#360: Removing Python's Dead Batteries (in just 5 years) Transcript
00:00 Python has come a long way since it was released in 1991.
00:03 It originally released when the standard library was primarily the totality of functionality
00:08 you could leverage when building your applications.
00:10 With the addition of pip and 368,000 packages on PyPI, it is indeed a different world where
00:18 what we need and expect from the standard library is not the same.
00:22 Brett Cannon and Christian Himes have introduced PEP 594, which is the first step in trimming
00:28 outdated and unmaintained older modules from the standard library.
00:32 Join us to dive into the history and future of Python's standard library.
00:36 This is Talk Python To Me, episode 360, recorded March 29th, 2022.
00:56 Welcome to Talk Python To Me, a weekly podcast on Python.
00:59 This is your host, Michael Kennedy.
01:01 Follow me on Twitter where I'm @mkennedy and keep up with the show and listen to past
01:05 episodes at talkpython.fm and follow the show on Twitter via at Talk Python.
01:10 We've started streaming most of our episodes live on YouTube.
01:14 Subscribe to our YouTube channel over at talkpython.fm/youtube to get notified about upcoming
01:19 shows and be part of that episode.
01:21 This episode is sponsored by Microsoft for startups founders hub.
01:26 Check them out at talkpython.fm/founders hub to get early support for your startup.
01:32 And it's brought to you by Fusion Auth.
01:34 Your authentication and authorization platform built for devs by devs.
01:39 Check them out at talkpython.fm/fusion auth.
01:43 Transcripts for this and all of our episodes are brought to you by Assembly AI.
01:46 Do you need a great automatic speech to text API?
01:49 Get human level accuracy in just a few lines of code.
01:52 Visit talkpython.fm/assemblyai.
01:56 Brett, Christian, welcome to Talk Python to Me.
01:59 Thanks for having us.
01:59 Yeah.
02:00 Thank you.
02:00 First time for me.
02:01 Yeah, Christian, it's great to have you here.
02:03 That's super.
02:04 And Brett, I think you may have been on before.
02:06 Memory recollects.
02:07 Yes, I have been on.
02:09 I have been on previously.
02:10 I love having you on.
02:11 It's always fun to talk about stuff.
02:12 And it always seems like somehow we touch on WebAssembly.
02:15 I think one of the very last conferences I went to was PyCon and we recorded like on the
02:21 expo floor talking about WebAssembly.
02:23 So maybe we'll find a way to get back to that.
02:24 I do remember that conversation very distinctly, actually.
02:26 Yeah, that was fun.
02:27 Even though you've been on a lot, maybe just real quick, tell people about yourself.
02:30 You've been Python core deving for a long time and something to do with VS Code and Python
02:36 as well.
02:36 So tell people about that.
02:37 Just stuff.
02:38 Yeah, just keep it short and sweet.
02:40 I am the dev manager for the Python experience in VS Code at Microsoft.
02:44 I have been a Python core developer for 19 years.
02:48 And I've been a member of the Python Steering Council since its inception back three and
02:54 some odd months ago, I think.
02:57 I don't even keep track of when that started.
02:58 Yes.
02:58 And that's me.
02:59 Awesome.
02:59 Christian, how about you?
03:01 Tell people about yourself.
03:01 I work for Red Hat.
03:03 You may have seen that.
03:05 So first...
03:06 You have a Red Hat and you work for Red Hat.
03:08 That's awesome.
03:08 Yeah.
03:08 At Red Fedora, by the way.
03:10 So I work for Red Hat in the security engineering department.
03:13 I work on something that could be easiest to describe as an open source implementation of
03:19 Active Directory.
03:21 And currently working on just containerizing all the things and getting that up to the internet.
03:26 So that's a fun one.
03:28 As part of my security work, I also do security for CPython.
03:31 So I take care of some of the models and I'm part of the security response team.
03:38 Been in quite a while for the, I think, 14 years, give or take, probably.
03:44 A long time, eventually.
03:45 So I started doing Python like 20 years ago.
03:47 That was fun.
03:48 Awesome.
03:48 Yeah.
03:49 Anything else you want to know about me?
03:51 No, I would just like to say thank you on behalf of everyone for not, for keeping our
03:56 machines from getting rooted because we're running Python web apps.
03:59 That's pretty awesome.
03:59 You're welcome.
04:00 Seriously, though, how often are there meaningful security problems in CPython?
04:06 I know that one of the big talking points about moving away from Python 2 was like, well,
04:11 if you don't come along for the ride, you're not going to get security updates.
04:15 But how often is that a big problem, really?
04:17 How often are there problems where our CVE is filed?
04:20 You're like, oh, we got to jump on this and quickly get it out before.
04:23 The last version of Python that came out before we had the emergency release for the bugfish.
04:27 So the 3.10.2, I think, had like 11 or 13 CVEs.
04:33 Although only one that directly affected was in the Python code.
04:37 So we also ship a bunch of extensions.
04:40 Like we ship a library to pass XML that had like six or eight CVEs.
04:45 We had a Zlib fix.
04:46 We had something else.
04:48 So it's not just Python core that's affected.
04:51 But since we bundle and ship several libraries with CPython, especially Windows and the Mac installers,
04:58 you may be also affected.
05:00 If you have Linux distros, they typically have their libraries debundled and use system libraries and they update them out of bounds.
05:08 But yeah.
05:09 Okay.
05:09 Well, that's actually more than I realized, to be honest.
05:13 You don't hear too often about it being a big public problem, like log4j or something like that.
05:18 Yeah.
05:18 I'd say typically the CVEs we end up dealing with is the bundling that Christian mentioned, right?
05:23 Like Christian does a lot of work to make sure we're constantly compatible with the newest versions of OpenSSL.
05:27 So for instance, on 2.7, had you not moved over, you're going to have to do the work to be able to use OpenSSL.
05:33 I think 3 is the newest one or the one coming up.
05:36 So that's the real kind of concern and less of we screwed up as core devs and we have a nasty CVE.
05:43 It's usually something we depend on that typically triggers this kind of thing.
05:46 Thank goodness.
05:47 Interesting.
05:48 Yeah.
05:48 Yeah.
05:49 All right.
05:50 Well, speaking of the standard library and stuff, let's start out by talking about Python just on GitHub,
05:58 because I think maybe the time of yours releases, it might be already a week old.
06:03 But Brett, you were one of the big proponents of moving CPython and the Python organization over to GitHub, right?
06:09 Yeah, I drove that move.
06:11 Thank you.
06:11 That's awesome.
06:12 It's so nice to be over there.
06:14 But one of the challenges has been that bugs.python.org has kind of been its own island, especially since this move, right?
06:21 Yeah.
06:22 So when I helped move us off of Macarial to Git and thus moved us to GitHub for pull requests and stuff,
06:30 I basically had to choose my battles.
06:32 And the battle I chose was changing our version control system and no longer self-hosting our version control system.
06:40 I was not up mentally to the challenge of also trying to move the development team over to a new issue tracker as well.
06:49 So I purposely punted on that problem and tackled the one I thought I was capable of handling and dealing with.
06:56 And that's why we ended up with this somewhat split personality problem of Python being on GitHub for pull requests and for code hosting, but not for issue tracker.
07:04 Well, Ido said yesterday, I believe it was yesterday, maybe the day before yesterday on Twitter that, hey, it's happening.
07:10 The bugs, python.org is migrating over and then it got delayed until April 1st.
07:16 So hopefully that happens really soon.
07:18 But what was really surprising to me was just how long that migration is, right?
07:23 It's not like a copy the files over, get in it, get commit or the equivalent of the for the issues.
07:30 It's days to migrate all the issues.
07:33 Yeah.
07:33 So there's tricky parts to this.
07:35 I mean, one is we're getting internal help from GitHub, but obviously it's not common to move issue trackers into GitHub per se.
07:44 Like a lot of projects, I think, just start on GitHub and have for like a decade.
07:48 So the idea of moving over is kind of a new thing.
07:52 And on top of it, not very many projects have the volume of issues historically to move over that we have, right?
07:58 Like we have like 7,000 open issues, I think, alone.
08:02 So the volume there also kind of causes an extra overload.
08:08 And because GitHub, as I said, they have some internal tooling for this, but it's not like something that they work on month over month.
08:14 It's there and we're using it, but it's not optimized because it's just not a typical business concern, which I mean, totally makes sense, right?
08:21 How often do you have a project of our size and age wanting to migrate over like this?
08:26 Just for the numbers, so we have almost 59,000 bugs in total on the bug tracker.
08:32 Yeah.
08:32 And almost 8,000 open.
08:34 Yeah.
08:34 7,000 some hundred.
08:36 Yeah.
08:36 And trying to translate over as much metadata as possible is computationally expensive, right?
08:45 Because what we have to do is we have to generate a dump and then the dump has to get...
08:48 It's a different data model, right?
08:49 And it's a different day model on top of it.
08:51 Correct.
08:51 So, for instance, one of the reasons this took so long was we had to first decide we wanted to do this, convince people that we should do it, find someone.
09:02 It was at Summelade initially to come in and kind of figure out how to map things and get things working.
09:07 And then earlier this year, we had Wukash step in and help out as well as the developer in residence to help push this over the finish line.
09:15 And on top of all that, having to process all that data, export it to the right format, and then have GitHub's tools pull it in and not cause a strain on their system.
09:24 Because, I mean, this is a lot of data to suddenly dump in and have to replicate across their entire cluster, right?
09:30 So, there's a reason why it takes so long.
09:32 And we also don't want to have it happen during...
09:35 Because we're probably going to be run at a low process priority, which also means we want to do it on a Friday in the afternoon so that it's over the weekend and not when GitHub gets hit the hardest.
09:46 So, there's a lot of coordination going on.
09:48 And as we all know, GitHub had some stability issues the other week.
09:51 And so, they just said, can we just wait until a little later to make sure that Sol's good and solid and everything looks good.
09:58 So, the plan is April 1st.
09:59 Excellent.
10:00 Very exciting.
10:00 And we also have a good track count to actually break GitHub.
10:04 I'm not sure if anybody interviewed the live stream.
10:07 Pablo's changed the master branch to main branch to rename the default branch.
10:13 But, yeah, we broke GitHub.
10:15 And it took a while to recover from that, too.
10:18 So, since our repos are so gigantic.
10:20 So, we started with ZVS, then moved to SVN, subversion, then went, recorded all this stuff to Mercurial,
10:29 and then to Git.
10:30 And I'm not sure how many revisions we have in the tip, but it's gigantic.
10:36 So, just to be ultra clear here, thanks to GitHub for working with us directly.
10:41 And actually, they donated money to help us make this all happen.
10:44 So, they've been really great partners in all this.
10:46 Thanks to Ezio for getting this started.
10:48 Marietta for the initial pep, by the way, and even starting this conversation.
10:52 And for Rukash to stepping in and helping get it finished.
10:56 Yeah, definitely a team effort.
10:57 A lot of people involved, and thanks to all of them.
10:59 So, Tushar out in the audience is joking, is this why GitHub has been crashing the whole
11:02 week?
11:03 But, Christian, you were joking, like, maybe, is this actually, did you guys actually cause
11:06 problems?
11:07 Not that I know of, specifically.
11:08 Yeah, okay.
11:09 But I also, yeah, not that I know of.
11:11 Yeah, okay.
11:11 I hope not.
11:12 I apologize to the world if we did, somehow.
11:14 Well, it wouldn't be the first time.
11:16 There's been other outages and other crazy things.
11:19 Yeah.
11:19 And unfortunately, at our sites, we would not be the first time.
11:21 Yeah, for sure.
11:23 I think there was a huge DDoS attack not too long ago.
11:27 Anyway, also, Kim out in the audience asked, assuming there are usernames and email addresses
11:30 on the original issue.
11:31 So, like, how much did you all care about having fidelity across those?
11:36 And, you know, this could have been an opportunity to just say, you know what's awesome?
11:39 Command A, archive in your inbox.
11:42 To just kind of catch up and be okay.
11:44 Like, you could have just dropped it and said, we're just going to start over.
11:46 And if it's important, it'll find its way here.
11:48 And if it's not, then it wasn't.
11:49 Yeah.
11:50 I mean, there has been talk about this.
11:52 There's varying opinions on how important the digital archives are.
11:57 Like, do we need to move all the closed issues over?
11:59 Should we only move open?
12:00 Like, we actually discussed this when we were looking at potentially up to a week to do the
12:05 migration versus the two or three days it's actually going to take now.
12:08 So, but everyone has different opinions of how important the history is.
12:12 To specifically answer the question, though, from the audience about usernames, as long as
12:16 you have your GitHub username attached to your bugs.python.org account, that should map over.
12:21 And you've got until April 1st to get it in there?
12:24 Yeah.
12:24 I don't remember if we map email to email.
12:28 There might be some privacy issues.
12:30 I can't remember where that all landed.
12:31 Like, lawyers were consulted.
12:33 And I was out of the loop on those.
12:35 But I believe if you at least have specified your GitHub username on bugs.python.org, we will be able to do the map.
12:40 Yeah.
12:40 Fantastic.
12:41 All right.
12:42 Well, thank you both for the update on that.
12:43 It's not exactly why we're here, but it's so timely.
12:46 And I think, you know, you're both involved in it and stuff like that.
12:49 So quite cool to see it coming along.
12:50 I personally really think that it's fantastic that CPython is on GitHub.
12:55 I know it's not that different if it was, say, self-hosted Git or GitLab or even Mercurial or SVN.
13:02 But there's just something about it.
13:04 It seems more open to contributors given just sort of the status of GitHub where a lot of people seem to hang out and the whole PR flow and those kinds of things.
13:12 That was part of the motivation.
13:14 Somewhat ironically, we actually had to teach a bunch of core devs how to use GitHub as part of the migration.
13:18 Because, I mean, to be fair, some decent chunk of the core devs don't contribute to other open source.
13:23 I mean, Python alone is a big enough of a project that it absorbs a large chunk of your time.
13:27 So they just didn't have to know how to do any other open source development for a different project other than however Python did it.
13:34 And if we weren't on GitHub, they just didn't have a need to.
13:36 Plus, we also did the move a while ago.
13:39 So I think it's coming close to a decade at this point.
13:42 So it was also a different time.
13:47 This is a great question of Talk Python to me is brought to you by Microsoft for Startups Founders Hub.
13:50 Starting a business is hard.
13:52 By some estimates, over 90% of startups will go out of business in just their first year.
13:57 With that in mind, Microsoft for Startups set out to understand what startups need to be successful and to create a digital platform to help them overcome those challenges.
14:07 Microsoft for Startups Founders Hub was born.
14:10 Founders Hub provides all founders at any stage with free resources to solve their startup challenges.
14:16 The platform provides technology benefits, access to expert guidance and skilled resources, mentorship and networking connections, and much more.
14:25 Unlike others in the industry, Microsoft for Startups Founders Hub doesn't require startups to be investor-backed or third-party validated to participate.
14:34 Founders Hub is truly open to all.
14:37 So what do you get if you join them?
14:39 You speed up your development with free access to GitHub and Microsoft Cloud computing resources and the ability to unlock more credits over time.
14:47 To help your startup innovate, Founders Hub is partnering with innovative companies like OpenAI, a global leader in AI research and development, to provide exclusive benefits and discounts.
14:57 Through Microsoft for Startups Founders Hub, becoming a founder is no longer about who you know.
15:02 You'll have access to their mentorship network, giving you a pool of hundreds of mentors across a range of disciplines and areas like idea validation, fundraising, management and coaching, sales and marketing, as well as specific technical stress points.
15:16 You'll be able to book a one-on-one meeting with the mentors, many of whom are former founders themselves.
15:21 Make your idea a reality today with the critical support you'll get from Founders Hub.
15:26 To join the program, just visit talkpython.fm/founders hub, all one word, no links in your show notes.
15:32 Thank you to Microsoft for supporting the show.
15:34 So let's start by maybe talking about, speaking at different times, let's talk about the standard library from, maybe you guys could approach it from a historical perspective to start.
15:47 Because we're going to focus on stuff that's in there that maybe should be removed and the benefits of taking it out and stuff.
15:54 But when it got put in, it seemed like a good idea.
15:57 So when I think about Python, one of the key phrases I hear, I don't know its origin, but the batteries included story, right?
16:05 Python comes with batteries included and then its frameworks did like Django and so on.
16:09 And it's a huge selling point, right?
16:11 This is a language that has a bunch of support built in, right?
16:15 Yeah, so the rough history, for those who don't know, Python went public February of 1991, right?
16:21 So 32 years ago, it's predates Linux, right?
16:26 Like it's really crazy when you look at the history of when projects came out, how long Python's been around.
16:30 But the other thing to think about is who was on the internet or the World Wide Web even in 1991?
16:36 Like who even had internet or even a modem back then?
16:40 And so what that led to was people contributing things to Python that Guido would look at and go, oh, yeah, that's useful.
16:48 And then just pull it in and put it in the standard library.
16:50 And it grew and grew and grew.
16:52 And then at some point in the 90s, like there was a website called the Vaults of Parnassus, which had animated GIFs of wall sconces with little candles with the flickering, whatever, like totally a bit like you can imagine what this is like.
17:04 It's back in GeoCities days, right?
17:06 And that's where you went to get your code.
17:08 And all it was was zip files of Python code.
17:10 There's no concept of wheels or conda packages or anything like this.
17:15 There were literally just zip files of code that you just unpacked and just copied over the directory that contained the other Python code.
17:22 And you just vendored everything.
17:24 There was no there was nothing else.
17:26 And stuff moving stuff around the internet was slow as well back then.
17:29 I mean, a lot of people were on dial up.
17:30 Yeah.
17:30 Like internet made noise back then.
17:32 You were blazing fast with your 56k modem if you were lucky enough to have that, right?
17:36 So that meant that it was really hard to find high quality code out there, right?
17:44 And getting done and put up and all that.
17:46 So things just kept getting added and added to the standard library.
17:49 And it kept getting bigger and bigger and continued to be useful.
17:52 And it was just a different time, right?
17:54 Like, hell, not even everyone in the internet even had a web browser, right?
17:59 Like I remember when I first got on the internet.
18:00 Right.
18:01 I mean, didn't Mosaic come out in 93?
18:04 Yeah.
18:05 And actually, one of the very first graphical web browsers was Grail written by Guido in Python, right?
18:10 Like if you go look up the history, right?
18:12 It was like, I think Guido missed being the first graphical browser for like months or something crazy.
18:17 There's a weird history in Python in terms of early web.
18:21 But what this all led to, right?
18:23 Like, and I remember, by the way, when I first got on the internet, it was Usenet and Gopher.
18:27 It wasn't even the worldwide web, right?
18:29 That was still AOL days back then, for those of you who can date yourself based on that knowledge.
18:34 Usenet, Gopher.
18:34 Yeah, it was a different time, Michael.
18:37 It was a bit of a sidebar.
18:38 Like, things were so basic back then.
18:41 But at the same time, there was so much like imagination for what could be, I think.
18:45 Because so much of it was unmaterialized.
18:47 And you're like, ah, I can see where this is going to go.
18:49 Yeah.
18:49 And internet was even much more expensive in Germany.
18:52 So I know that until, so I was lucky, I went to university in 2000.
18:57 But before, when I was living with my parents, I had to pay the internet by the minute.
19:03 So local calls, so we're not free in Germany.
19:07 You had to pay for them.
19:08 And I know that like end of 99, I was lucky.
19:12 I paid like several hundred a month to have like a free, like a persistent internet connection.
19:22 Very persistent.
19:23 But I used the only phone line we had, but I didn't have to pay by the minute.
19:26 But I paid like in bulk.
19:28 Right.
19:28 It's super expensive.
19:30 That's why lots of people.
19:32 So I started actually using mailboxes.
19:35 So I dialed in mailboxes.
19:37 Right.
19:37 And they're like this weird concept that you were sending messages.
19:40 You push the message and later in the night, the mailboxes would call other mailboxes.
19:45 They do this Unix, Unix copy to copy the like the messages around.
19:49 And next day you receive the message from a friend who was living like in a different city.
19:53 Yeah.
19:53 I remember that was amazing.
19:54 Like all the backends that would just kind of sync up.
19:57 And it was like sort of this distributed, like the PBS world and some of the other stuff.
20:01 Yeah.
20:01 So it made a lot of sense back in the days to have all the useful bits and pieces in Python.
20:08 So that's why the library was so big.
20:11 And so we have just Python code.
20:13 It was easy.
20:14 But we also have lots of C code and C extension.
20:17 And these were really complicated to compile and build.
20:20 So you had to like make files and figure out which compilers and libraries you need.
20:25 And building things for Windows was super painful for the Windows people that they had to get the right compiler version.
20:34 They had to figure out their VC vars bat setup.
20:37 Yeah.
20:37 And each Python version had like its requirements for different like Visual Studio versions.
20:42 Yeah.
20:43 So I think that's, you know, people get a sense of the time, right?
20:47 Like at that time, it was amazing for Python to say, as much as we can get into the standard library, it's going to be a benefit to people.
20:55 Because if you need to parse CSS color codes, hex color codes, and it's built in, that's a bonus, right?
21:02 There's not the idea of pip and fast internet and all those things, right?
21:07 Or even disk details, right?
21:08 Like as Christian was saying, compilation was hard enough as it is.
21:11 So getting something in the standard library and ported over to C code for performance was a huge deal.
21:16 So it's not even just distribution.
21:19 It was literally just creating these things.
21:21 It was difficult.
21:22 Sure.
21:23 So it just shows how far we've come, right?
21:25 That these were even problems that we used to have.
21:27 Yeah.
21:27 It's pretty interesting.
21:28 Do you think if Python were designed today from scratch, you know, this is the kind of the language we want, it would be packaged in the same way that it is now?
21:39 Like, would it have a large standard library?
21:42 No.
21:42 So that would be controversial.
21:43 I agree with Brett.
21:45 Yeah.
21:46 Yeah.
21:46 Well, which is why we're friends and why we wrote this pet that we're going to be talking about.
21:50 It would just all be written in WebAssembly.
21:52 Oh, we have friends.
21:54 Thank you.
21:56 We went to a movie together, one of the PyCons of Portland, man.
21:59 Yeah.
21:59 And we are friends on Nintendo Network.
22:02 Yes, on Switch.
22:03 Yes.
22:03 Yeah.
22:05 Look at more recent languages like Rust and Go and stuff.
22:07 They have a much more targeted standard library.
22:10 They're able to lean on the community and people seem fine with it.
22:13 And I think that's a key thing is we get to learn the less.
22:17 People have gotten to learn lessons from us, but we also can learn.
22:20 We would have been able if we started now to learn lessons from other people.
22:23 And I think that'd be one of them is targeted standard library that is very tight and very
22:28 targeted, very foreign, very stable.
22:30 And that's much easier to maintain would probably be the good way to go.
22:34 Because it makes getting yourself up and going a lot easier versus, oh, this isn't useful
22:38 until I have this huge standard library, which as a burgeoning project would have been really
22:43 difficult because you had to build a lot of code to make that happen.
22:46 Right.
22:47 I do value having it there, though, at the same time.
22:50 I understand why it would be smaller.
22:52 I just think there would be some use cases that it would be less of an obvious choice to
22:56 use Python.
22:56 Like, for example, if I just want to script something on my computer, knowing that it has
23:01 Python means it has all these libraries where as opposed to if you've got to start installing
23:08 dependencies just to get your sort of automation scripts to run, like there's this bootstrapping
23:13 stuff that has to happen.
23:14 Yeah, from a philosophical perspective, we actually don't have a definition of what the
23:18 standard library is, right?
23:20 There is no PEP.
23:21 There is no guidance over what the standard library is now meant for, what it should or
23:26 shouldn't have.
23:27 It simply doesn't exist.
23:28 It's always been previously based on Guido's opinion somewhat.
23:32 And then now that's the steering council, it's somewhat based on just kind of consensus on
23:38 the dev team.
23:38 And that's kind of what the steering council will approve more or less.
23:42 But there is no guidance, right?
23:44 Like, should we make it so that, as you said, that simple automation script for managing
23:49 your computer?
23:50 Should that be, have enough in the standard library to make that happen?
23:54 Should we be able to have a simple HTTP server?
23:59 Right.
23:59 I don't know.
24:00 Should we have Tkinter?
24:01 Right.
24:02 Where is the line?
24:03 And we don't have an answer right now.
24:06 There is a discussion going on right now, actually over on Python Dev discussing this kind of
24:12 thing because there was a proposal to potentially rip out URL Lib.
24:15 I think it was partially done by Victor Center to kind of not get a rise out of people, but
24:20 to kind of spark a conversation.
24:21 And some people are going like, okay, URL Lib was written back in the day when OSes did not
24:28 necessarily ship with the network stack.
24:30 Right.
24:30 And when we could plug into it.
24:32 Would it be better to actually rely on the OS?
24:34 Right.
24:35 Do we really have to have all of that code in there just to parse things and figure things
24:39 out to make the right HTTP requests versus just going to macOS or going to Windows or using
24:43 curl and Linux or any Unix platform really, and just have it handle the request?
24:49 I don't know.
24:50 But I mean, this is the kind of question we're getting into now.
24:53 And we'll probably get to, I mean, we'll talk about later.
24:56 I have one of my infamous Brett's grand plan things around the standard library.
25:01 And this all ties into actually finally into making that decision of what do we want the
25:06 standard library to be?
25:07 So we have better guidance for ourselves as to where it should go.
25:11 And that's what should or should not be in the standard library.
25:13 Now, not to spook people, I don't know if this means we never deprecate anything that
25:17 doesn't follow this policy that's in there now.
25:18 But I would like to, at least as a core dev, know what we want it to be for today compared
25:24 to the cheap shipment model of useful Python code on the internet, pre-internet.
25:31 Right.
25:31 So, and Michael, earlier you asked me about security bugs.
25:35 And so Victor's proposal or Victor's threat on Python dev sparked by a discussion I had
25:42 with Victor on internal communication channels where I pointed out that ULLIP is actually a
25:49 place where we have lots of security bugs.
25:52 And even in very trivial things like to insert like parsing like in URL.
25:58 So something like splitting up the protocol, the host, the path name, the suffix.
26:03 This is not trivial.
26:05 And the way how our internal like parser works, it's written for a more forgiving and more open
26:13 world.
26:14 But people also use the routines, the like real open URL parse to verify and validate potential
26:23 hostile requests that sometimes fails because we are too open.
26:27 We are too nice.
26:29 And so this was one of the other reasons why the discussion should spark.
26:33 It's also a bit related to WebAssembly, but I think we can postpone it for later.
26:38 But there are two interesting interactions with how WebAssembly or the WebAssembly runtimes
26:43 environments work and what's not going to work with ULLIP.
26:46 Yeah.
26:47 And the WebAssembly discussion also comes back to what Brett was talking about for sure just
26:51 a minute ago.
26:52 So defining what is the standard library.
26:54 Do you want to come back as well to that later?
26:58 But let's talk about your PEP.
27:01 Which one of you wants to introduce?
27:03 PEP 594, removing dead batteries from the Python standard library.
27:07 Christian is the original author.
27:08 I just PM'd it to the finish line.
27:11 So I'll let Christian take this.
27:12 Yeah.
27:13 I ran out of steam and Brett just pushed and pushed it.
27:15 Helped me to push it over the finish line.
27:18 Yeah.
27:18 So what's the idea here?
27:19 The idea here is to remove things that are in our personal opinion and maybe with some
27:27 reasoning no longer like super required in the modern world.
27:31 So there are especially some parts that cost us lots of time and energy.
27:38 The interesting or the most relevant library for that is like NNTP.
27:41 So the library to interact with new servers that we've got your information.
27:48 Like Usenet?
27:49 Usenet.
27:49 Yeah.
27:50 Usenet.
27:50 So since we don't have a server implementation of NNTP, so the use standards, only the client
27:57 libraries, we need to use like actual new servers for testing.
28:03 So we need to connect to some servers and do some testing.
28:05 These servers are no longer like stable.
28:08 So we used to use libraries like sites like Gmain a lot or one French new server that was
28:16 stable, but they're sometimes don't work like we expect it to work.
28:21 They're sometimes just not available or the NTP connection fail or get like issues with
28:26 GLS connections.
28:27 And these issues we're having blocked our whole CI chain.
28:31 So when you do pull requests, you run your tests against Windows and Linux on X664 and
28:40 on also MacOS.
28:42 So like think for platforms.
28:45 But once your pull requests is merged, it also kicks off the whole build bot farm.
28:50 There are like 20, 30, 40 different platforms that run the tests host commit.
28:55 Anytime one of the NNTP servers had a hiccup, we have like false alarms and like indicating
29:03 problems somewhere which were not problems with the code or with the test, but rather with
29:08 the infrastructure that was failing.
29:10 And it was one of the motivations while I wanted to remove an NNTP.
29:14 Sure.
29:14 And how often are people depending on that these days?
29:17 One.
29:18 Two.
29:19 Who's maintaining it?
29:20 There was a really interesting list you all have of like, these are the things we want to
29:24 consider to remove.
29:25 There is somebody who understands and maintains it now.
29:28 A lot of them have a no for that, right?
29:30 Yep.
29:31 That's another aspect of this, right?
29:32 It wasn't, it was things that were failing our test suite because the thing we had to rely
29:38 on just wasn't stable enough or available.
29:41 But our parts were just simply no one wanted to step forward and say, I will make sure that
29:48 this keeps working in modern versions of Python and compiler errors are dealt with.
29:53 And I will deal with any feature requests and bug reports and all that.
29:58 Right.
29:58 Because the standard library before this PEP was more, had numerically more modules than
30:04 there are countries in the world.
30:05 Right.
30:06 Like the standard library is that vast.
30:08 And I think, I don't even remember if I even delved into sub sub modules of packages.
30:12 Like I think literally the top level namespace.
30:14 Top level.
30:15 Yeah.
30:15 So there is a aspect here of maintainability of just simply, there are only so many core
30:21 devs to handle the influx.
30:24 Hence why we have 1,600 pull requests that are currently open.
30:27 And at some point you just have to kind of stop and go like, okay, who is benefiting from
30:33 us carrying this forward?
30:34 And how much of a detriment is it to the project to keep it going?
30:37 And some of these things, yeah, it was just a question of, right, is this useful enough
30:43 to the world for us to put the effort into maintaining it and having to make a call on some of them?
30:47 And sometimes no one stepped forward.
30:49 And sometimes some people very much stepped forward and said, I totally rely on this.
30:53 And then it became a question that's like, okay, is it just you that needs it?
30:58 Or is it a large or decent enough size chunk of the community that still needed it that
31:03 it warranted keeping around and continuing to support it?
31:05 Because I did a number crunch the other day of certain sub directories in the Git repo.
31:12 And if you look at just straight code between the standard library and the interpreter, 60%
31:19 of that is standard library.
31:21 Wow.
31:21 Yeah.
31:21 How much does it influence your feeling and opinion about something, whether it has some
31:27 C component or if it's just pure Python?
31:30 Is it easier to keep a pure Python thing around that just is sort of higher level, doesn't
31:35 require as much nuance, or does it not really matter?
31:38 At least for this PEP, I don't think we really took that view specifically.
31:41 The management is more just a side effect almost.
31:45 But this was mainly, as the title puts it, dead batteries.
31:49 So when Christian brought this list up initially, it was, I don't think these are useful in modern
31:54 times.
31:55 Less than, oh, well, this is also written in extension modules, which makes it harder
31:59 to maintain because you can't just ask an average Python developer to come in and help maintain
32:04 it.
32:04 You have to ask someone who knows Python and C extension modules to come in and help maintain
32:09 it.
32:09 It was, that was never the motivation directly.
32:11 Okay.
32:11 Yeah.
32:12 But knowing cross-platform networking code in C is, is technically, I would say, harder than
32:17 knowing standard Python.
32:18 Oh, yeah.
32:18 This portion of Talk Python to Me is brought to you by Fusion Auth.
32:24 Fusion Auth is an authentication and authorization platform built by devs for devs.
32:30 It solves the problem of building essential user security without adding risk or distracting
32:35 from the primary application.
32:36 Fusion Auth has all the features you need with great support and a price that won't break the
32:41 bank.
32:42 And you can either self-host it or get the fully managed solution hosted in any AWS region.
32:48 Do you have a side project that needs custom login and registration, multi-factor authentication,
32:53 social logins, or user management?
32:55 Download Fusion Auth Community Edition for free.
32:58 The best part is you get unlimited users and there's no credit card or subscription required.
33:04 Learn more and get started at talkpython.fm/Fusion Auth.
33:09 The links in your show notes.
33:11 Thank you to Fusion Auth for supporting the show.
33:13 Let's first talk about the status.
33:16 So, accepted.
33:17 All right.
33:18 So, this is happening.
33:19 The first PR to document the modules being removed got committed last week.
33:24 And I now, now you all get to see the curtain pulled behind how Python is developed.
33:30 I'm going to publicly ask Christian to review my PR to deprecate AIFC.
33:34 I know he's busy, so.
33:35 But the first PR to actually, or maybe he reviewed it before the podcast.
33:40 I don't know.
33:40 But the first PR to actually deprecate AIFC, the first module in alphabetical order is now up.
33:46 So, I'll just be cranking through them until beta.
33:49 I feel like I saw in the release notes here that the Python 310.4 was out.
33:55 And this has deprecated various modules according to this PEP.
33:59 Is that right?
33:59 Yeah.
34:00 So, the steering council made the decision that it was useful enough to backport the documentation deprecation.
34:09 So, Python 311, obviously, because that's going to raise a deprecation warning.
34:14 But 310 and 3.9 also document that these modules are deprecated.
34:19 Because we didn't want people coming in in a company where they're on 3.9 at the moment,
34:24 start using these modules, and then be surprised in two years' time or what have you when they upgrade to 3.11 or later.
34:30 And suddenly, oh, this thing I've been using is suddenly deprecated.
34:33 Oh, this went back farther than 3.10, huh?
34:35 Mm-hmm.
34:35 Because 3.9 is still accepting bug fixes.
34:37 Got it.
34:37 So, that's what that means.
34:39 It's purely documentation.
34:40 The code is not changed at all.
34:41 It is literally just, if you go to the module index or any of these modules,
34:46 it will just have a big deprecated term on it.
34:49 Yeah.
34:49 Quick bit of nomenclature, real-time follow-up.
34:52 Mr. Hypermagnetic says, what is pure Python if not CPython?
34:56 Christian, you want to sort of disambiguate the CPython from Python that has C?
35:01 So, in Python, we have models that don't have, like, dedicated C models that are just written in Python code.
35:11 There are other models that have a minotary backend in C.
35:16 Like, if you look at the SSL model, which I maintain, the binding still must have written in C.
35:22 And the public-facing SSL model is FSA and adds on top of the C backend.
35:28 And this we would consider as a non-pure Python package because it requires C code.
35:35 There are also other models we had in the past.
35:39 A lot of the data structures like list and so on, right?
35:42 Yes.
35:42 All the core data types are written in C.
35:44 Yeah.
35:44 But they count.
35:45 They are present always.
35:46 So, we're just talking about, like, things you would import and use.
35:50 Got it.
35:50 I see.
35:51 Yeah.
35:51 Yeah.
35:51 And then we have accelerator modules as well, like Datetime, where they're implemented twice.
35:55 Once in pure Python and once in C.
35:57 So, like, PyPy will use the pure Python version or any platforms that can't compile the C code for whatever reason.
36:04 And then there's the full C version for performance.
36:07 So, pure Python just means the entire chunk of code for that module that you import is written only in Python code.
36:14 There's no C code at all.
36:15 Directly.
36:16 Obviously, what you import can transiently cause that.
36:19 For sure.
36:19 Yeah.
36:19 Christian, what's the idea?
36:20 Are we just going to, just when 3.11 comes out, all the modules are just yanked?
36:24 At 3.30.
36:25 So, 3.11, they will.
36:28 What's the plan here?
36:29 It's not so immediate or so abrupt, is it?
36:32 No.
36:32 It's going to take a couple of years.
36:35 So, in 3.11, you'll get, like, the deprecation warnings.
36:40 I think that's a plan, Brad, to just emit a deprecation warning.
36:45 So, if you would import a model and have the warnings model enabled to show you deprecation warnings,
36:50 then you would get a warning pop-up.
36:52 And even in your CI, turn the deprecation warnings into deprecation exceptions, so into a hard failure.
37:00 And then you see, I would fail and inform you that you're importing something deprecated.
37:05 This will continue in 3.12 and 3.13, the models are gone.
37:11 Right.
37:12 Okay.
37:12 So, that's over, basically, a more or less two-year period because 3.11 is pretty imminent, right?
37:18 Yeah.
37:18 October.
37:18 October.
37:19 So, 3.13 would be October 2024.
37:24 Yeah.
37:24 Sounds far off now.
37:26 I'm sure it's not in practice.
37:27 Yeah.
37:28 And to be clear, if, for some reason, the community really spoke up very vocally across a large swath of people, we might consider postponing.
37:37 I don't think there's anything here we would not yank.
37:39 But if people need, for some reason, more time to move, we might consider holding off.
37:43 But we're fairly confident that most of these aren't.
37:46 And already, honestly, the ones that people really care about are already getting copied and put onto PyPI.
37:50 So, people can totally still get the original code.
37:54 And to be very clear, you're already using code from Python, which means you're already using the Python license, the PSF license for this code.
38:02 So, copying and pasting this code is totally fine.
38:05 And we encourage it if you need this code, right?
38:08 Because it's deprecated, it's not going to be changing.
38:11 Unless it flat out breaks because of some change in Python that requires an update, this code is more or less after this deprecation lands.
38:18 That code is not getting in touch.
38:20 Which means you could totally copy what's in there just prior to the deprecation or what's in 3.10, honestly.
38:25 Because, once again, these modules aren't really being updated.
38:28 These are the ones that are being basically ignored and just dragging along anyway.
38:31 Exactly.
38:31 So, you could totally go in, copy the code over into your own code base, paste it in.
38:37 Save it under the exact same name and it should more or less keep working the same way.
38:41 You'll have to maintain it.
38:42 Yeah.
38:43 So, there's kind of two paths forward for people who are like, no, I really need AIFC audio file parsing or whatever that is.
38:50 One, somebody might decide it's really important and they want the CPython version as a pip installable thing that you can then add back into Python with a dependency.
39:00 Right?
39:00 That could be a possibility.
39:01 Yeah.
39:02 Or, as you just described, you could vendor it, which means just copy the file and you just have a copy of the source code internally and it's just part of your app now.
39:10 Yep.
39:10 Exactly.
39:10 Oh, and IFC has an interesting backstory.
39:13 So, when I posted my first draft of the pap, I got contacted by a lead technical director from DreamWorks Animation Studios.
39:22 They wanted to keep the model in CPython.
39:26 So, Python is heavily used in the movie industry.
39:32 So, if you see any blockbuster, it's probably powered by Python internally.
39:38 Even so far that Python just won a special prize for the animation awards, the annies, what they're called.
39:47 That's right.
39:47 And Guido got that award, right?
39:49 Yeah.
39:49 Basically, the...
39:50 Guido got the physical award and some core devs, including Christian, got requested certificates.
39:55 Yeah.
39:56 And I believe, yeah, Christian's getting his.
39:58 Oh, that's fantastic.
39:59 The UIworks Award, that's the second guy who invented Mickey Mouse, for example.
40:05 So, UIworks and Walt Disney invented Mickey Mouse together.
40:10 Fantastic.
40:11 That's a cool honor.
40:12 And probably an unexpected one from working on Python.
40:14 Christian and I have been doing this long enough that I think I've mentioned this on the podcast.
40:18 When I first got involved as a core dev of Python, I still had to explain to people what Python even was, right?
40:23 Or if I was lucky enough that they knew what it was, they just would go, is that the language where white space matters?
40:28 Right?
40:28 Yeah.
40:29 Yeah.
40:29 Is that the one that's weird?
40:30 Yeah.
40:30 So, it was a totally different time.
40:33 And now we're being used to help power helicopters, help plan flight paths for helicopters on Mars and hunting the video of the lander that made that helicopter take off and processing images of black holes and gravitational waves.
40:50 I just had an interview.
40:52 Your JWST episode that I haven't listened to.
40:55 Yeah.
40:55 Yeah.
40:55 Yeah.
40:55 It's nuts.
40:56 So, no.
40:57 I never thought any of this would ever happen.
40:59 So, yeah.
41:00 Having blockbuster movies have their entire management pipeline for their assets written in Python, it's always mind-boggling where Python is and what it's powering.
41:10 I mean.
41:10 That's cool.
41:11 It's not just all your cat videos and photos on Instagram anymore or videos on YouTube.
41:16 Yeah.
41:17 It's both amazing and par for the course.
41:19 Yeah.
41:20 And I can't believe I just said it's not just Instagram and YouTube anymore.
41:23 We've also been there long enough that people have realized we power huge websites.
41:27 Yeah.
41:28 Absolutely.
41:28 Lots of stuff in the world.
41:29 Yeah.
41:30 No, it still blows my mind constantly.
41:31 Yeah.
41:32 YouTube was originally written in Python.
41:33 I think it's still lots of parts of YouTube are powered by Python.
41:37 Last time I spoke with someone there, it was.
41:41 Yeah.
41:41 Sydney out in the audience has an interesting question.
41:43 Like, so there's a list of things that are deprecated here.
41:45 Some that were threatened but kept.
41:48 You know, they were on the list and then they're just like, ah, maybe not.
41:50 Sydney asked, might there be further removals in the future?
41:54 Maybe.
41:55 Yeah.
41:56 So here's the deal.
41:56 This PEP was done because Christian, I personally think rightfully so, thought we needed to do
42:03 a bit of house cleaning and get rid some stuff that was just kind of just sitting there rotting
42:06 in the corner and not being loved.
42:08 Some things got kept because to keep the controversy low, Christian was very conservative with the list.
42:14 And basically, if anyone stepped forward and said, no, no, please don't take that out.
42:16 That was a core dev.
42:17 It more or less just got left.
42:18 Very few things are on this list that people still pushed back and said, we're removing
42:22 even if core dev wanted to keep it.
42:23 That being said, as I said earlier in this podcast, right?
42:28 Like Brett's crazy grand plan here is, was to help Christian get this PEP done, get initial
42:33 clean done.
42:34 I've started a conversation over on Python committers about how to maintain the standard library,
42:39 right?
42:40 Like what does it take to add a module and to remove a module?
42:42 Because that's actually not very clearly stated either.
42:45 It's been very just kind of open.
42:48 My perspective from the outside of what defines the standard module is just, it's write only,
42:54 like stuff only gets added and it's defined to be what's in the shipping version of Python,
42:59 right?
42:59 I mean, that's kind of an implicit definition.
43:01 Right.
43:01 But how do you get something in there?
43:03 Right.
43:03 Like, did you know that GraphFlip was added by a couple of core devs just because they thought
43:09 it was a good idea?
43:10 Yeah.
43:10 It wasn't, no one asked like the chain counts or anything.
43:12 That's how it's been historically maintained.
43:15 It's very much just an open thing.
43:17 And there's a proposal to kind of make it a bit more structured and you could argue more
43:22 rigid depending on your view of this whole process.
43:24 More modern.
43:26 Maybe.
43:26 Maybe.
43:27 By suggesting that you need a PEP to add something because it's a shared cost to all the core
43:32 devs that we have to maintain it.
43:33 You'll notice I have a slight theme here of maintenance costs.
43:37 Or...
43:38 I have a puppy for you.
43:39 One that's fluffy or one that I'm going to have to pay vet bills for?
43:43 Clean up the poop.
43:45 Might ruin your carpet, but it's also cute.
43:47 So you'll...
43:47 Yeah.
43:47 I've got a cat.
43:48 I'm good.
43:49 I don't know if it's not the joke.
43:50 So I've just watched Brad's keynote from PyCon like three or four years ago.
43:54 I think it was...
43:56 Maybe.
43:56 It was the first one in Cleveland, whichever one that one is.
44:00 I can't remember.
44:01 2018, I think.
44:02 I think it was 18.
44:03 Yeah.
44:03 Once that's settled, my hope is, once again, come up with a policy of what that means for
44:09 the standard library.
44:10 Once we have that policy, there will probably be a discussion about what does that mean for
44:14 the current standard library?
44:14 Do we leave it as is?
44:16 Do we maybe slowly transition over or not?
44:18 I don't know.
44:19 Some people like Lukash, for instance, have advocated never removing anything from the standard
44:23 library ever again.
44:24 And literally just saying, this is deprecated.
44:27 We will never touch it or update it.
44:28 It's dead, but it's sitting here so we don't break code.
44:32 Other people are way more, let's strip it to its bones.
44:35 And if you need this stuff, we'll make it as a separate package or something.
44:40 Some people have talked about keeping it as is, but separating the development process.
44:44 So it's actually an externally maintained thing and it has its own release process and schedule
44:49 and all that.
44:49 The answer is, I don't know, but this is not the first time I've deprecated modules and
44:54 had them removed.
44:54 I was also in a competition with Fred Drake back in the two to three transition to see who could
44:59 remove the most number of lines of code in Python.
45:02 And I won thanks to removing the compiler package.
45:04 So I have been around long enough to say, probably, I just don't know when, just because I will
45:11 never say never when it comes to a project that's 32 years old.
45:14 But there are no specific plans right now outside of this PEP of deprecating and removing anything
45:19 else from the standard library.
45:20 So if that's the question concretely, no plans.
45:23 But philosophically, I am not willing to say anything.
45:26 I never say never.
45:28 Yeah.
45:28 Yeah.
45:28 So one of the things that stands out, let's talk about the modules real quick.
45:32 Then I want to, I want to kind of talk a broader thing because I think it's going to lead us
45:36 down a path.
45:37 So maybe just give us a quick overview of the highlights, let's say, of things being removed.
45:43 I talked about this table here.
45:45 It's under the deprecated modules heading on the PEP.
45:47 And it has a module name, when it's deprecated.
45:51 Some of them are like deprecated in 3.6, when it's to be removed, when it was added, whether as a
45:57 maintainer.
45:57 And interestingly, I thought this was cool.
46:01 There's an alternative that's new or better and maintained that you could just use, right?
46:07 Yes.
46:07 If you look at the table, you'll know some of the stuff's actually been somewhat documented
46:11 as deprecated all the way back to Python 2.0 or 3, right?
46:15 Like you also have to understand some of the stuff got documented as don't use anymore.
46:19 A long time ago, we just didn't take the code out.
46:21 And this is more of a push to actually finally remove the code and the documentation.
46:25 I see.
46:26 But yeah, so we have AIFC, which I believe is the audio format.
46:30 Correct.
46:31 We have async chat and async core, which were very early async server things in the standard
46:38 library that you shouldn't use, obviously, because it's on this list.
46:41 Yeah.
46:41 An alternative is asyncio, which was added in 3.4.
46:45 Yeah, it's actually asynchronous.
46:46 I think the async check, async core were added for Zope back in the days.
46:51 I know that the Zope server used to use async core async check a lot.
46:55 I don't even remember what the hell audio app is.
46:57 Audio app is low level, like conversion.
47:00 And math operations used by IFC, WAVE, and some of the other sound models.
47:05 So this just provides math primitives in C.
47:08 CGI is literally what it sounds like.
47:10 It's helpers to write CGI scripts.
47:12 That sounded like one of the bigger, harder to work with ones.
47:16 Like there's no maintainer.
47:18 It was designed at a different time.
47:20 Yeah.
47:20 And the funny thing, though, is a lot of packages still use bits of it because there's weird
47:26 little helpers in there.
47:27 But if you also go look at what the helpers are doing, most of them are either a one liner
47:32 or they delegate to something else somewhere else in the standard library at this point.
47:35 And they have horrible APIs now because they very much expect it to be CGI.
47:40 All right.
47:40 So they're reading from like environment variables and files to get the things to process versus
47:45 passing them as an argument.
47:46 From STD in and STD out.
47:48 So pretty much hot code STD in and STD out.
47:52 Yeah.
47:52 So there's actual pushback on CGI.
47:54 But I think when we pointed out like this just delegates to here or this is literally a
47:58 one liner that I can paste in when you're in the discussion of what it does, like just
48:02 copy and paste this reject literally and or just whatever.
48:07 Most people, I think, were OK with it.
48:09 This is actually, I think, one of the first modules to get put up on PyPI like a couple
48:12 of weeks ago.
48:13 CGI TV is tracebacks, pretty tracebacks in your CGI code.
48:17 I mean, once again, if you don't have CGI code, you don't need the tracebacks.
48:20 One goes, the other comes with it.
48:21 Yeah.
48:21 Chunk, I think, is literally just chunking data.
48:23 It's literally just breaking up into chunks.
48:25 Not a little bit like editor tools.
48:27 Yeah, I think so.
48:27 If I remember correctly.
48:28 Well, it's a format to distribute files used by mailboxes or so.
48:35 If I remember correctly.
48:36 Yeah.
48:37 I will let Christian talk about crypt.
48:39 Yeah.
48:39 Crypt is a binding to the ellipsis.
48:42 Crypt function is used to password hashing.
48:47 No way around.
48:49 The problem with that is that the only guaranteed algorithm that's available is horrible.
48:53 And if you need some of the better ones, they're probably not available in your libc.
48:58 So there's like optional algorithms for password hashing.
49:02 And even there are problematic.
49:04 So I've used one of these replacement ones.
49:06 So they're much better.
49:08 Like Bcrypt or passlib or anything else that's doing it right.
49:12 Yeah.
49:12 That's great.
49:12 Yeah.
49:13 And image shader is just a very limited approach to detect if you have a PNG, GIF, JPEG, whatever,
49:20 based on the first couple of bytes of a file.
49:24 Just the same with audio headers or sound headers.
49:27 They just detect file formats.
49:29 But they only support a very limited setup file formats.
49:32 And there are better libraries that are more efficient and support much more different file formats.
49:38 Yeah.
49:39 So after image headers, MSI lib, which helps with Windows MSI installers.
49:44 Okay.
49:44 Why do we have this in the standard library kind of question?
49:47 I think we used it originally to help write the installer for Windows.
49:50 And I think we don't use it anymore.
49:52 So it's no big deal.
49:53 We already talked about NNTP lib.
49:56 NIS.
49:57 Who still uses NIS?
49:58 It's on yellow pages.
50:00 Yeah.
50:00 Exactly.
50:01 Do people even know what sun is anymore?
50:04 Right.
50:04 We're getting to that point in our lives.
50:06 I think it's a synonym for Oracle.
50:08 Yeah.
50:08 Exactly.
50:09 OSS audio dev is just a wrapper on an audio library.
50:12 Once again, does that really belong in the standard library?
50:15 Yeah.
50:16 It was used by Linux before they had alt sub, before they had pulse audio and pipe wire.
50:21 So this is like from the old 2000s.
50:25 No.
50:25 Pipes library more or less got replaced by subprocess.
50:28 So it's literally just Unix pipes.
50:30 SMTPD.
50:31 I don't think we need to be able to run a server to send email in Python.
50:34 Standard library.
50:35 So that's why that's there.
50:36 Yeah.
50:37 And there's a IPI alternative.
50:39 Yeah.
50:40 Send header.
50:41 Coach, you already talked about.
50:42 SPWD.
50:43 It's the binding to the Etsy shadow file.
50:47 So that's the place where Linux actually keeps the passwords for users.
50:51 But that's the wrong approach.
50:54 So if you want to log in a user, you don't check the password.
50:57 You ask the PAM stack if the user's allowed to log into a service set.
51:02 Sun.
51:02 Are you is another audio format from Sun?
51:06 So Telnet lib.
51:08 Yeah.
51:08 Telnet.
51:09 Server.
51:10 This was specifically to be a server, not a client of Telnet.
51:13 It's not a client library.
51:14 Sorry.
51:15 The client library.
51:16 So I don't think you have a server.
51:17 But actually, I would have to open the code and read the code.
51:20 UU.
51:21 That was used by UUCP.
51:23 So Unix to Unix copy.
51:25 It's a chunking format to transfer binary data.
51:29 And XDR lab, another Sun library that is the binary format used by NFS.
51:37 And remote procedure calls.
51:39 If you have like Sun remote procedure calls for network fault servers.
51:44 From 1992.
51:45 Indeed.
51:46 There's an interesting high frequency of Sun being mentioned here.
51:51 Yeah.
51:51 I mean, Python used to run cleanly on Solaris right out of the box.
51:54 Yeah.
51:55 And Sun developed lots of internet standards we still use these days.
51:59 Sure.
51:59 For sure.
52:00 So hopefully all the listeners were shocked and had no clue any of these modules existed.
52:04 And hence why we're getting rid of them.
52:05 Where's the threatened list?
52:08 It's down here somewhere.
52:09 The modules to keep.
52:10 Yes.
52:11 So we got ColorSys, FileInput, GitOpt, OptPars, and Wave.
52:16 Those are the ones that avoided being cut.
52:19 Mm-hmm.
52:20 ColorSys, to be frank, is just basic math.
52:25 It's nothing special.
52:26 But CoreDev said, I use it.
52:27 I'll keep it around.
52:28 I'll maintain it.
52:29 Okay.
52:30 Like parsing RGB color.
52:32 Yeah.
52:32 FileInput.
52:33 I don't remember about FileInput.
52:35 I think someone just said, I use it.
52:36 GetOpt and OptParse.
52:38 Where once again, is it worth getting rid of versus AugParse?
52:42 And is it widely used enough?
52:44 And it was just one of these.
52:46 There's just too much code out there right now to warrant working it out.
52:50 So we just said it's easier to keep.
52:51 And Wave plays WAV sound files.
52:55 And basically, it's used by education.
52:59 It's a quick and cheap tool to show kids computers can do fancy stuff like make noise.
53:04 Oh, yeah.
53:05 That's actually really nice if you've got your turtle moving along.
53:08 It could laugh when it gets to the end of its little thing or whatever, right?
53:11 Yeah.
53:11 But I mean, that's another good point, Michael.
53:13 Like, oh, turtle.
53:14 Well, that requires us shipping TK Enter, which requires us shipping Tickle TK.
53:19 And it's just like, where do you draw the line?
53:21 Yeah.
53:22 But it's turtles all the way down.
53:23 You know that.
53:24 Hey, and as someone who learned turtle back on an Apple IIe with a good old green and black screen,
53:31 like, I totally get it.
53:32 But I mean, these are the questions we're starting to ask ourselves, right?
53:35 Like, where's the line?
53:36 Yeah, indeed.
53:37 All right.
53:38 Before we run out of time, let's have a broader philosophical conversation about this stuff.
53:43 You said you have a big plan.
53:45 You know, one of the things that I think is interesting about Python is where it runs in all these different
53:51 places.
53:51 I mean, you've got Mac, Windows, Linux, but you also got Raspberry Pis.
53:56 You've got helicopters.
53:57 You've got robots.
53:58 And then you even have, you know, CircuitPython and MicroPython, where it's like really, really
54:04 small.
54:04 And I do think it would be interesting to say, here is a subset, a portion of Python and a
54:12 portion of maybe even the language syntax that if you program to this, you're guaranteed
54:17 to be able to run it everywhere, right?
54:19 Is there a way to agree?
54:21 Maybe that compiles to WebAssembly and runs in the front end on a browser.
54:24 Who knows?
54:25 So for any of you who read my blog, you'll know I've been doing a long running blog post
54:30 series on the syntactic sugar of Python.
54:32 And part of the reason I've been doing that is I've been trying to figure out what I've been doing
54:38 and I've been doing that.
54:40 I've been doing that.
54:41 what I've been doing that.
54:41 What I've been doing that.
54:42 What I've been doing that.
54:43 What is the core set of Python constructs that must exist to basically reconstitute all the other
54:51 parts of Python and its syntax.
54:52 And kind of if we were to start from scratch almost, what would that look like?
54:57 Now that's interesting from a language level, but from a standard library level that comes
55:02 into play only in terms of support, right?
55:04 Like we dropped this feature, would that break things, right?
55:07 Like name tuple.
55:08 Right.
55:09 Well, for example, does TK intern need to be in the WebAssembly front end version?
55:14 Probably not, right?
55:15 No idea.
55:16 I guess not, but you know, maybe.
55:17 Probably not.
55:18 Yeah.
55:18 I mean, that's the tricky question, right?
55:20 It's always one of these things of who are you optimizing for?
55:23 Who's the target audience?
55:25 How do you define that?
55:26 Right.
55:27 Like other than stuff that we have to have just to make CPython run, nothing technically has
55:32 to be in there.
55:33 Right.
55:33 Some have said, oh, we should have enough to at least bootstrap in pip.
55:37 So if you can at least get pip or some installer in, you can then at least get yourself going
55:44 and start installing dependencies.
55:46 Yeah.
55:46 But as you mentioned earlier, like it's nice to be able to also write that little automation
55:50 script that helps maintain your system and not have to pull anything and have to create
55:53 a virtual environment for every little script you ever write.
55:55 But where's the line on that?
55:57 Yeah.
55:57 When I saw Python on Linux on just like a bare server, I can apt install Python three, but maybe
56:05 that's not enough.
56:06 Maybe I need to also install sometimes Python three dash VE and V or, you know, it's like
56:12 broken up into bits, right?
56:14 The Debian question is a very hot topic with Christian in the room.
56:17 But I personally argue against Debian's policy on that and say VEMV would be considered a core
56:25 part, right?
56:26 I think it's core as well.
56:27 And I wasn't so much picking on VEMV as just like there are environments where it comes
56:31 with in pieces to some degree.
56:35 Okay.
56:35 I need to find the right words to not get into trouble again or to get into.
56:41 Last time I burst a bit uncareful.
56:44 Somebody accused me to wage a crusade against Debian.
56:49 It's a philosophical disagreement.
56:50 Yeah.
56:50 So Debian has the policies to split packages in a smaller part so they can have a minimal
56:58 installation.
56:59 And they also don't like the way how we have like virtual AMP and short pip provided because
57:06 it's actually duplicating code.
57:08 We have like a zip file of binary wheels with compressed setup tools and pip, which contains
57:15 vendor packages.
57:16 Debian wants to use their distribution provided version of pip.
57:21 So this is a conflict.
57:23 Like we from the parts of the core developers, we think that the usability is more important
57:31 here.
57:31 So we want users to be able to use standard documentation instructions to use Python install
57:39 extensions.
57:40 This is more important for us.
57:41 And this is a debate which had like multiple session between Debian engineers and the steering
57:49 council.
57:49 There was several heated discussions.
57:52 And yeah, there are just different philosophical like interactions.
57:56 Got it.
57:57 So, I mean, the key point is, is there are a lot of questions about like, if you start to
58:03 slice and dice the standard library into parts that you can install in groupings, for instance,
58:08 is that truly part of the standard library?
58:10 Or is that just an optional install on PyPI that the core dev team just happens to maintain,
58:14 right?
58:14 Because you can no longer rely on it.
58:16 Yeah.
58:16 I mean, if you went down that path, it would almost be a little bit like the anaconda story,
58:20 right?
58:20 Like here's the essence of what I got.
58:22 But if I install what I normally install, I get more.
58:24 There'd be like a minimum install and like a fuller install, which I think, I don't know
58:31 how I feel about that.
58:32 Well, if it gets me Python on the front end, I'd have to write JavaScript.
58:35 I feel pretty good about it.
58:36 I'm starting to think, I don't know.
58:38 At least for some part, it makes kind of sense.
58:40 So let's go back to Tickinter.
58:42 So Tickinter depends on TK, Tickle TK, which depends on your graphical user interface.
58:49 So X11.
58:50 And if Python would always require Tickle TK, then you would have to install, I guess, like
58:57 100 megabytes of libraries on every container image that has Python because the whole X11
59:03 stack is very big.
59:05 So you get your whole like graphical user interface libraries down to the actual graphical server
59:12 that renders all the output.
59:15 It makes sense that most distros split up to Tickinter and ship that optional package.
59:21 But some distros go a bit further and split off packages that we consider to be core, core packages.
59:29 So the inner core that should be always available and working.
59:34 Like date, time and tuples and stuff like that.
59:37 Yeah.
59:38 Stuff that has no third party dependencies, basically.
59:40 Yeah.
59:41 Okay.
59:41 Interesting.
59:42 What about WebAssembly?
59:44 You guys started actually building for WebAssembly, didn't you?
59:46 Yes.
59:47 Steve Dower pointed out that I don't remember the way to look it up.
59:51 Super easy.
59:52 But that there's sort of a proper core dev version of WebAssembly CPython now.
59:59 It's REPL EASNHS.
01:00:02 I just posted in the chat with the chip one day.
01:00:05 Yeah.
01:00:06 I mean, basically what happened was that the core dev sprints back in October,
01:00:10 I started to look at seeing what it would take to compile CPython to WebAssembly.
01:00:14 And I was lamenting in our build channel on our core dev discord server that, all right,
01:00:20 the build setup was kind of old and creaky and I needed some help to figure out what to do.
01:00:27 And then Christian working for Linux distribution knows how all this stuff works.
01:00:32 And so he started to answer my questions and I did some initial cleanup.
01:00:36 And then Christian really got into it and just totally really started to clean up our entire build process in terms of modules and such.
01:00:43 Because there's a setup file in the repo where you can specify what modules you do or don't want built in to Python,
01:00:50 both compiled it all into like a .so or DLL, compiled into statically into the binary or just completely left out.
01:00:58 And Christian went through with some help with Erland, I think, actually, and cleaned up, you know,
01:01:04 cleaned up a bunch of the whole structure so that we were using more of PKG config and just made it just a bit more modern.
01:01:11 And while he was doing that, Christian would bring up stuff about like cross compilation,
01:01:15 because that's another thing we do is you do a cross build, right?
01:01:18 You can build, I mean, you can totally build on your Mac right now, Michael, 4x86 64 bit, even though you're running an M1.
01:01:25 Oh, interesting.
01:01:26 Right.
01:01:26 So it's just flags.
01:01:27 That's pretty wild.
01:01:28 Yeah.
01:01:28 But the way you get WebAssembly building that way is you just specify typically in script in the as a C compiler,
01:01:35 which basically is clang and you just specify.
01:01:38 And basically under the hood, it's more or less just specifying the right flags and everything to just make clang build for a different CPU target.
01:01:44 And then Christian was starting to talk about like, oh, well, for cross builds, can we do this and that?
01:01:48 And I kept saying, no, it won't work for WebAssembly because of this and won't work for WebAssembly because of that.
01:01:52 And then Christian just looked into it and was like, oh, I'll use this as a motivator.
01:01:55 And then Christian just ran with it.
01:01:56 And Christian figured out all the problems and just got really into it.
01:01:59 And it's been patching CPython's main over and over to the point that as of, I don't know, less than a month ago.
01:02:06 So for two weeks now, we can run the entire test suite without any failures.
01:02:10 Yeah.
01:02:11 On WebAssembly.
01:02:11 Yep.
01:02:12 Cleanly.
01:02:12 Inside Node.js.
01:02:15 So you compile the, so these are a bit earlier.
01:02:20 So when you build Python for WebAssembly, you have to not only tag WebAssembly, but also like the runtime.
01:02:28 So these things are called triplets, so platform triplets.
01:02:32 So you have like which CPU you target, which vendor and operating system and additional flags like GDBC.
01:02:42 And default target is a WebM32 mScripten.
01:02:46 So you do compile to WebAssembly with CPU instruction for 32 bits.
01:02:51 And mScripten is the runtime platform.
01:02:54 And mScripten can target multiple like different platforms.
01:02:59 So this is mScripten for the browser, but you can also compile it that it uses Node.js backends and Node.js like file system access.
01:03:07 So we can actually.
01:03:08 Oh, you probably have more permissions and more capabilities.
01:03:11 You can run threads, you can run sockets in a limited way.
01:03:14 That's fantastic.
01:03:15 And you can access the file system.
01:03:17 And so it was a process of running the test suite, figuring out why it's crashing.
01:03:22 So we had in the beginning like this completely like really crashing the runtime.
01:03:26 Not just itself, but there's like a virtual kernel layer written in JavaScript that provides syscalls written in JavaScript to the WebAssembly model.
01:03:38 It's a bit weird.
01:03:40 So I was writing kernel-like code in JavaScript and the unit test code for that in C.
01:03:47 So that's mScripten.
01:03:48 Very cool.
01:03:49 Yeah.
01:03:49 So this REPL.EthanHS.me, which I'll put in the show notes, it's got my mScripten version of Python 3.11.
01:03:58 And I can do fstring stuff and the thing that's right here in the browser.
01:04:03 Hasn't been updated in a while.
01:04:04 It's a bit old.
01:04:05 Need to talk to Ethan.
01:04:06 It's like six weeks old.
01:04:08 That's old for the web, I guess.
01:04:09 Well, I mean, we have a cron job running on Ethan's GitHub repo for this that runs nightly against Python.
01:04:17 Cpython itself to make sure it continues to compile.
01:04:20 We need to get a build bot going.
01:04:22 I've got Microsoft's degree to fund one via Azure.
01:04:26 And just we have to get it to, I haven't talked to Christian about it yet, but we'll figure out getting a build bot going.
01:04:32 And then we're, I, part of one of Brett's crazy grand plans around Python WebAssembly is we're defining an official platform support for Cpython right now for in PEP 11.
01:04:44 And my hope is we're going to get it so that Christian and I are listed as the maintainers of the WebAssembly support in Cpython.
01:04:52 And we'll get it listed as an official tier two, what we're calling tier two supported platform, which basically means it's backed by two core devs, at least, and a build bot.
01:05:00 But the idea of tier one is something the entire core team supports and is based on continuous integration.
01:05:06 That's really exciting.
01:05:06 Yeah, well, one of the actually nice things about WebAssembly is we could theoretically even get that to a tier one because WebAssembly is an abstracted assembly language, but it's not CPU dependent.
01:05:16 So we could actually compile it on GitHub actions and test on that just as equally as Mac, Windows, or Linux and have it still be fully tested and work on CI.
01:05:25 And I mean, you can take this idea really far, right?
01:05:28 Like suddenly we could start having executable code examples in the documentation for Python because we've got a runtime now.
01:05:34 We can literally make that work.
01:05:35 Yeah, because yeah, you don't have to worry about security or compute costs because it's in your browser.
01:05:40 You hack yourself and it's your compute.
01:05:43 Right.
01:05:43 Selfishly for me at work, when this works, I can start talking about shipping the node version of this with the Python extension for VS Code or as its own extension.
01:05:51 So like you don't have Python installed?
01:05:52 Install this other extension that's going to come with Python compiled to WebAssembly and you'll just have it.
01:05:57 Or VS Code.dev browser version.
01:06:00 We could potentially start shipping that with VS Code.dev and have the Python extension pull that in.
01:06:06 And now you'll even have a runtime in the browser that ties into what I think is a nice editor.
01:06:11 So there's a lot of possibilities here that we really want to get going with.
01:06:16 And then when you start talking about WASI, right, then you start to get to edge compute.
01:06:20 Christian just got that working like literally, I think, last week.
01:06:24 I don't know where it stands yet.
01:06:25 Working again.
01:06:26 So the first version was like hacking and patching lots of things out.
01:06:31 Oh, yeah.
01:06:32 All the P thread work.
01:06:32 Yeah.
01:06:33 And the new version like a week ago was using a library from a company that's also working on Python support.
01:06:41 They're like stubs and hacks.
01:06:43 Single store labs, right?
01:06:44 Yeah.
01:06:45 Single store labs.
01:06:45 Yeah.
01:06:46 So WASI is even more restricted and limited compared to what was in MScript then.
01:06:51 So you don't have any support like for threading, but you can't compile Python without at least the threading library headers.
01:06:58 And they just had like book arounds for that too.
01:07:02 So you can't spawn a spread.
01:07:03 So if you try to start a thread who just failed, at least you have enough like of the CIPA available to compile Python for bits and bits.
01:07:12 That's super exciting.
01:07:14 Just to be clear on that, it's not a completely new effort.
01:07:17 There's actually a productive version of Python for Rep Assembly in the browser called Pyodide.
01:07:23 Yeah.
01:07:24 And which is also now used by Jupyter Lite.
01:07:28 So Jupyter Lite is Jupyter Notebooks on top of Pyodide.
01:07:33 Yeah.
01:07:33 Jupyter Lite's looking really interesting.
01:07:35 Yeah.
01:07:35 Yeah.
01:07:36 And we actually met with the Pyodide team and more or less what we came to an agreement seems a little weird to phrase it this way.
01:07:44 But basically an agreement where we will keep trying to make it so that the main branch in CPython can compile cleanly to WebAssembly.
01:07:51 And that frees them to focus on JavaScript API to tie into it and on getting the scientific stack compiled over to WebAssembly because you have to do some hacky bits.
01:08:03 Right.
01:08:03 Because you got to compile like matplotlib and stuff because it's got C in it.
01:08:07 So you got to compile it over there.
01:08:08 Or I don't know.
01:08:08 Some of those like NumPy definitely.
01:08:10 Exactly.
01:08:10 Because traditionally they had to do all the patches and all the work every Python release to get it working.
01:08:15 And Christian and I are just in a better position to be able to keep that up and going.
01:08:18 So we just said, let us handle that part.
01:08:20 You don't have to worry about patching anymore.
01:08:22 You can focus on the stuff that's more unique to WebAssembly and what you're able to be good at over there.
01:08:27 So that's kind of where we're divvying up the workload here is we're just going to keep main working.
01:08:32 And then they get to stop worrying about that once they start worrying about Python 3.11.
01:08:35 So one of the first things that Ethan and I did just we took the patch that's that were developed by pilot developers and adjusted them and made them compatible.
01:08:45 So we can actually merge them and have them in the upstream code.
01:08:48 So a lot of their patches was just replacing things, but not in a way that would work if you would build the same source code for Standard Python.
01:08:56 So they're just hacking around and getting things working, which is totally okay for their approach.
01:09:01 But you couldn't just take their pull requests and their patches.
01:09:06 So we had to make them in a way that this would work for Standard Python and WebAssembly Python.
01:09:12 Yeah, fantastic.
01:09:13 Well, two things spring to mind for me when I hear this.
01:09:16 One is, does this mean I could write Electron apps and just have the slightest shim that then just lets me run like a backend in Python?
01:09:27 You know, the sort of Node.js side of that in Python, which would be awesome.
01:09:32 It should because Electron ships with Node.
01:09:35 So as long as you have access to the Node runtime.
01:09:37 Yeah, and you just get it on top of there.
01:09:38 And then instead of writing all your sort of core logic of your app.
01:09:42 You'll have to shim out back to JavaScript appropriately and have those APIs, which you might want Pyodide for potentially.
01:09:47 But yeah, basically, yes, that door is open.
01:09:51 Yeah, that's cool.
01:09:52 I don't know Electron.js well enough to say, oh, I could totally just go do that.
01:09:56 But I see that as a possibility that would be awesome.
01:09:58 Yeah, so what we don't have probably won't add in the near future is any kind of bindings to JavaScript.
01:10:04 So you can run like Python in your browser as like an isolated process or work web worker.
01:10:12 But communication back and forth between like the outside world in the Node.js or browser world and Python, that's provided by Pyodide.
01:10:21 But we don't have that.
01:10:22 Right, right, right.
01:10:23 So there's a very fun and great talk by Katie Bell.
01:10:27 She also helped us to kickstart the port.
01:10:31 She gave a talk at PyCon AU a couple months ago.
01:10:36 It was like 10 minutes introduction.
01:10:39 Two minutes compiling Python to WebAssembly and 28 minutes get STD in working.
01:10:47 So just STD in, STD out working took like half an hour of her talk because that's surprisingly, surprisingly hard with WebAssembly.
01:10:56 Yeah.
01:10:56 We kind of made the decision that at least for now, we are not interested in trying to develop that FFI back and forth with JavaScript and having that opinionated API.
01:11:06 And that's, as I said, kind of the agreement we've come up with Pyodide right now is they already have an API.
01:11:12 We're going to lean on them to provide that for now at least and probably will continuously.
01:11:16 I don't really necessarily see us changing this.
01:11:17 And we'll just provide the lower level functionality of just the runtime.
01:11:21 Right.
01:11:22 Yeah.
01:11:22 But if you all build that, it's a great foundation for other people to run with.
01:11:25 Exactly.
01:11:26 Yeah.
01:11:26 And then the other one, but first of all, is this the talk that you're talking about?
01:11:31 Yes.
01:11:31 That's the one.
01:11:32 That's Katie.
01:11:32 Okay.
01:11:33 I'll put, yeah, that's Katie's talk.
01:11:34 Great.
01:11:35 I'll put that in the show notes.
01:11:36 The other one is, is that the right URL?
01:11:39 Danger.
01:11:40 Yes.
01:11:41 Is this a Blazor project from the C Sharp .NET team?
01:11:44 Yep.
01:11:45 This is .NET, the .NET runtime as a front end framework running in the browser, which is pretty awesome.
01:11:52 And it seems like there's just so many parallels that could be brought to the Python world that like you don't have to do Angular.
01:12:00 You can just do PyBlazor.
01:12:02 I mean, that's not the name, but you know what I'm saying?
01:12:04 Like it's closer to possible.
01:12:07 And I think this is actually something that would be really neat.
01:12:10 Yes.
01:12:10 The trick here, and I think Blazor does the same thing right now as well, is from my understanding, Blazor has a WebAssembly compiled .NET runtime that gets loaded into the client.
01:12:21 Yeah.
01:12:21 And then that's how it does the execution.
01:12:23 If I understand how Blazor works correctly.
01:12:25 And so you could do a theoretical same thing with Python.
01:12:29 Now, obviously there is size issues to consider here, right?
01:12:33 Like this is not something you necessarily on a really slow connection somewhere would want to actually pull down.
01:12:38 Because I think the one time, is it 5 megs now, Christian?
01:12:41 Or is it 3?
01:12:42 So the uncompressed Wasm is like 6 megabytes.
01:12:46 It gets down to like 4.
01:12:48 And then you have the big bundle of the data file that contains the Python compiled files.
01:12:54 It's another 5 or 6 MB.
01:12:56 It's big.
01:12:58 But actually it's smaller.
01:12:59 Okay.
01:12:59 3 MB.
01:13:00 Can you scroll up a bit?
01:13:03 The .data file.
01:13:04 It's the standard library.
01:13:05 Did I?
01:13:07 Did I care a lot?
01:13:08 Yeah.
01:13:08 Yeah.
01:13:08 Group tab.
01:13:08 Python data and Python web.
01:13:10 Yeah.
01:13:10 So it's 3 megs for the standard library, 212 kilobytes for the wrapper.
01:13:16 And you've already cached the Wasm.
01:13:18 So it's probably 6 MB.
01:13:20 But so we can probably make it a bit smaller.
01:13:22 So currently that comes like with elementary and decimal model and all the hashing libraries
01:13:30 compiled in.
01:13:31 So we currently create one gigantic binary.
01:13:34 There are ways to have side models like shared libraries with Wasm.
01:13:39 It's a bit more complicated to get that right.
01:13:41 And also it increases the size of the main binary, the main model a bit.
01:13:47 I didn't go into that yet.
01:13:49 It's something I look into maybe in the future.
01:13:53 But as you were talking about earlier, Michael, about like slicing and dicing the standard library,
01:13:57 if you're shipping the runtime, you can also shrink that down by just dropping all the parts
01:14:01 of the standard library you don't need.
01:14:02 Right?
01:14:03 So if you run like module finder or some other script that's going to go through the standard
01:14:06 library to figure out what you do and don't need, you could actually just compile your
01:14:10 own version of Python, CPython for WebAssembly only with the standard library that you want.
01:14:14 Interesting.
01:14:15 You get it really small, right?
01:14:16 So which of these three, Python.js, Python data, and Python.wasm is the, has cEval.c in it?
01:14:22 The Wasm file.
01:14:23 The Wasm one.
01:14:24 Okay.
01:14:24 So that's two megs and then plus the standard library bits, right?
01:14:27 Yeah.
01:14:27 So it's a little over five megs in total for everything, which isn't huge.
01:14:31 Like an internet project that you might need?
01:14:36 Totally fine for Electron apps, as you said.
01:14:37 It would be totally fine for a single page app.
01:14:40 It'd be fine for Gmail.
01:14:41 Yeah.
01:14:42 It's something you're going to leave up and running constantly and not change.
01:14:44 Yeah.
01:14:44 It's within the realm of probably what Facebook's already downloading onto your machine right
01:14:49 now anyway.
01:14:50 Yeah.
01:14:50 Yeah.
01:14:50 Just run an ad blocker and it'll do less.
01:14:52 All right.
01:14:54 I think we are well over time, but you guys, it's, it's always great to talk to you.
01:14:59 Yeah.
01:15:00 Good work.
01:15:00 I dream of Pi Blazer happening.
01:15:03 And I also saw a nice, interesting comment that triggered a thought.
01:15:07 It's progressive web apps are not really a thing we can do in Python very well because
01:15:11 for a progressive web app, it's really got to be all offline in some meaningful way.
01:15:16 But, but if you could bring Python.wasm down, maybe use local DB, there might be some really
01:15:22 interesting ways that progressive web apps become way more interesting to us as Python
01:15:27 web developers.
01:15:28 Okay.
01:15:28 Now I have to confess, I have no clue what the progressive web app is.
01:15:31 I don't know anything about lecture web development.
01:15:34 I got Python working on the browser, but I don't know how browsers work.
01:15:38 Awesome.
01:15:38 I will give one last tease though, Michael.
01:15:40 I had two motivations for getting into this whole WebAssembly thing.
01:15:43 Browser, mobile.
01:15:45 Because every phone has a WebAssembly runtime.
01:15:49 Thanks to all of them shipping out the browser.
01:15:50 Yeah.
01:15:51 Yeah.
01:15:51 Yeah.
01:15:51 Yeah.
01:15:51 Yeah.
01:15:52 Okay.
01:15:52 Now I'm also very interested.
01:15:54 I would rather have a mobile option than a offline than a front end web option.
01:15:59 So there we have it.
01:16:00 Although these may well go together, honestly.
01:16:02 Yeah.
01:16:03 All right.
01:16:03 Well, thank you both for your hard work on this pep.
01:16:06 And then it's super interesting to see how it kind of ties back into this, like more focused
01:16:11 runtime than more places.
01:16:12 Yeah.
01:16:13 All right.
01:16:13 Before you get out of here really quick, last question I'm going to ask you.
01:16:16 Just keep to one since I kind of know the answers for the other.
01:16:19 I'm pretty sure.
01:16:19 Anyway, notable PyPI package you want to give a shout out to before we dip.
01:16:23 Oh, man.
01:16:24 There's one that runs WebAssembly, like something you can have, like Python that'll basically
01:16:30 interoperate with any WebAssembly one.
01:16:32 I can't remember quite what that was called, though.
01:16:34 I think WasmTime has one.
01:16:36 Yeah.
01:16:36 Yeah.
01:16:37 There's a couple.
01:16:37 There's a couple of people who've posted stuff to PyPI that let you load a WebAssembly
01:16:41 code and actually run them.
01:16:42 And I think WasmTime might be one of them.
01:16:45 WasmTime is a WebAssembly runtime run by the Bycode Alliance.
01:16:49 And it's usually the most cutting edge of all of them.
01:16:52 So if anyone wants to play with this and looking for a runtime, WasmTime is probably a good one.
01:16:56 Python embedding of WasmTime.
01:16:58 Python plugin.
01:16:58 Perfect.
01:16:58 And you can ask Christian what his favorite editor is.
01:17:01 Yeah.
01:17:01 The right one.
01:17:02 The good one.
01:17:03 I use a couple.
01:17:04 So I use PyCharm.
01:17:06 I use VS Code.
01:17:07 I use Vim.
01:17:07 So depending on my needs.
01:17:09 You use them all?
01:17:09 Yeah.
01:17:10 You've got a whole survey, the whole spectrum.
01:17:12 Yeah.
01:17:12 That's awesome.
01:17:12 Cool.
01:17:13 And then a notable package you want to give a quick shout out to before we get out here?
01:17:17 It's very late.
01:17:17 I don't know.
01:17:18 The Python standard library.
01:17:19 Yeah.
01:17:20 The lack of certain things in the standard library.
01:17:23 It's like an anti-module.
01:17:25 The fact that you guys are taking it out.
01:17:27 Oh, the anti-gravity model is also fun.
01:17:28 Oh, yeah.
01:17:29 Sure.
01:17:29 All right.
01:17:29 Anti-gravity.
01:17:30 pip install anti-gravity.
01:17:31 Now.
01:17:32 Maybe it's in the standard library.
01:17:33 I'm going to give you all up here on the WebAssembly one.
01:17:37 That would not work.
01:17:38 I removed that.
01:17:40 Oh.
01:17:40 Because that requires the browser model, which requires the sub-process.
01:17:44 I'm in a browser.
01:17:44 So you can't run any processes.
01:17:46 So it's.
01:17:47 Yeah.
01:17:48 I know.
01:17:48 I'm just kidding.
01:17:48 I tried.
01:17:50 For people to see.
01:17:50 I tried to import anti-gravity inside the WASM REPL.
01:17:53 It didn't do it.
01:17:54 Not yet.
01:17:55 Not yet.
01:17:55 I wonder if I can do it.
01:17:56 Yeah.
01:17:56 I don't know.
01:17:57 It may be.
01:17:57 Maybe it can.
01:17:58 It should.
01:17:58 They all should.
01:17:59 All right, you guys.
01:18:00 Thank you so much for being here.
01:18:01 I'm excited to see this progressing.
01:18:03 I see it leading to good places.
01:18:05 Thanks for having us, Michael.
01:18:05 Bye.
01:18:06 Bye-bye.
01:18:06 See ya.
01:18:08 This has been another episode of Talk Python to Me.
01:18:10 Thank you to our sponsors.
01:18:12 Be sure to check out what they're offering.
01:18:14 It really helps support the show.
01:18:15 Starting a business is hard.
01:18:17 Microsoft for Startups, Founders Hub, provides all founders at any stage with free resources
01:18:23 and connections to solve startup challenges.
01:18:26 Apply for free today at talkpython.fm/founders hub.
01:18:31 Fusion auth is your authentication and authorization platform built for devs.
01:18:36 If you have a side project that needs custom login and registration, multi-factor authentication, social logins, or user management,
01:18:43 then download Fusion Auth Community Edition for free.
01:18:47 Check them out at talkpython.fm/fusion auth.
01:18:51 Want to level up your Python?
01:18:53 We have one of the largest catalogs of Python video courses over at Talk Python.
01:18:57 Our content ranges from true beginners to deeply advanced topics like memory and async.
01:19:02 And best of all, there's not a subscription in sight.
01:19:05 Check it out for yourself at training.talkpython.fm.
01:19:08 Be sure to subscribe to the show, open your favorite podcast app, and search for Python.
01:19:12 We should be right at the top.
01:19:14 You can also find the iTunes feed at /itunes, the Google Play feed at /play,
01:19:19 and the direct RSS feed at /rss on talkpython.fm.
01:19:23 We're live streaming most of our recordings these days.
01:19:26 If you want to be part of the show and have your comments featured on the air,
01:19:30 be sure to subscribe to our YouTube channel at talkpython.fm/youtube.
01:19:34 This is your host, Michael Kennedy.
01:19:36 Thanks so much for listening.
01:19:37 I really appreciate it.
01:19:38 Now get out there and write some Python code.
01:19:40 I'll see you next time.
01:20:01 Thank you.