Python

Pyscan v0.1.4 | GitHub

Pyscan is the fastest CLI tool to find dependency vulnerabilities in your python projects.

• blazingly fast scanner that can be used within large projects.
• automatically finds requirements.txt, pyproject.toml or, the source code.
• can be integrated into existing build processes.
• In its early stage, thus hasn't been battle-hardened yet.

Install

pip install pyscan-rs

look out for the "-rs" part or

cargo install pyscan

Usage

Go to your python source directory (or wherever you keep your requirements.txt/pyproject.toml) and run:

> pyscan

or

> pyscan -d path/to/src

Pyscan is a tool written in Rust that uses OSV, which is an open source vulnerabilities database, which inspired me to make this tool.

I switched from notebook to labs recently and I'm missing how the notebook name is displayed in notebooks. it seems like the only way to know which notebook I'm in now is through the tab, but if I have multiple tabs open it compresses them.

Is there any extension or something that will display the notebook name (and make it easily editable) like in notebooks?

Let's say I have a context manager that provides a resource that then mutates on exit:

from contextlib import contextmanager

@contextmanager
def context():
    x = ['hi']
    yield x
    x[0] = 'there'

I found that if I want to make another context class that uses this, such that the context (before mutation) is valid, I have to pass it in:

class Example1:
    def __init__(self, obj):
        self.obj = obj
    def use_obj(self):
        print(self.obj)
    def __enter__(self):
        print("start")
        return self
    def __exit__(self, *exc):
        print("end")

with context() as x:
    with Example1(x) as y:
        y.use_obj()

prints:

start
['hi']
end

However, what I don't like is, let's say that obj is an internal detail of my class. I don't want the user to have to define it beforehand and pass it in.

The only way I can figure how to do this is by calling the context manager's __enter__() explicitly:

class Example2:
    def use_obj(self):
        print(self.obj)
    def __enter__(self):
        print("start")
        self.ctx = context()
        self.obj = self.ctx.__enter__()
        return self
    def __exit__(self, *exc):
        print("end")
        self.ctx.__exit__(None, None, None)

with Example2() as y:
    y.use_obj()

which also prints,

start
['hi']
end

For comparison, just as some other random attempt, the following doesn't work because the context ends when self.obj is created:

class Example3:
    def use_obj(self):
        print(self.obj)
    def __enter__(self):
        print("start")
        with context() as x:
            self.obj = x
        return self
    def __exit__(self, *exc):
        print("end")

with Example3() as y:
    y.use_obj()

which prints,

start
['there']
end

Okay, so my point is that Example2 is the right solution here. But, it's really ugly. So my question is, is there a better way to write Example2?

I'm setting up a new laptop and considering which of the (many) environment managers to use this time around. My standard has been miniconda, since a big plus for me is the ability to set and download specific python version for different projects all in one tool. I also quite like having global access to different environments (i.e. environments aren't tied to specific projects). I typically have a standard GenDataSci environment always available for initially testing things out, then if I know I'll be continuing as a single project I'll make a stand alone environment for it.

But I've also used poetry for tighter control and reproducibility when I'm actually packaging to publish on PyPI. Hatch looks interesting as well but I can't tell if it includes the ability to have separate python version installs for each environment.

What workflows and managers are people using now?

Brendan Metcalfe's intro series to list comprehensions is one of the best I've come across. In addition to showing how to use them, he compares it to other similar methods and shows why LCs can be more effective. Wanted to share his stuff here.

cross-posted from: https://programming.dev/post/21515

Some surprising, but valid, python syntax examples.

I’m looking for some conference talks about python that I could watch during some downtime at work. Give me your favorites!

I have a large object that I want to save to the disk because it takes a minute to generate. The OOM reaper kills the process while pickle.dump ing the object.

It's a tuple of dicts of tuple of array.array.

Can pickle dump in chunks? If not, is there another technique I can use?

Some neat tricks for using Makefiles with Python that I hadn't seen before. The one I have seen, having a help target, has been super useful in team environments and for debugging when used with variables.

SciPy 2023 is looking for reviewers

(there is a discussion about this post here https://news.ycombinator.com/item?id=34787092 ...)

Here is the paper: https://arxiv.org/abs/2209.06909

Here is tbe code: https://github.com/sebawild/powersort

what's new