao. yes, let me test out uv as well. i think at the end of the day, we have to agree on a hierarchical structure of which lirabries are allowed to import each other, and manage that strictly to avoid any kind of circular dependency. did i mention we have a check in the init that refuses to import a library unless the meta package is also installed? does it check for a particular version of the metapackage? ofcourse not. what are we even doing, does anyone make python packages liek this...

When u said checks did u mean dependency checks or other kind of checks?

like it will throw an error if the meta package is not installed

that is not important ||- its more of an office politics thing ig ||- just, trying to learn more about python dependencies etc. if u guys think there is any concept or write up i should check out pls let me know.. thanks

So, docker has a restart-policy to automatically restart containers when they fail

services:
  runner:
    build: .
    restart: always

I want to do just the opposite though. I want there to be 3 containers running at all times, and if a container exits cleanly (0) then a **new **container should be created to replace it

Are there any tools for such behaviour? I haven't found anything - do I just write a custom Python script to monitor it

uv behaves in next fashion...

u specify u wish to have installed some package to app, may be with constraints, not less than specific version or in fuzzy version to install only patch updates later on its own

uv auto generated Lock file, to ensure that when u sync packages to current env, EXACTLY SAME will be installed

lock file changes only when u add, update or remove packages. packages can be other affected even if they were not directly updated in current operation

When u form Python Library, u can specify to it "requirements" list, that specifies which Packages to install if this lib is installed
Which VERSION CONSTRAINTS are needed to be satisfied for those sub dependencies, minimum or exact or fuzzy versions

When u do any operation with pacakges in uv
It resolves all requirements from all libraries and helping you to its best effort to install packages which have all their constraints being satisfied between each other

All other python package managers work in same fashion. Adhering to requirements your libraries have, and try to resolve all libs to a working fashion

Exception is when u install something in a raw way through pip directly, it has very primitive resolving mechanism, which is ignoring stuff when u add or remove new libs. pip raw lib installations resolving somewhat works only if all libraries are installed at the same time in a single command

=====
When u launch something through uv, it can be even auto installing missing dependencies if they are not yet installed yet

Installation of dependencies always happens to isolated venv somewhere existing. So your global python packages aren't affected

Exception when u add config params/Env params to break this behavior on purpose (for docker image for example) and it does install to system python

have you seen the Python code that Bazel generates?

uv is pretty great though

if your metapackage is nothing but a pyproject.toml with specific version constraints, this is fine

if your subpackages depend on each other, well, you're boned, because then the metapackage doesn't control the versions anymore

actually no.. it will lock the entire chain if you only have a lockfile in the metapackage

in that case lockfiles in the sub packages are only used for dev, and potentially you don't use them

that's the unanswered question, how do you deal with deps when the metapackage is not the thing pulling it all together

you need a plan for developing in the subpackage repos and keeping the metapackage lock up to date with the dev environment

if nobody can answer how to do that, back to the drawing board

Bro like what my team is doing, is this in any way pythonic or a SDK thing? 🥲

I need a sanity check.
I see a [lint] in a pyproject.toml. But there's no common tool that actually uses that exact table and no way to tell anything to use that table, is there?

there's a lot of ways to deploy software, lots of things can work. but personal advice time. honestly it sounds like you don't like this approach and are looking for reasons to not like it. doing the homework and asking the right questions will probably go further than vibes

is it a thing people do with python? since this exists, categorically yes https://docs.conda.io/projects/conda-build/en/stable/resources/commands/conda-metapackage.html

https://github.com/open-telemetry/opentelemetry-python-contrib/tree/main/opentelemetry-contrib-instrumentations

example of package like this

There is no need for Something special for that

just do empty package with requirement constraints like in regular package

just more strictly

Thats really good advice, thank you and @rapid sparrow as well, ill look into all the resources shared…

Hello, Anyone wants to collaborate in developing cybersec tools or scripts for our portfolio?

-# I think this is the right channel
I seem to be doing something wrong with how I handle my branches. Once I merge the PR for a branch in github I delete the branch git branch -d <name>

warning: deleting branch 'logging' that has been merged to
         'refs/remotes/origin/logging', but not yet merged to HEAD
Deleted branch logging (was bd30a33).

I am pretty sure that these branches are then supposed to join back into the main branch when they are merged right? What I am doing right now seems to work but I am worried it will lead to issues if I ever need to do anything more complex

How do you merge the branch on Github? Do you do any kind of rewriting there (e.g. squashing)?

Yes, I squash

In that case your local commits will not be merged at all, because what you're merging are new commits (that contain the same changes).

ok, so this is something that I do not need to worry about?

Yeah, you can do that workflow without worrying.

This tool gets your devops script an interface – it expose the script's options to the CLI, and if something is missing (like a token, password, or other constraint), it prompts for it in a desktop window or in the terminal (when running on a machine without the display). https://github.com/CZ-NIC/mininterface/

hmm so this is designed as a GUI wrapper that you run your own script into? Sounds interesting for test or debug in theory

Yeah, this is a GUI wrapper on desktop, TUI wrapper in the terminal, and web wrapper in the web browser, you write the code once and it works everywhere. It's great for testing or debug but makes your script to work as a program in no time 😉

Where is question?

nowhere

just wanted to show yall a tool im working on

its alive!

browser cache btw

how do u distinguish pirates games?

or it is folder named Pirated Games 😄

shhh

you saw nothing

https://piratesoftware.wiki/

currently compiling into an exe

https://github.com/iaxivers/Windows-Power-Toolkit#

its done!

no its not a trojan

this is my first proper python application

hey there, does anyone know a tool that can scramble audio files and maybe pad it at random places?

For anyone running formatters/linters such as black locally via pre-commit often and wishing that was all snappier, I just released this pre-commit wrapper which uses JumpTheGun to make it start near-instantly:
https://pypi.org/project/jumpthegun-precommit-wrapper/

What does it do? 😅

hello? i need help with dlib..

JumpTheGun pre-commit wrapper makes pre-commit run faster. The heavy lifting ("deep dark magic") is done by JumpTheGun, a generic tool I wrote to make Python tools start up more quickly.

It's intended to be used in local dev environments to streamline one's workflow. I like using quick, snappy tools 🙂

"deep dark magic" = running a tcp server per tool that sticks around for a few hours

Explain more please.

Is jumpthegun some other thing or part of this?
Why would a tcp server make anything on my machine run faster?

It avoids the startup/import cost. Instead of every invocation of black starting a Python interpreter, importing all required packages etc., it just does this once, and keeps running, ready to take requests for a new "run". See here for more details.

JumpTheGun is a generic tool for making tools impemented in Python startup much more quickly.

For a tool (e.g. black), JumpTheGun runs it in the background, stops it after it has started up Python and done its imports, and makes it wait. When the tool is then run via JumpTheGun, the existing process is forked and starts running from that point. (It indeed uses TCP-based communication to route stdin/stdout/stderr correctly.)

Heh, @crimson spruce's explanation above is shorter and better 🙂

does git now ignore .venv by default? It seems to be -- I've deleted all my various .gitconfig files, and have no .gitignore, and yet neither "git status" nor "git ls-files"   show it

looks like it ignores any directory whose name begins with .

I've deleted your post, as it violates our rule against ads.

I really want to expand this

but I have no idea what to add?

some osint tools maybe

idk

I should organize the files

the network and storage stuff are just two big scripts respectively

maybe make small ones for each tool

https://docs.python.org/3/whatsnew/3.13.html#venv

Changed in version 3.13: Added the --without-scm-ignore-files option.
Changed in version 3.13: venv now creates a .gitignore file for Git by default.
- https://docs.python.org/3/library/venv.html#creating-virtual-environments (styling removed)

aaaaah the .venv itself does it! Who knew. Good catch

anyone could help me installing dlib??

Aha, there's is the missing link, it's for python only 😊 @hollow wagon you should link jumpthegun, it was difficult to search.

Isn't ruff much faster than black? Is there any reason to use black?

git check-ignore -v might help with similar issues in the future.

https://github.com/taleinat/jumpthegun

There are various reasons to use various tools. It's good to have an ecosystem of tools and to be able to choose the most appropriate ones in each scenario. You're welcome to use ruff, but I work on many projects and most use other tools.

For example, black is super-opinionated, the only thing that is configurable in its formatting is the max. line length (plus a couple of other flags, but that's it). Other formatters are much more customizable (I'm not sure about ruff).

Ruff has a very high compatibility with black "99%". I'm just curious if there is still any reason to use black. I don't think ruff format has more config regarding style than what black provides.

Well, for one thing, I know and trust the main developer of black, and I trust it to remain FOSS. Ruff is developed by a for-profit startup that raised a lot of money, and their business model is not clear to me. So I'd very much prefer the Python ecosystem doesn't go all-in on ruff.

(Same for uv and ty.)

I know the ruff devs (Astral) have promised that these tools will remain FOSS in the future, but I have doubt regarding their intended revenue model ("In the future, we’ll build and sell services on top of our tools"), and promises such as these have been broken before even by those with the best of intentions.

(Just to be clear, I'm greatly in favor of what they are doing, and am rooting for them to succeed!)

https://github.com/TaqsBlaze/amen-cli
A python cli tool for quickly scaffolding web applications

I want to be able to generate problems for Calc 1 and 2, along with the steps to solve each problem as needed. This is so I can generate practice problems for myself. Do you know of anything that I might be able to use to help me build it?

I used a composer a few years ago. I love your project. I also created a similar tool to scaffold a Python project in seconds. Its name is psp: https://github.com/MatteoGuadrini/psp. I inspired it from the Yeoman project.

thanks man
I guess composer inspired a lot more projects lol

I want to bring that experience to python

Docker is devops, right? :P
Trying to set up a multi-stage build for a python app and having trouble settling on the approach. It looks like the common routes are

• Install into a venv in the build stage and copy that venv in the end stage. which requires updating the PATH This seems the easiest but still feels a bit cluttered.
• Install to the user in the build stage and copy the user directory in the end stage. Which also may also require updating the PATH. This seems marginally cleaner than the venv approach.
• Build only the wheels in the build stage then install the wheels in the end stage. This seems to require the most work to set up but if it works, provides the cleanest result. Might avoid having pip in the final image with some mounting shenanigans? but the mounting confounds me

Docker is devops, right? 😛
sort of yeah 😛 first brick towards infrastructure as a code

Shrugs. u can do all that stuff, but i view it to be honest pointless doing it for scripting language like python

not very worth wile investment. We at work with python as main language never allocated time towards it 😅

if u wish small sized docker images, u just should use... some compilable language, very easy to make small sized docker image with go for example

Do tell how much u will succeed in decreasing image size if u will have some success

The issue isn't the python itself, the issue is all the build dependencies and other junk that sticks around. Like I have a python package that wraps C++. The building of the C++ is done as part of the build system so the package can be installed the same as any other package. Building C++ generates a lot of junk.

which C++ lib u use?

The muliti-stage build is then a requirement for the Python. And there's no point in having one package installed differently from the rest, thus all the packages get installed in this multi-stage build process

The one I wrote specifically for this container :P

okay 😄

Install into a venv in the build stage and copy that venv in the end stage. which requires updating the PATH This seems the easiest but still feels a bit cluttered.
that can work, that can work. just make sure copying venv to same absolute location as before, otherwise everything breaks

PATH changing is optional but could be nice touch for simpler python final access

Right. I started with the venv approach because it was easier to start up and the entrypoint I just call directly. But for actually building, it would be a real pain in the butt to work without prepending the path

u can as mentioned just add venv/bin folder into PATH as First entity (and everything else after that), then it should be picked with priority

ummm

venv approach is actually just a symlink illusion a bit, at which we put out installed libs

if u have C dependencies and they store themselves as compiled libs in some... other folders

things can break if u will just move venv itself

since venv is only symlink illusion, its usage should be pretty lightweight at least 😄

I'm not putting them in weird folders, the c++ building and installation is all managed by the build system specified in the pyproject. It ends up in the same place as any other python package installed into the venv

i built an a compiler https://github.com/hejhdiss/pcl as a working system of my concept.anyone who have interest in this area if you like it can you please contribute or give some advice about its features or scripts.this is now only in linux platform.i want feedback about this concept or project.

Built a lightweight Python environment manager in C – no pipx, no poetry, just raw speed
I recently built a simple command-line tool called Pytiner, aimed at managing Python virtual environments and packages — with zero overhead and written in pure C.
It’s fast, simple, and has no dependencies except Python 3
https://github.com/ExiroStudio/Pytiner

what kind of reasons could make it picking over Uv
https://github.com/astral-sh/uv
https://docs.astral.sh/uv/getting-started/first-steps/
it is ultra fast package manager in Rust

it's a personal project and it's interesting man, cool it with the Astral joint train 🤣

Yeah, uv is seriously impressive — blazing fast and built solid. Definitely great for real dev environments.My project is more of a learning tool honestly. It’s written in C, aimed at helping beginners understand how venvs and CLI tools work behind the scenes.Not really trying to compete with something like uv, just keeping it super lightweight and educational. If someone’s building a big project, your tool makes way more sense 😄

https://chatgpt.com/share/6841da24-6074-8003-9b88-9517468ff746

Can someone tell if someone uses this?

as infra dev i say that i do multistage building but no in Python

Python is not about Super Efficiency achievable, it is hard to build images with C dependencies as it is 😅
A bit more used disk for images is not a big price to have more stability/predictability/simplicity

so gpt says me there will be issues when isn't able to justify them well

what sort of issues can i face?

Since I'm currently writing a multi-stage docker image for work and the work is primarily python, I can tell you my personal issues :P
Before that, what GPT is telling you about how to build is kind of garbage. Set up your project as a real project, install it to a venv. Then you can copy the venv into the final build stage and add it to the PATH (which is most of what bin/activate does). This is the process I've seen done by others and it's pretty clean.
Now the problem I'm encountering is that if your app can't run outside the container, making a development container is a lot harder. If you run from source or an editable install in the container, you can mount your host copy of the project in the same spot and can make changes to the code without having to rebuild the image. I have not yet found a clean way to get the same behavior in a multi-stage build.

wheels is the only reasonable way imo, it's Made For This

wheels requires that you have pip in your final image. You could of course install it then uninstall it at the end but that's a good few extra layers compared to a simple copy from one stage to the other.

you can do this to have pip without having pip https://stackoverflow.com/a/49524140/5939768

also, it's not extra layers if you do everything in one RUN

which is standard practice, e.g. removing apt source lists after apt installing things

though this is more analagous installing apt, installing packages, then uninstalling apt all in one RUN

if your desired outcome is minimal image, it's both clean and results in desired outcome, you just have the (compressed) wheel file as an extra layer compared to copying venv trees

other ideas:

• you can execute a wheel directly if it has __main__ set up properly
• you can e.g. extract requirements.txt from the wheel to install the deps, or copy it from the build image and do the pip trick

having your application tucked in a compressed wheel is even more minimal than copying the sources 😎

It's not that I'm married to the approach I took but I honestly don't see how this is better. Like now you have to do the work to actually find where to get the pip wheel and install it, which also adds wget or curl as a requirement. Of course you can uninstall those too when you're done but like why do all that work when you can just do COPY --from=build /opt/.venv /opt/.venv

And of course you can also install pip through the non-python package manager then uninstall it.

But still

plus running from the wheel inside the container also means having to decompress it every time you launch the container. Which like sure that's a tradeoff and we can spend some effort trying to reduce the size of the image but why spend the extra cost where it's not needed

all depends on what your goal is, i assume either minimal attack surface or minimal storage, otherwise not much point in multi-stage to begin with

fwiw i use multi-stage and don't sweat pip being installed in the runtime image

because i'm producing wheels anyway

import pyautogui
import time
import win32gui
import win32process
import psutil
from pynput import mouse

Constants

ROBLOX_EXE = 'RobloxPlayerBeta.exe'
TARGET_COLOR = (255, 255, 255) # White crosshair
COLOR_TOLERANCE = 20 # Allows minor variation

Track mouse state

left_clicking = False

def on_click(x, y, button, pressed):
global left_clicking
if button == mouse.Button.left:
left_clicking = pressed

mouse.Listener(on_click=on_click).start()

def get_active_exe():
hwnd = win32gui.GetForegroundWindow()
_, pid = win32process.GetWindowThreadProcessId(hwnd)
try:
return psutil.Process(pid).name()
except psutil.NoSuchProcess:
return None

def color_matches(color1, color2, tolerance):
return all(abs(a - b) <= tolerance for a, b in zip(color1, color2))

Main loop

print("Starting white-crosshair auto shoot. Hold LEFT MOUSE BUTTON to shoot. Press Ctrl+C to stop.")
try:
while True:
if get_active_exe() == ROBLOX_EXE and left_clicking:
screen_w, screen_h = pyautogui.size()
center_x, center_y = screen_w // 2, screen_h // 2
pixel_color = pyautogui.pixel(center_x, center_y)

        if color_matches(pixel_color, TARGET_COLOR, COLOR_TOLERANCE):
            pyautogui.click()
            time.sleep(0.05)
        else:
            time.sleep(0.01)
    else:
        time.sleep(0.05)

except KeyboardInterrupt:
print("Stopped.")

can someone help me out with this (ai generated). im trying to get a autoclicker that only works when a guns detected for roblox specfically, the only way i thought to do this was using the crosshair. That if it sees the crosshair it will only autoshoot when left click is held in however nothings happening and idk whats wrong.

this is probably not the correct channel for this

#> LoginSecurity configuration.
#> Some information is provided in the form of comments
#> For more info visit https://github.com/lenis0012/LoginSecurity-2/wiki/Configuration
register:
required: true

When enabled, users need to enter a captcha upon registration.

captcha: false

When enabled, requires users to enter their password twice upon registration.

confirm-password: false
login:
max-tries: 5

Only allow registered players to join using exactly the same name as registered.

username-match-exact: true
password:
min-length: 6
password-max-length: 32
join:

When enabled, player gets a blindness effect when not logged in.

blindness: true

Temporarily login location until player has logged in.

Available options: DEFAULT, SPAWN

location: DEFAULT

Safely hides the player's inventory until the player is logged in

This required ProtocolLib to be installed

hide-inventory-safe: false
username:

Remove special characters like @ and # from the username.

Disabling this can be a security risk!

filter-special-chars: true
min-length: 3
max-length: 16

Shortcut that can be used as alternative to login/register command. Does not replace the defaults

command-shortcut:
enabled: false
login: /l
register: /reg
updater:
enabled: true

The type of builds you are checking. RELEASE, BETA, ALPHA

channel: BETA

Session timeout in seconds, set to -1 to disable.

session-timeout: 60

Login timeout in seconds, set to -1 to disable.

login-timeout: 120

Login/register message delay in seconds.

login-message-delay: 10

Language for messages, check wiki for more info.

List: https://github.com/lenis0012/Translations

This setting should be set tot he file name without .json

language: en_us

Has anyone tried using jujutsu (https://github.com/jj-vcs/jj) for version control? I'm obviously interested in something that simplifies and streamlines git's processes, but I can't wrap my head around how jj's model is the solution.

https://taqsblaze.github.io/amen-cli

@neon shard someone is needed to extole the virtues of jj

jj is very good

so part of the neatness is just the idea of "what if we had a version control system that was not specific to a backend", i.e. you can have a git backend, google has their internal backend for their needs, yet the "vcs frontent" is fundamentally the same

but, if the vcs frontend sucked that wouldn't help, thankfully it doesn't

people have come to realize that jj is a lot of "show don't tell" to get the niceness of jj across, but I can try to give some highlights

The staging area has been simplified away

jj only has commits and there is no such special thing as a staging area that requires its own commands to interact with, everything just goes into a commit and can be handled like any other commit

So a flow that would be

1. edit file
2. stage the change
3. commit the staged change

Becomes basically just

1. edit file
2. give a name to the change

Powerful rebases

You can basically rebase anything from anywhere to anywhere else with ease. Rebasing does not care at all what you have checked out, it's just doing operations on the graph.

You want to move this whole tree from there to somewhere else? Easy.
You want to rip a few commits out of the graph and insert them somewhere else? Believe it or not, also easy.

And rebases get better because of...

First class conflicts

JJ models conflicts in a very nice way. Internally it doesn't store the diff markers, but stores from what sources the diff came from. The leads to the ability to do nice things like letting a rebase always succeed. You are never in a state where "hey you need to resolve these diff markers before you can proceed to do anything else"

So you can do the rebase, and later decide to fix the conflict. Or you could even continue to do further rebases and the conflict might go away

Time travel

This is one of those small things that is just so well. JJ keeps track of all operations performed, and you can undo or reset to any point in the past.

Mucked up a rebase that created more conflicts that you expected? jj undo and you're back.

You will also realize the messup quickly because you can immediately see what the damage of the rebase was in terms of conflicts. In git you would be stuck editing diff markers and maybe only later you realize that you put yourself in a mess, how do I back out of this?
(for the more experience git user, it's a bit like the reflog, but actually nice to work with)

Misc

But I kinda think some of this is "you just need to try it out". I think a common pattern is "any single part isn't revolutionary, but it adds up to a so much nicer and powerful workflow"

Stuff that is kinda considered hard operations in git become easy. And with the operation log you feel much more comfortable to just try stuff out and see what happens, because you can just undo

Some testimonials

Let me drag in some recent appreciation posts from the jj discord

I am very good with git, I learned it when it came out and understand it very well. I didn’t use to think it was too complicated.

Now, I see threads with people talking about some advanced usage like “you can add interactively to the index/stash” and I’m like “eh, don’t even need to do this anymore, what gratuitous complexity”.

Earlier today, from a coworker of mine who I got into using jj just a couple weeks ago (lightly paraphrased):
"jj isn't an incremental improvement over git; it's a more comfortable way to handle various day-to-day VCS tasks"

I've started using jj as my daily driver and have been shocked at how much of a learning period there hasn't been. I use rebase -i frequently in git and use a ton of aliases, but my workflow has translated super easily to jj. Things I do frequently in git with 5+ commands in git can be done easily and intuitively with 1 command in jj. Even things I wouldn't ever dare try to do in git (e.g. rebases involving merges with conflicts) are trivial in jj. Never going back 🙂

Been thinking a lot this week about how much I appreciate that jj is small enough to "fit in my brain".

By which I mean the core [interface] is both concise and consistent enough that I can accomplish most operations — even uncommon on non-trivial ones — without having to constantly scour the docs.

where is this all coming from

That last one actually reminds me of another point. Orthogonality of commands. There is a pretty clear separation between "I'm moving commits around and changing the tree", "I'm creating a new commit", "I'm moving diffs between commits"

The testimonials? Just some recent posts to an appreciations channel in the jj discord

no, all of the messages you just posted

I typed them

all but the testimonials

As for why I posted them

I appreciate the efforts

Thank you for your services to democracy citizen

jj really needs a "sales pitch" style page

Thank you! Maybe I do just need to try it.

The ability to shuffle up history so easily sort of scares me: it seems like it would give you the power to do cool stuff and also to screw things up really badly.

you have the power to undo a mess-up easily

so messing around and trying stuff it suddenly not scary, and you learn a lot quickly just from feeling comfortable playing around

fwiw jj undo to undo the last operations (then going jj undo undoes the undo)

to restore to an earlier point you can jj op log to see the graph of operations, and then you can jj op restore to a specific one

it's all non-destructive

Hey there! This is my first time publishing a package in pip: https://pypi.org/project/fylex/
Any suggestions? or advice?

It's a tool that can be used for copying files in an advanced way

I value your opinion and guidance. Thank you!

Reminds me of rsync

Can it copy over ssh?

Hi @gentle solstice , my module currently doesn't support copying over SSH.

But here are some aspects where fylex might help

I have also introduced several features now: https://pypi.org/project/fylex/
Does anyone know how I can get developers to test my module for bugs?

I am new to this... looking forward to your help. Thanks in advance.

I will test it eventually

Thanks a lot, @short peak

Installing dependencies in a dockerfile like so

RUN --mount=type=cache,target=/root/.cache/pip \
pip install -r requirements.txt

Is it possible for this cache to be clobbered in such a way that the dist-info no longer matches the actual package?
I have a package that lists one version when using pip show and a much older version when checking __version__. But it's only happening in one specific image.

https://github.com/IronxBARK/image_converter.git

i have made this image converter and bg remover
can someone tell me improvements and ways to achieve -

• key bindings
• grid layout for dynamic size for every window
• picture preview after adding

super cleared the build cache and issue remained. something super funky is going on.

Looks like there was another dependency that wanted to inject its own patches for protobuf

which is fucking disgusting

python dark magic to inject patches into other libs is fun, until u encounter another person doing the same 😄

i tend to lock to Overly specific versions included Patch version when i do it at least though

few days ago i was debugging super weird bugs with python app. where it was having 3 times more Threads in average on runtime than it should, and thus any app instance was requiring 3.5 CPU reservation in order to run stable and not screwing up itself and other apps with "Can't create new thread" errors

Smth was leaking urllib connectionpools as zombie threads in large amount

...eventually after a lot of binary search debugging of narrowing down a flakky issue in addition where the heck it comes from, things pointed to company internal library for elasticsearch full of patches -_-

thankfully i was allowed deleting the lib from the app code for now due to it being still not used in prod. no lib, no problem

I'm absolutely livid that it's even allowed

It's not actually a patch, this wheel straight up replaces whatever protobuf is installed with its own. But it only replaces the source files, not the dist-info which is why pip show protobuf was reporting business as usual

Scripting language with dynamic typing.

it is its strength in everything being allowed, and its curse.

this doesn't even have anything to do with the language, it's the packaging. the idea that a wheel can just unpack something into the top-level, replacing files that it doesn't own.

@rapid sparrow , did you try ty already?

Woohoo. Nope.
They renamed red knot to ty then, nice to know

Hehe, project in deep alpha version and already 10k stars

i am working on a tool called air-cli but i have no clue what it should do i need ideas (nothing to do with weather)

😄

By coincidence

?

i had a pet project idea which i actually named Air Cli

but never implemented it

lol thats crazy

The idea was to implement Local executable CI workflow, so it would be independent from Cloud CI executors like Github Actions

it should be having well visible workflow of steps executed, possible paralleizations, detailed errors in case it fails

as last step we would insert it into Cloud CI runners like Github Actions to run from it if necesary

there are two possible options how to implement it

1. Yaml based, inspire from Github actions, Taskfile, Tekton CI, just make it local executable
2. Static typed one, using smth like HCL as basis, or using general purpose language to write it

Air CI actually it was supposed to be

without l in it

lightweight locally executable CI workflow, insertable into any other CI runner.
it should have been written in Golang i guess? it would made it easy distributable to any machine/docker image
Plus it would have made easy parallelization and fast its running

So here is the idea described above

alot of words

Try first covering with CI unit testing and deployment some of your project
Try using Github actions, Gitlab for comparison
Taskfile.dev and potentially Tekton CI?
And give a check to Dagger IO

the point of this exercise was to make smth lightweight executable locally, fully being able to serve as CI and preferably also having ability to write reusable actions like Github actions market has

i see a problem of CI that lack of local execution makes things a bit problematic

probably for a reproducable way to run it we would have been needing to utilize Docker may be. Shell and Docker executors for CI probably would have been offered

Taskfile is nice, but it is more Makefile, not really having aim to be CI workflow

all other solutions are requiring self hosting infrastructure/agents/cloud stuff, having lack of local execution

the tool difference (in comparison to normal CI runners) was suppposed to be easy debugging by having first supported local execution

even more too many words 😭

try use existing CI tools, Github Actions, Gitlab CI, Taskfile.dev, Dagger IO, Tekton CI
you need to try using already existing in order to understand their limitations and what is missing, to get a vision what u can make beyond their abilities

i kinda made the most useless tool ever

How can I widely publish my tools or libraries? When I upload them to GitHub, no one downloads or visits the projects.

I have a Python library called calco that supports a wide range of mathematical operations using pre-built functions written in C. It's highly optimized for performance and delivers extremely fast calculation speeds. There is a ready .whl file available for most systems, and you can download it from the website: https://calcolib.netlify.app/"

https://packaging.python.org/en/latest/tutorials/packaging-projects/ a full instruction for python libs here

python libraries are expected to be installable with pip from official pypi 😏

no one downloads or visits the projects.
popularity depends on

• your project need
• how well it was made / easy distribution
• lucky guess of naming it right
• well documenting it
• advertising about it in articles (i usually do only only up to this step 😄 )
• optionally telling on conferences (could be important step for scientific stuff)
• writing about in community that actually needed it / solving smth with it real, instead of telling through articles and confierences

Yes, you can install it directly from PyPI, but the installation requires some additional steps, which is why I created a separate website

that does not sound too much right. may be it was not packaged well?

C depended libs i used did not have that much of problems with installations.
pip install psycopg2 to build out of source code, pip install psycopg2-binary to install already built one 😏

try to check with people in #c-extensions if it is possible to package it better, for more simple installation as an option

Thanks for the suggestion The library actually comes with a ready .whl for most systems and a full installation guide with just two steps that's why I also made a separate website to simplify the process even more. Still, I'm open to improving it further if needed

https://pypi.org/project/numpy/#files
Numpy lib publishes wheels for different platforms too (as far as i remember it should be C depended lib too)
https://numpy.org/install/
yet they somehow manage to offer installation as simple as pip install numpy
Plus write all those different options

i suspect simplified installation is possible

developed my library completely on my own in less than a month, and yet it's 10 times faster than NumPy. It’s not better in terms of array support, complex operations, or precision, but my library is designed specifically for speed.
You can install it using a single command: pip install calco==1.0.0, and then rename the file to calco.pyd. This renaming step is only needed in rare cases when there are installation issues — most of the time, it’s not even required

In addition, NumPy was developed by specialized teams and has been improved multiple times

Does the website have a link to the source code somewhere?

Now take any projects that use Numpy then with long enough executions, replace it with your lib, and run 100 times executions of it to make research that it is indeed true. Compare with same executions with Numpy.
Measure profiling of it optionally.
And write articles and talk on conferences about it after that. Optionally write articles somewhere like on kaggle.com

"I’ve already done comparisons using scripts that repeat various mathematical operations millions of times and measure the execution time — and the result is that my library is faster.
That’s expected, even if you ask someone from the NumPy team themselves, they’ll tell you it’s normal — because NumPy includes more checks and overhead.
My library, on the other hand, is built purely for speed.
You can download it and try it yourself to see which one is actually faster.

Can you show the source code for the library?

but have u written any articles where people could read that rsearch on their own? Link the articles to main page of the site ^_^
With some pretty diagrams

Anyone can claim that smth is faster than others. People could be needing more convincing for advantages to use another solution

The source release on PyPI is pretty suspicious. It doesn't actually contain the source code, it's just a bunch of pre-built binaries

seems like the bot doesn't like files being uploaded outside of #1035199133436354600

you said that the source code is available on github

Yes, this is the source code
https://github.com/gafoo173/calco

I would definitely be suspicious at the

offering speeds over 30% faster than the built-in math module
claim

• Where are the benchmarks?
• How are your functions different from the ones in math? Why are they faster?
• Maybe the right place for the functions is in the math module? Why not contribute the speedups to CPython?

C:\Users\C-LAB>python "D:\My Projects\LIBS\PYD\Calco\test.py"

🔹 Level 1: Basic Arithmetic

Operation Library Time (s)

Addition math 0.0180
Addition numpy 0.1586
Addition calco 0.0197
Subtraction math 0.0155
Subtraction numpy 0.2185
Subtraction calco 0.0277
Multiplication math 0.0228
Multiplication numpy 0.1952
Multiplication calco 0.0167
Division math 0.0168
Division numpy 0.1576
Division calco 0.0165

🔹 Level 2: Intermediate Functions

Operation Library Time (s)

Square root math 0.0178
Square root numpy 0.1123
Square root calco 0.0158
Logarithm math 0.0192
Logarithm numpy 0.1089
Logarithm calco 0.0178
Sine math 0.0185
Sine numpy 0.1127
Sine calco 0.0203
Exponential math 0.0214
Exponential numpy 0.1075
Exponential calco 0.0196

🔹 Level 3: Complex Expression

Operation Library Time (s)

Complex Expression math 0.1062
Complex Expression numpy 0.6008
Complex Expression calco 0.0994
Complex Expression mpmath 8.3683

If the only selling point of your library is the speed, you should definitely include the benchmarks along with the source code, and advertise the benchmarks as much as possible

the code for the benchmarks as well (you could be measuring it wrong)

also have u measured it using a single execution or as of multiple ones divided by N times?

"These are 100,000 repetitions for each operation written in the benchmark.
This is just one comparison result — I’ve done several comparisons, and the results are consistently similar

This is what I'm getting for square roots on Python 3.12:

In [1]: import calco

In [2]: import math

In [3]: x = 420.69

In [4]: %timeit x**0.5
48.8 ns ± 0.38 ns per loop (mean ± std. dev. of 7 runs, 10,000,000 loops each)

In [5]: %timeit math.sqrt(x)
33 ns ± 0.0999 ns per loop (mean ± std. dev. of 7 runs, 10,000,000 loops each)

In [6]: %timeit calco.square_root(x)
81.3 ns ± 0.18 ns per loop (mean ± std. dev. of 7 runs, 10,000,000 loops each)

can you show the benchmark code?

or maybe check it in to the repo

of course

Click here to see this code in our pastebin.

This is the result I'm getting: https://paste.pythondiscord.com/5IPMEAXNBQB4YHOAM4DNCZY2YY
I'm on Python 3.12.6

This could be due to differences in hardware and Python version — I'm using Python 3.13. Also, keep in mind that math has an advantage because it's built-in, while calco is accessed through an API layer

Anyway, I fully accept that math can be faster in some cases, and calco can be faster in others. I’ve seen that myself in other benchmarks — sometimes math outperforms it. To add more value though, I included additional ready-to-use helper functions in calco that aren’t available in math.

Sometimes pip puzzles me. I'm trying to install an exact version of a dependency:

$ pip install 'the-package==0.4.2'
Looking in indexes: https://our.private.index/comnpany/development/
ERROR: Cannot install the-package==0.4.2 because these package versions have conflicting dependencies.

The conflict is caused by:
    The user requested the-package==0.4.2
    The user requested (constraint) the-package==0.4.2

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip to attempt to solve the dependency conflict

I fail to see the problem here. Could this be due to caching on the company-internal PyPI mirror?

sure looks like a caching issue to me. tho the error itself is odd that it mentions dependency but then lists itself as the conflict. and with the same version. Id say try running it without the local index and see if it works. If you can

hello

yep a caching issue with the inter pypi mirror, pip might be getting stale or incorrect metadata. try instaling without the internal index

pip install 'the-package==0.4.2' --no-cache-dir --index-url https://pypi.org/...

Does anyone know if there is a recommended way to install the minimal required dependencies of a project as listed in pyproject.toml ? I want to enhance my CI/CD workflows to prevents breaking with older versions, and also so I can confidently widen the number of supported dependency versions. For context, this is my current workflow https://github.com/Koen1999/suricata-check/blob/master/.github/workflows/python-push.yml

https://pip.pypa.io/en/stable/user_guide/#constraints-files

https://docs.astral.sh/uv/reference/cli/#uv-sync--exclude-newer

Oh I knew it was a thing somewhere!

If you use uv you can use this: https://docs.astral.sh/uv/reference/cli/#uv-sync--resolution

This is great! I'll try it out

Does anybody know how to render a circle with stats using rich?

Rich doesn't natively support drawing real circles or pie charts. It's mainly designed for rich text formatting, tables, progress bars, and other terminal UI components. If you want to display actual circular charts, you'll need to use a plotting library like matplotlib instead

I have a colleague who hates and screams every time he sees a pie chart. Are you you want circular stats? 😜

I’ve created a simple programming language called RACe 🧠✨ — it can be compiled into multiple languages like C, Java, and Python via dedicated compilers.

The source code and prebuilt binaries are available on the GitHub project 📦

Try it out or contribute here 👉 https://github.com/gafoo173/RACe 💻

But the plotting libraries open up a GUI which defeats the whole dashboard concept, maybe I could do charts or something similar in another way using something rich already has, but I'll have to get creative for that.

Since Rich doesn't support native chart rendering, you can simulate charts using characters, colors, and angles — like in this code

Click here to see this code in our pastebin.

This is real good the only issue would be that I can't put a label in the middle of the category with the percentage.

!rule 6 <@&831776746206265384>

Hey @rapid sparrow , I respect that you want to keep the server clean, but I do want to clarify what I posted wasn’t a promo. I wasn’t pushing a brand, selling anything, or asking for engagement. It was free, educational content I’m building on my own based on a real university syllabus and meant to help others who might benefit from it.

I get that you're enforcing rules, but deleting that kind of post without understanding the intent kind of shuts down genuine contribution too. If everything gets labeled as “promo” just because someone puts effort into something, it discourages people from sharing anything valuable at all.

That said, I won’t post it again if it goes against your policy but I just hope there’s room for nuance when something’s meant to educate, not self-promote.

Hey again @rapid sparrow I just want to correct something before this gets even more distorted. The message wasn’t deleted by moderators. I deleted it myself out of respect for the server rules, once I realized it might be seen as borderline.

That said, the assumptions in your message are way off base and honestly, a bit insulting.

I wasn’t collecting emails, phone numbers, or running some hidden funnel for ads or data. I shared an invite to a separate learning space I created to organize lessons and discussions for people interested in DevOps not to "trap users" or limit access. I’m offering free content that I’ve been developing while learning the subject myself through university. That’s it.

It’s fine if the server has a rule against any kind of external link I get that. But jumping straight to theories about scams, user data theft, or manipulation is a bit much. Not everything that’s organized in a private space is predatory by default some of us are just trying to build focused communities to learn together without cluttering every general tech channel.

I’m not here to argue, and I won’t post anything again. But if we’re going to talk about “BS detectors,” then let’s also talk about how dangerous it is to accuse someone of dishonesty based on pure speculation and no proof. Specially since you are in the field of IT, you should know about this @rapid sparrow .

I’m not pushing this any further, but I do hope future situations like this get handled with a bit more respect and less assumption. Intentions matter and so does how we choose to interpret them.

@rapid sparrow Can you please leave the moderating to moderators?

Hi