#481: Python Opinions and Zeitgeist with Hynek Transcript
00:00 Hennick has been writing and speaking on some of the most significant topics in the Python space,
00:04 and I've enjoyed his takes. So I invited him on the show to share them with all of us.
00:08 This episode really epitomizes one of the reasons I launched Talk Python nine years ago.
00:13 It's as if we run into each other at a bar during a conference, and I ask Hennick,
00:17 so what are your thoughts on, and we dive down the rabbit hole for an hour.
00:22 I hope you enjoy it. This is Talk Python to Me, episode 481, recorded October 8th, 2024.
00:30 Are you ready for your host, please?
00:31 You're listening to Michael Kennedy on Talk Python to Me.
00:35 Live from Portland, Oregon, and this segment was made with Python.
00:39 Welcome to Talk Python to Me, a weekly podcast on Python.
00:45 This is your host, Michael Kennedy. Follow me on Mastodon, where I'm @mkennedy,
00:50 and follow the podcast using @talkpython, both accounts over at fosstodon.org,
00:56 and keep up with the show and listen to over nine years of episodes at talkpython.fm.
01:00 If you want to be part of our live episodes, you can find the live streams over on YouTube.
01:05 Subscribe to our YouTube channel over at talkpython.fm/youtube and get notified about upcoming shows.
01:12 This episode is brought to you by WorkOS.
01:14 If you're building a B2B SaaS app at some point, your customers will start asking for enterprise features like SAML authentication,
01:21 SKIM provisioning, audit logs, and fine-grained authorization.
01:25 WorkOS helps ship enterprise features on day one without slowing down your core product development.
01:31 Find out more at talkpython.fm/WorkOS.
01:36 And this episode is brought to you by Bluehost.
01:38 Do you need a website fast?
01:40 Get Bluehost.
01:41 Their AI builds your WordPress site in minutes, and their built-in tools optimize your growth.
01:46 Don't wait.
01:47 Visit talkpython.fm/Bluehost to get started.
01:51 Eric, welcome back to Talk Python.
01:54 Good to see you, man.
01:55 Thanks for having me.
01:56 Yeah, it's great to have you back on the show.
01:58 I've been enjoying a lot of your articles and your videos lately.
02:02 And you know what?
02:03 Maybe we should just get together and have an opinion piece by Hennick.
02:07 I can do opinions.
02:09 Yeah, yeah, I know.
02:11 You're great, Adam.
02:12 And so we're going to talk about a whole bunch of different things.
02:15 A lot of the things that you've been talking about, I'm also super interested in.
02:19 Some cool articles you've written on Docker.
02:22 UV, last time you were on, we talked about running in production.
02:26 And maybe we can review that a little bit and just get some of your takes to see what's changed
02:31 and what's still the same over the last couple of years.
02:33 But all those things are awesome.
02:34 We're going to talk about some of your open source projects.
02:36 It's going to be a journey.
02:38 It's going to be fun.
02:39 Now, before we jump into all that, you know, it's been a couple of years since people heard
02:43 you on the show.
02:44 Just a quick background about who you are.
02:45 All right.
02:46 My name is Hennick.
02:47 I usually just go by my first name because it's already overwhelming to most people to pronounce
02:52 that one correctly.
02:53 Hi, Brian.
02:53 My last name is Slavak.
02:55 There's really not a lot of Hennicks around.
02:57 So I'll just stick to the first name.
02:59 So as you can hear, I'm a Czech living in Germany.
03:02 And I live in Berlin.
03:04 And I work for a rather small web hosting company and domain restaurant called Vario Media.
03:08 So you probably haven't heard of us unless you speak German because we only serve the German
03:13 speaking market.
03:13 Like we do speak English, but our stuff is in German.
03:17 And I would say you would call it individual contributor there.
03:20 So we don't have managers.
03:21 So everybody is.
03:22 Since you are rather small, stability is like the key thing when I'm building systems.
03:27 And that's like informs a lot of my opinions that you will probably hear today from me.
03:31 Also, I like traveling and I don't want to be paged in the middle of my vacation.
03:35 I'm having margaritas on a beach.
03:38 Nobody wants to have to put down the margarita because someone took down the server.
03:42 Also, I'm sure we're going to speak more about that.
03:45 But also nowadays, I'm also a YouTuber.
03:47 So that's also very exciting.
03:49 And thanks for the shout out in the last Python Bytes.
03:52 I really appreciate it.
03:53 Yeah, absolutely.
03:54 You're very welcome.
03:55 Awesome.
03:55 And I think it's interesting to have people who work on small teams, especially smaller companies,
04:02 because that's the common theme of what people do.
04:05 I don't have it pulled up right now.
04:07 But if you go to the PSF survey and you look at some of the demographics stuff,
04:12 it'll say, well, what size of a team do you work on?
04:16 Is it one person, two to five, 500 to 1,000?
04:20 The vast majority is the two to 10 different people.
04:24 It's not Google, Facebook, Microsoft, right?
04:28 So a lot of the advice that comes from these huge places is just, I don't know,
04:32 it's not super relevant.
04:33 Call it like Google cosplay.
04:36 And I feel like my opinions that there are about this whole production thing are informed
04:41 by my distinct dislike for these kind of things.
04:44 They're just like some big tech influencers having opinions on stage and everybody wants
04:48 to mimic it.
04:49 And it just doesn't make any sense.
04:50 Because as you said, the long tail is huge.
04:53 Like most people work for small companies.
04:55 It's just like that.
04:56 The things you should do, they're just different.
04:58 And you know, no disrespect to those companies, but, and they have a lot of employees, but in
05:02 the general population, it's very small group of people who have hyperscaling clouds and
05:09 whatnot that they're, they're worried about, right?
05:11 I think I want to start this conversation off here by talking about some of the articles
05:17 you've written.
05:17 So I think this one's interesting.
05:20 Let's talk about virtual environments.
05:21 Love them.
05:22 I do too.
05:23 And you wrote this article called why I still use Python virtual environments in Docker.
05:28 And I do as well.
05:29 And I, when I didn't use Docker, I had them on my server as well.
05:34 I feel like they're a really interesting, predictable way to package Python.
05:39 And you know, you hear about them, obviously, oh, well, you're going to create a virtual environment
05:43 so you can have multiple projects in your computer and so on.
05:46 But Docker, there's only one app running.
05:49 What's the deal with these virtual environments in Docker?
05:51 Yeah.
05:51 I mean, you just said it, right?
05:53 It's a lot more predictable in its behavior.
05:55 It's a technology that we use everywhere too.
05:58 I just understand what this directory is doing.
06:01 I find it very important that when I just go on a server or in a Docker container, I
06:06 know what a file is doing or how things interact with each other.
06:10 And I don't have to hunt them down somewhere else.
06:12 Or another popular thing is that I write in the first paragraph is that people use pip install
06:17 user and then set the Python user base directory.
06:20 And sure, you can do all these things.
06:22 But why would you, right?
06:24 Like, what are you gaining?
06:25 And it's a lot of vibes.
06:27 And I admit it in the article too.
06:29 But I just find it easier to reason about.
06:31 And not everything.
06:32 We don't use only things we need, right?
06:35 Like we use affordances in other places too.
06:37 So why not this as an abstraction over an application artifact?
06:41 Because we don't have anything better in Python.
06:43 Yeah.
06:43 And also one of the things that you point out in your article that I think is really nice,
06:47 that's already the way you're working on your computer.
06:50 And so when you go to your Docker container, it's the same.
06:54 You don't have to think about, well, if it's misbehaving in production, that's because,
06:58 well, maybe we've changed the Python path or whatever, right?
07:02 It's exactly the same as everyone else is working with.
07:05 Yeah.
07:05 We forgot to set an environment variable.
07:07 Oh no.
07:08 Nothing works now.
07:09 Exactly.
07:11 That's been interesting.
07:12 Let's talk about Docker just a little bit as well.
07:15 I think that alone is a pretty interesting choice.
07:19 You said you work on smaller teams and maybe web hosting companies give this a little bit
07:26 of a plus plus slant on Docker or not.
07:29 But Docker, no Docker, right?
07:31 A lot of people, I think, see containers and they think complexity.
07:34 They think it's hard to debug.
07:36 Like if something goes wrong in the container, it's just, it's opaque to me.
07:40 What would you say to people that feel like containers are too complicated?
07:43 Obviously the answer is, as always, it depends, right?
07:45 It's a trade-off like everything else.
07:47 We don't give Docker to our customers.
07:50 Like our customers, we sell mostly LAMP, like mostly WordPress, which is very interesting these days.
07:55 Oh my gosh.
07:57 I don't know if we want to go down that one, but it is super, super turmoil right now.
08:02 Yeah.
08:02 No, we don't.
08:03 Let's not go down.
08:03 Matt doesn't know we exist.
08:05 It's fine.
08:05 Yeah.
08:07 So you're trading off the things you just said, like the debuggability and everything
08:11 against development velocity and reproducibility.
08:16 So we, for example, we don't run Kubernetes because it's just too complex for us to run.
08:22 And we run everything on premise.
08:23 So like we do not have anything.
08:25 We do not use any external services whatsoever.
08:27 Wow.
08:28 Okay.
08:28 So everything runs into our own data centers.
08:31 So we are European.
08:32 So some of the things we have to do, other things we do because Germans like it that way.
08:36 We can say, like, our data center is right there.
08:40 You can look at it.
08:41 No data leaves it.
08:43 Yeah.
08:43 If you have to, I can come look at my code through the little rack window.
08:47 There it is.
08:48 You can try right inside and see how fast you get tasered by the security side.
08:52 It's all good.
08:53 We use quite a bit of HashiCorp software.
08:55 So we had Consul and Vault before for configuration, service discovery, and secrets.
09:00 So we use Nomad because it was a logical add-on to run our applications.
09:06 So that's where most of our web applications run.
09:09 Like, everything that can run in containers usually runs in our Nomad cluster in Docker containers.
09:15 And, yeah, sometimes there are a bit of a pain to debug.
09:20 But you can SSH into a Docker container, right?
09:23 Yeah.
09:24 First hot tip of the day, there's this thing called BusyBox, which is, like, one command.
09:28 And depending on what name you call it, it's something different.
09:31 And it's just, yeah, it's just very, very few bytes.
09:34 Like, you can look at it.
09:36 And it's static.
09:37 And it gives me things like ping.
09:39 And I think Traceroute is in there, too.
09:42 Yeah.
09:43 I can do all these basic things in those containers, too.
09:46 So it's not like it's a completely black box.
09:48 You can SSH into them.
09:49 It's no problem.
09:50 A couple of thoughts.
09:50 One, I agree with you on that.
09:52 One more thing.
09:52 One more thing before.
09:53 Yeah, yeah, go ahead.
09:53 We do not run SSH clients on those Docker containers.
09:57 This is an affordance that we get from Nomad.
10:00 And I'm sure other cluster managers have that, too, that they allow you to enter containers from the outside.
10:06 So, like, you SSH into the host, and that from there you get into the container.
10:10 Right, right, right.
10:11 That's SSH service.
10:13 Yeah, I do that as well on my stuff.
10:16 I've recently moved a couple, maybe a year or two ago, to running, I used to have a bunch of smaller servers.
10:23 I don't know.
10:23 Maybe I bought into the cloud computing.
10:26 There's a bunch of commodity boxes, and you can just make a bunch of little ones, and that's the way you do it.
10:30 And eventually, I'm just like, you know what?
10:32 I'm tired of dealing with all these servers.
10:34 Putting them all in one thing, running everything in Docker, keeping it isolated.
10:38 And it's been really excellent.
10:39 So, similar access model there.
10:42 I'm not sure this makes sense for you guys, but I think for folks who maybe expected still to SSH into their server and mess with it.
10:52 Maybe this doesn't make sense for your customers, but maybe it does for you guys individually behind the scenes.
10:57 I like to have a couple of tools, a little bit like you were saying with BusyBox, already installed in my Docker container.
11:03 So, if I need to get into it and ask it questions, I can actually log in through some sort of Docker exec, you know, Docker exec, dash IT, sort of ZSH or bash or whatever, and ask it questions.
11:17 What are your thoughts?
11:17 Do you think if you put something like, oh my Zshell, so you have better command history while you're poking around, is that sacrilegious in a Docker container?
11:26 Or how do you feel about this?
11:27 You're asking me if you have a fancy.
11:29 Well, we are sacrilegious in a different way.
11:31 Like our normal servers that we SSH into, we run fish on them.
11:34 Because most of us like fish.
11:36 Yeah, sure.
11:36 We have very nice fish prompts running there.
11:38 Everybody who claims they have to use Bash on their notebooks because they have to SSH into servers, look at us.
11:45 It's fine.
11:46 You can do whatever you want.
11:47 It's your servers, man.
11:48 I'm with you.
11:48 I don't have the strong opinions because like, as I said, we run everything on-prem.
11:52 So, we have our own Docker registry.
11:53 So, I'm not losing sleep over how big my containers are.
11:57 Like, obviously, I try to keep the surface small because like everything you install can probably be misused in some way, can be a problem.
12:05 Like XZ, for example, right?
12:07 Like, there's like things can be dangerous.
12:10 But, I mean, if it helps you to get things done, whatever, right?
12:14 Yeah.
12:14 When you hear the security folks talk about living off the land, that's what they mean.
12:20 They're like, oh, I somehow got into this machine and it turns out that this tool that I needed to access the database was just laying here and off it goes, right?
12:30 They didn't have to get anything on the server.
12:31 So, that in a sense, you kind of want to eliminate.
12:34 I do think the trade-off is, are you pushing to a Docker registry and shipping the thing all around or is it just being built in some local-ish story, right?
12:44 Interesting.
12:44 Okay.
12:45 So, the reason that I found out about your article, your virtual environment article, is I was actually looking around at your UV article.
12:57 Because, wow, does UV speed up Docker builds?
13:00 Oh, yeah.
13:01 Oh, yeah.
13:01 Jay Miller made a comment just yesterday.
13:03 I saw that.
13:04 It was pretty funny.
13:05 He said, UV is the new AI.
13:07 And I suppose AI is the new blockchain.
13:10 Like, everyone's excited about it.
13:11 There's some minor level of controversy about it.
13:15 But I'm a big fan.
13:16 What are your thoughts on UV these days?
13:18 First of all, for people who don't know, we're talking a lot of two-letter acronyms.
13:23 You said XZ earlier.
13:24 Now, UV.
13:24 Like, forget XZ.
13:26 That was bad.
13:26 But what's UV?
13:27 Well, UV is a reimplementation of Python packaging in Rust, roughly saying, right?
13:34 In Rust.
13:34 Yes, Rust.
13:35 Yeah, yeah.
13:35 They started at the bottom.
13:37 They implemented UV pip to replace pip.
13:40 UVvnv to reimplement virtualenv.
13:43 And UV compile, I think, was the thing.
13:46 Yeah, yeah.
13:46 To do our good old requirements.txt files.
13:49 And they did it very fast.
13:51 And already back then, I said in a video, it's nothing new under the sun.
13:57 It's like, we've got nothing new.
13:59 But this is how you approach this problem.
14:01 Because what I think most people don't understand, and this is a bit of a tangent,
14:05 is what an incredible Jenga tower Python's packaging is.
14:09 Since, like, we've been building these things for 30 years, and there's so many loose parts.
14:14 There's so many workflows that need to be supported.
14:17 And, oh my God, I mean, just look at UV's bug tracker, what kind of workflows people need to have supported.
14:24 Then you understand why it's hard.
14:27 And why nobody before who did not have eight people, eight hours a day working on it to really move the needle.
14:35 This portion of Talk Python is brought to you by WorkOS.
14:38 If you're building a B2B SaaS app, at some point, your customers will start asking for enterprise features
14:44 like SAML authentication, SKIM provisioning, audit logs, and fine-grained authorization.
14:49 That's where WorkOS comes in, with easy-to-use APIs that'll help you ship enterprise features on day one
14:55 without slowing down your core product development.
14:59 Today, some of the fastest-growing startups in the world are powered by WorkOS,
15:03 including ones you probably know, like Perplexity, Vercel, and Webflow.
15:06 WorkOS also provides a generous free tier of up to 1 million monthly active users for AuthKit,
15:13 making it the perfect authentication layer for growing companies.
15:16 It comes standard with useful features like RBAC, MFA, and bot protection.
15:22 If you're currently looking to build SSO for your first enterprise customer,
15:26 you should consider using WorkOS.
15:28 Integrate in minutes and start shipping enterprise plans today.
15:32 Just visit talkpython.fm/WorkOS.
15:35 The link is in your podcast player's show notes.
15:37 Thank you to WorkOS for supporting the show.
15:39 With 0.3 or 0.0, they've now added proper workflow tools, which is very exciting, right?
15:48 Now we are attacking Poetry PDM and their own Rai, actually, which they adopted from Arm in Ronaha.
15:55 And now we have cross-platform log files, which is very exciting for people like myself,
16:00 who develop on a Mac and an Arm Mac, no less, and deploy to Linux.
16:07 Just asking for trouble there.
16:09 Yeah.
16:09 Just as you said, this is so incredibly fast.
16:12 Like, UVSync, you can call it after every command.
16:16 Like, the thing that makes sure that all your dependencies are at the state that is written in the log file,
16:23 is faster than git status.
16:25 And I realized that.
16:27 Then I realized what Charlie Marsh means, what he said on your podcast the other day,
16:31 that UV is categorically faster.
16:33 It just enables a completely different lifestyle.
16:37 Let's call it lifestyle.
16:38 You behave differently when all those commands are free, basically.
16:43 That's UV.
16:44 It's a workflow tool.
16:45 It also installs Python.
16:47 Yeah, and I think one of, probably one of the things that I was most interested about,
16:52 your take.
16:52 There was, over on Python Bytes, we covered this thing by Simon Willison,
16:56 where he kind of summarized a Mastodon thread about UV and whether it being written in Rust
17:04 is detrimental to the Python ecosystem or not and all of those things.
17:08 But I think it was there.
17:10 Your take was, look, fast is interesting.
17:12 But one of the really powerful things, I think, is here is a single binary that, if it's on your computer,
17:18 you can do all things Python, right?
17:20 And right now, it's super, without UV, it's been really challenging, right?
17:24 Maybe I want to use pip-tools or I want to use pip to install something or all of those things are predicated on several steps.
17:33 Do you have Python?
17:34 Do you have a right version of Python?
17:36 Have you realized you've got to create a virtual environment because you don't have right access to where there's just,
17:42 before you can get started, like, well, here's a whole set of conversations you need to have about not terribly complicated things,
17:48 but things that people might not care about.
17:50 And now with UV, it's just UV, run.
17:52 And you can even put in the comment in the top, like, these are the three libraries I need to run.
17:57 And it'll just run.
17:58 Oh, so they don't break.
17:58 That's what I meant with the one binary, right?
18:00 Like, I think most of Python's bad reputation around packaging is that things just break.
18:06 Because Homebrew updated your Python or because you didn't activate your virtual length,
18:13 accidentally installed something into your global thing.
18:16 Or you used pip install --user and now it's in all your virtual lengths and you don't know why.
18:22 And there's so much unpredictability around these things.
18:26 And now suddenly we have, like, this one thing that behaves in certain ways that people understand,
18:32 that people expect it to behave.
18:34 As I said before, this is not necessarily the way I would like it to behave,
18:37 but I understand why it's so important to just narrow the envelope of packaging of the behaviors that we expect
18:45 and that we as a community endorse.
18:48 Totally agree.
18:49 There's certain things I would like to see different as well.
18:51 But I'm really happy that Charlie and team are working on this and pushing it forward
18:56 and maybe breaking some paradigms or expectations, saying, look, you don't even have to have Python installed.
19:01 We can base it off of, gosh, I forgot the name of the project.
19:05 Not Dead Snakes.
19:05 But the Python builds, yeah, builds standalone.
19:09 That's it.
19:10 Exactly.
19:10 And we'll just grab it, right?
19:12 If you don't have Python installed, we'll just grab it.
19:14 Now, a side issue or maybe a tangent parallel issue is I would love to see something in Python itself that gives you a binary that you can then deploy.
19:25 UV is great for getting your machine up running and getting Python dependencies on it and stuff.
19:29 But Python build my folder, my package with an endpoint or something.
19:35 And like Go, like C++, whatever.
19:38 Here's a binary.
19:39 You just run it.
19:40 It doesn't care what's on your machine.
19:41 I know there's some packaging type stuff like Pyto app.
19:44 I have an app that's based on that.
19:46 But those are still kind of trying to piece things together in a funky way that Python will allow rather than something truly.
19:55 It's the same like with the standalone builds.
19:58 Python really fights you when you try to do this encapsulated things.
20:02 And like my dream outcome would be if these standalone builds would be upstream to proper Cpython.
20:09 Because this is really what I would like to have from Python.org.
20:13 Like these directories that I can put anywhere and they just work.
20:17 But it's not trivial.
20:19 And the author, the original author of those standalone builds, because it's been taken over by Astro now too.
20:25 But the original author was Gregory Shorts, I think.
20:27 And he also did this PyOxidizer project, which was very exciting to me.
20:33 But he kind of burned out completely on working with Python at all, because it was so frustrating for him to deal with these things and how Python behaves and fights him when he tries to do these things.
20:45 Yeah, these kind of changes would have to come from Python proper.
20:49 Yes, it would have to definitely come from Python proper.
20:51 Well, maybe someday.
20:53 There's some interesting things that come along.
20:55 We might even have Python in the browser.
20:58 Weirdest things have happened.
20:59 Yeah, and out in the audience, Tony agrees that super powerful and I haven't thought much about it.
21:04 One by any of the do everything, it's amazing.
21:06 Indeed.
21:06 So you want to talk about the controversies to you or just a segue?
21:09 Let me just ask you a question.
21:12 So here, I think the controversy is twofold.
21:17 And I accept that it's somewhat controversial, but I wouldn't say that it's controversial to me.
21:22 I think there's two things.
21:23 One, UV is written in Rust.
21:26 Rough and Rust.
21:27 Yeah, I see the challenge here.
21:28 Yeah.
21:29 It's written in Rust.
21:30 It's not Python.
21:31 That makes it harder.
21:32 I don't know any Rust.
21:33 I might be able to look at Rust codes.
21:35 I think that's Rust, but I'd have to do some learning to actually do anything with it.
21:39 And the other is venture-backed versus just open source.
21:43 Like, is that healthy?
21:45 I think for the Rust part, like, for me, it's like, look, a lot of libraries are written
21:48 in C++.
21:49 And I used to do C++ or C, but I'd rather not go do C.
21:53 If there's a bunch of C and a bunch of Rust, they're kind of similar to me.
21:58 Like, I'd rather not mess with those.
21:59 But if I had to, I could learn a feeling.
22:01 And so I don't feel terribly worried about Rust in that regard.
22:05 What are your thoughts?
22:06 Just some quick takes on this.
22:08 Yeah, the quick take is, I think it's a much more a thing of context right now.
22:12 And it's actually how the thread on Mastodon started.
22:15 We were just starting to get off having everything written in C.
22:19 So we didn't have to learn C to contribute to certain projects.
22:22 Because we ported them to Python.
22:25 Like, now the Pyreple in Python 3.13, which I'm sure we were talking about, is now in Python.
22:31 And suddenly we have more contributions, right?
22:32 Now, people find this is a regression back when we start moving back to Rust, which in certain
22:38 ways it is.
22:39 But then again, I think people underestimate how many Rust-savvy people we have now in the
22:44 community.
22:45 So I think the upsides in this case outweigh the downsides.
22:49 But of course, everybody has to decide it themselves.
22:52 Yeah.
22:52 And it's open source.
22:53 If something goes terribly wrong.
22:55 Yes.
22:55 MIT Apache 2.
22:56 Yeah.
22:57 Yeah.
22:57 There's already 646 forks.
22:59 I'm sure there'll be some more.
23:00 I'm happy to see Charlie and team working on this.
23:04 And I told Charlie that a few weeks ago or a couple of months ago when he was on the show
23:08 to talk about some of these ideas.
23:09 I think what I would really like to stress here is that it's not like Astro came to the
23:14 page and just like forbade everybody to stop to do open source packaging.
23:20 We had like at least 10 years of trying to tackle this problem with our resources that
23:26 we have as open source developers.
23:27 And it turned out that we cannot do that.
23:30 It's just a too complex problem.
23:32 I've been like just a few months ago.
23:34 I was literally saying that I would like to see someone to just put the money where their
23:38 mouth is and just bankroll a good packaging tool.
23:42 And this is literally what just happened.
23:44 So I'm more on the relaxed side of that because I realized that we just couldn't do it.
23:49 Like we tried.
23:50 We failed many times.
23:51 Like there's a whole graveyard of packaging tools.
23:54 And right.
23:55 Now we have a good one.
23:56 And one day we will probably have to maintain it because VC is going to VC.
24:00 But it's fine.
24:01 It's interesting.
24:02 That is for sure.
24:03 I definitely know if you want to get VC funding, having Rust as your foundation seems to be
24:07 the trick right now.
24:08 But another thing I want, you know, while we're on this topic, you made a point in one of the
24:13 YouTube videos, which I'll give a shout out to in a bit, but said something to the effect
24:18 of be kind to all the people who have worked so hard on this problem before and don't just
24:23 trash on the other projects.
24:25 Six months ago, this thing was mission critical to you.
24:28 And it was the way that you did everything.
24:29 And now I go, it's people know it's crap because you like, I don't, I think it's, it's important
24:34 to keep some perspective, you know?
24:36 Yeah.
24:36 I mean, I've been on the receiving end of such excitement, so I know exactly how it feels.
24:41 And it's just, you can be excited about something without saying that finally I can stop using
24:47 X.
24:47 Ideally, add the maintainer of X.
24:50 So they really know that you finally don't have to use their stuff.
24:53 Yeah, exactly.
24:54 You don't have to be.
24:55 Come on now.
24:56 So real quick, give us some of the tips of what you're doing to make your Docker builds
25:01 faster.
25:02 I know this build cache mount thing is pretty interesting, letting you, I mean, I adopted
25:08 some of the ideas you got in here and some of my own and Docker builds so much faster.
25:13 I mean, the most important thing is to have multi-stage builds, which means that you have
25:17 a separate container that builds your application, whether it's a virtual amphi-chip, as we said
25:22 before, which I like better.
25:23 Or if you just build into a directory and then somehow get it over.
25:27 Because you don't want to have a C compiler in all your production containers.
25:31 So just a waste of space, as you said, living off the land.
25:35 It's not good.
25:35 You want to drop the hackers into a desert, not a lush forest.
25:39 Exactly.
25:40 I mean, they're still going to figure it out.
25:41 But it's just nicer and easier to reason about.
25:44 Then judicious layering makes a big difference that you are very clear about when you build
25:50 what, that you basically sort your commands in the order in that they are most likely to
25:55 change.
25:56 So in a build container, that means that your last step is copying the application and the
26:01 step before is copying the dependencies.
26:03 Yeah, absolutely.
26:04 And so I'll link to one of your articles here.
26:06 But the other thing that I think is pretty interesting that people maybe don't realize or haven't used
26:13 a lot, I'm not sure if I see, here you go, is when you run Docker commands, you can say
26:19 --mount equals slash root slash dot cache.
26:24 Yeah.
26:24 That's build cache mounts that you mentioned.
26:26 Yeah.
26:26 Yeah.
26:26 Yeah.
26:27 Yeah.
26:27 And what that'll do is when either, doesn't matter in this case, the way you got it set up,
26:31 either pip or UV, if they, a lot of times when you pip install something, they'll say,
26:35 oh, that's already cached locally.
26:36 We'll just install it instead of download it.
26:38 Right.
26:38 Yeah.
26:39 And that'll store somewhere on the host machine, all the, all the cache stuff, right?
26:44 It depends.
26:45 It depends.
26:45 So this is something that I didn't spend a ton of time because you can configure where this
26:50 is stored.
26:51 And in the simplest case, it is just pulled from the last container that you built.
26:55 That is like the simplest configuration that you can use that you say that, so now I tag
27:01 an latest container, which I never did before because for deployments, I usually use numbers,
27:05 but now there's always a latest tag.
27:08 It will take the cache from there.
27:10 So it's most likely pretty good because it was literally the last build.
27:13 Yeah.
27:13 Okay.
27:14 Interesting.
27:15 I see that it's, it's part of the build cache, not the Docker layer cache, not some folder
27:20 laying around.
27:20 I think it's actually part of the container if I'm not mistaken completely.
27:23 Okay.
27:23 Yeah.
27:24 So definitely lightens the load on PyPI a little bit and makes yourself faster.
27:29 So that's all, that's all good.
27:30 All right.
27:30 What is next on my list here?
27:33 Let me have a look.
27:33 All right.
27:34 Installing Python.
27:35 That's probably a, maybe a segue that keeps us in the same realm.
27:39 Honestly, how do you get Python on your machine these days?
27:41 Are you, if you're going to work on something or do you brew install it or you download it
27:46 from python.org?
27:47 No.
27:48 No.
27:48 As my friend, Justin once wrote, homebrews Python is not for you.
27:52 It's that Python is for homebrew to use in their applications.
27:56 You notice it very fast because whenever they upgrade the Python audio virtual ends break.
28:00 So this is not great.
28:03 So I'm on macOS and I'm on an Apple Silicon Mac, which makes things a bit more complicated because
28:13 I need to develop some of my projects on Intel because I need to use a driver for a very shitty
28:19 proprietary database.
28:21 And this, of course, they don't have that for ARM.
28:24 It's written in C or some sort of binary layer.
28:26 Yeah, yeah, yeah.
28:27 It's a binary blob.
28:28 So I have like these two types of projects.
28:30 And so the official macOS installer from python.org has this amazing property that you get Python
28:40 3.13-intel64.
28:42 And when I create a virtual end with that, I know this virtual end is Intel.
28:47 And if not, it's not.
28:48 And this is very nice and predictable for me.
28:51 So I really like this behavior.
28:53 And on servers, we use dead snakes.
28:56 Yeah, very cool.
28:57 Lately, I've been switching to just UV, VE and V, give it a Python version, which I guess
29:03 indirectly is using Python build standalone, right?
29:06 They have a bunch of quirks based on the thing that we talked before that they fight, that
29:11 Python fights it a little bit.
29:13 So I cannot use those in production, at least not for everything, because I just had some
29:17 some of my packages just won't install on them.
29:19 They will probably be fixed at some point.
29:21 But yeah, Python.org is a safe spin thing.
29:23 And I have to shill my friends Glyph's tool mop up, which just allows you to upgrade those
29:29 official installers very easily, especially when you use UVX, because then it's just one
29:34 line.
29:34 Yeah, mop up is an interesting project from Glyph, as you pointed out, that will update your
29:40 your Python, right?
29:41 Yeah.
29:42 If you've installed it from Python.org.
29:44 All right.
29:45 Another thing that's interesting, if you install Python from Python.org is in the installer,
29:51 you can customize it and you can check a checkbox that says, give me the free threaded Python.
29:58 Let's talk about free threaded Python.
30:00 What do you think about this?
30:01 This is one of the more significant changes to Python and one of the bigger peps.
30:07 You know, we went through the two to three controversial challenges so much.
30:11 And I think that was largely because strings were changed.
30:14 I know there's a bunch of other changes, but it seemed to me that the real challenge of a
30:18 lot of the upgrades of a lot of the packages been like, well, that used to be bytes or strings.
30:23 Now we've got to treat them differently and we've got to change that.
30:26 That's the part that was really took the work.
30:28 And threading seems harder than strings.
30:31 I don't know.
30:32 Maybe it's not, but is this going to be a big challenge for people or what do you think?
30:35 Yeah, I guess we will see, right?
30:36 Like normal code is probably not going to be affected a lot.
30:39 But for example, it's a perfect timing since I'm maintaining Argon2 CFFI.
30:45 As the name says, it depends on the CFFI project to do the bindings.
30:50 It does not support free threading yet.
30:54 So I cannot build free threading wheels with that yet.
30:56 Of course, people are already complaining in my issues about that.
31:00 Why isn't your puppy parallel?
31:02 Come on now, get this going.
31:03 Yeah.
31:04 So this is, there's probably more projects than just CFFI that are still stuck in some way
31:09 because they are not important enough for someone from meta being parachuted into the project
31:16 and fix everything.
31:17 Yeah.
31:17 I personally, I'm very excited by free threading.
31:20 And I was like one of the, like, I mean, there was, I don't know how to call it, but
31:24 it's a bit of an election, right?
31:26 To decide on whether or not.
31:28 And it was like this, we made public statements about how we feel about this whole thing.
31:34 And I personally felt like good about it back then.
31:37 I still do.
31:37 I think it's a big chance, our one shot we will have because either this one works out
31:42 or it's not going to happen ever.
31:44 We will never have free threaded Python ever because this is like the perfect constellation
31:48 of stars.
31:49 This is not coming back.
31:50 That's a really good point.
31:51 We've had the Gilectomy and other attempts before, but this is, it's fast.
31:56 It's accepted.
31:57 It's already shipped.
31:58 You're right.
31:59 If this doesn't work.
32:00 And we have meta who also like put several paid people on the job to get it done.
32:06 Again, this is one of those things that just cannot be done by volunteers on the beer money
32:11 from GitHub sponsors.
32:12 This is a big thing that has to be, that needs serious money to be solved.
32:18 This portion of talk Python to me is brought to you by Bluehost.
32:21 Got ideas, but no idea how to build a website?
32:25 Get Bluehost.
32:26 With their AI design tool, you can quickly generate a high quality, fast loading WordPress site
32:32 instantly.
32:32 Once you've nailed the look, just hit enter and your site goes live.
32:36 It's really that simple.
32:37 And it doesn't matter whether you're a hobbyist, entrepreneur, or just starting your side hustle.
32:42 Bluehost has you covered with built-in marketing and e-commerce tools to help you grow and scale
32:47 your website for the long haul.
32:49 Since you're listening to my show, you probably know Python, but sometimes it's better to focus
32:53 on what you're creating rather than a custom built website and add another month till you
32:58 launch your idea.
32:59 When you upgrade to Bluehost cloud, you get a hundred percent of time and 24 seven support
33:04 to ensure your site stays online through heavy traffic.
33:08 Bluehost really makes building your dream website easier than ever.
33:11 So what's stopping you?
33:12 You've already got the vision.
33:14 Make it real.
33:14 Visit talkpython.fm/Bluehost right now and get started today.
33:19 And thank you to Bluehost for supporting the show.
33:22 I'm excited, but I don't think it's going to be that big of a problem.
33:26 And I think it's going to do some very excited things that we are not thinking about because
33:30 a lot of the arguments against it was, oh, threads are bad.
33:35 It's hard to write multi-threaded code, which is all true.
33:38 The problem is that we just don't have good APIs for that.
33:40 Like you can build good APIs for threading.
33:42 You just have to look what Go is doing with channels.
33:44 We can have channels in Python once we have good threading.
33:48 But we never bothered to build these kind of APIs because it doesn't make any sense with
33:53 the guild.
33:54 It's just, it's better to go async.
33:56 That's a really good point.
33:57 And I think there's an analogy with async.
34:00 Remember, async.io shipped in Python 3.4, but async await, the keywords and the programming
34:06 model shipped in 3.5.
34:07 So for a while, it was like, well, you guys figured it out.
34:10 And then the programming model got way nicer.
34:12 We might have not gotten this shot if async.io didn't happen back then because it just showed
34:18 how we can do like a test balloon in a community.
34:21 We don't have to do it perfectly on the first time.
34:25 I think we had even breaking changes in minor releases of 3.5 because we had to fix things
34:32 up.
34:32 So yeah, I think I'm sure it was a bit of an inspiration.
34:35 I remember a breaking change somewhere in Python, but further down the road where the async context.
34:43 So the way to say a function was async, you could use a decorator before async and await
34:48 came along.
34:49 And my code, which was running on MongoDB, which was running on, which was using motor.
34:54 They were using that older style to get their async.
34:58 And then when it got taken out of Python, it just, well, stuff doesn't run anymore.
35:02 There is no such decorator async, something I can't remember exactly what it was, but it
35:07 took a week or two before I could run the new Python because that wasn't a big deal.
35:11 You know, I just didn't use it, but it did break.
35:14 There was plenty of breaking changes in async.io because I was quite involved with that whole
35:19 thing.
35:19 And I remember things breaking a lot in the beginning, but it's good.
35:23 It's good that we don't carry that technical debt around with us now.
35:26 Yeah, absolutely.
35:27 I want to give a quick shout out to a pytest plugin called pytest-FreeThreaded from Anthony
35:34 Shaw and friends.
35:35 And this one basically lets you run your tests in the free threaded Python mode and run them
35:43 with parallelism and stuff like that.
35:44 Because if you're going to have a library and you have tests for it and it's supposed to
35:48 support free threading, you should probably test it with free threading actually running
35:51 at some point.
35:52 People are trying to move their libraries along and I think they said, look, we tested
35:57 this on one of the libraries that said it was free threaded, supporting it, segfaulted Python.
36:01 So maybe it wasn't quite ready.
36:04 So run your tests if you're going to support this.
36:07 I think it needs to be stressed that the trick to not break your code is to just not mutate
36:11 global data in multiple threads at once.
36:14 Just avoid doing this and you'll be fine.
36:18 And most people don't.
36:19 So I don't expect like this large scale breakage.
36:22 The problem is more in the lower level things like CFFI and those kind of things that are
36:27 going to take a lot of time to figure out, I think.
36:30 Yeah, I agree.
36:30 Like, does your web framework support free threading?
36:33 Well, you're going to find out pretty quickly.
36:35 You definitely will.
36:37 I'm personally excited about it as well.
36:39 I think we're going to have a lot of good times.
36:42 What else about 3.13 are you excited about?
36:45 I feel like Python 3.12 and 3.13 was more like planting trees than a good harvest, you know?
36:53 Like, there's a lot of work, a lot of very, very hard work when it did these two releases
37:00 that don't benefit us immediately.
37:03 They built a foundation for great things to come.
37:06 Like, free threading is an example.
37:07 Sub-interpreters are an example.
37:09 Like, internally, I mean, I shouldn't admit it, but I'm also a Python core developer,
37:13 but I'm just not very active because I have enough of my own stuff going on nowadays.
37:17 But internally, the 3.13 is kind of called like a secret 4.0, which everybody who has to do with C-APIs have noticed because, like,
37:27 unlike the releases before, like 3.12, 3.11, it took quite a while for the ecosystem to catch up with all the changes to the C-API
37:35 because there's been a lot of changes.
37:37 I mean, the PyRipple is great.
37:39 Pablo has made a big push for better error messages, which is also nice.
37:43 And they continue to get better.
37:44 Yeah, that's great.
37:45 This is like the things that are truly user-facing, but things that I don't really care about that much.
37:51 I mean, I use IPython, so I will probably keep using it still.
37:55 I just hope that maybe PDB will get better now that we have a better REPL
37:58 because my favorite debugger, PDBPP, has been broken for two releases.
38:02 I'm not really excited about anything from 3.12 and 3.13.
38:07 I'm just excited for what those releases are going to give us in the future.
38:11 I'm excited for just the entire FasterCpython initiative as it kind of works out over across, you know.
38:18 Yes.
38:19 3.11 was probably the biggest one of those, I guess.
38:21 Although, we'll see about this free threading.
38:23 This might, you know, if you've got a lot of cores, that's a massive difference if you can take advantage of it.
38:28 If, yeah, that's a problem, right?
38:30 Because I think what was said that they will merge it if the penalty for non-threaded code is less than 10%,
38:40 which it did, but single-threaded code is going to be slower in a free-threaded Python build,
38:46 and it's something we have to keep in mind.
38:47 Right, yeah.
38:48 Well, I guess it depends on your workload, what you're doing right.
38:50 But with little dev tools, I fixed.
38:52 What's new in Python 4?
38:55 Ship it.
38:56 Ship it.
38:57 Although, I got a few more spots.
38:59 I got to do a little find and replace in this documentary.
39:02 Looking at the what's new in 13.
39:04 Okay, also, I think, yeah, I think the new REPL is quite nice.
39:07 It's been, using the traditional REPL, I think it's been really challenging.
39:11 Did you write a loop?
39:13 You want to go back and edit it?
39:15 Well, you got to, yeah, I remember that was four lines up for the four part,
39:18 and then the four again to get, you know, like, that was just challenging to have multi-line edits on there.
39:23 Now, a lot nicer.
39:24 Well, just simple things like key binding, sometimes not working, or just printing weird stuff into your console.
39:32 Yeah, but these are the things kind of like the virtual environment, you know, get your virtual environment set up, get your dependencies installed.
39:39 It doesn't sound like that big of a deal, but it is friction to people who come to the ecosystem.
39:44 Every paper cart less is good.
39:46 Yeah, that's 100% right.
39:47 Definitely good.
39:48 YouTube.
39:49 I mean, look, you're on YouTube right now, but we're talking about you being on YouTube on YouTube, so it's kind of meta.
39:54 But, yeah, you're doing a really good job with your YouTube videos lately, you know.
39:58 Thank you so much.
39:59 I've done a couple of the last, yeah, yeah, you're welcome.
40:02 I think I've done a lot of YouTube videos, but even more, sit down by yourself behind a camera for course videos.
40:09 I have like 270 hours of course videos.
40:12 And, you know, the editing, the I'm excited to talk to nobody, right?
40:17 All of these things are not that easy to do.
40:19 And, yeah, I want to just talk about what you're up to over there a bit.
40:23 Maybe let's start with a silly reason why I started doing this.
40:26 I'm very aware and self-conscious about how bad my spoken English is.
40:30 So it's my third language.
40:33 And I don't speak it often enough.
40:35 So there's this joke from my friends at the Piken when the just arrived jet-lagged Hinek who only spoke English to the U.S. immigration officer trying not to get detained.
40:43 It's very different from the Hinek like a week later who spoke to his friends for a week, right?
40:49 So my hope is that maybe it forces me to like speak a lot more English in my everyday life.
40:56 It turned out I'm way too slow at producing videos.
40:59 So that part didn't work out at all.
41:00 I mean, you say like 300 hours.
41:03 But for me, like the 25-minute video that I've just published, that's like one hour of film material that I'm cutting down to 25 minutes.
41:10 Yeah.
41:10 So that's a lot of work, a lot of editing.
41:12 And, yeah, the more serious reason that actually worked out, and this is not going to be all of Philly.
41:19 is I do have a lot of people that follow me across my platforms and know me from PyCon.
41:25 And I've heard the term PyCon cinematic universe put out, which I'm probably a part of.
41:32 But this universe is tiny.
41:34 Like the Python community is huge.
41:36 People don't understand how huge they are.
41:39 And I mean, just like this Twitter account that posts just like these trivial things that sometimes I'll write wrong.
41:45 And they have like hundreds of thousands of followers.
41:47 And the same is on YouTube.
41:50 I haven't found any Python content on YouTube that I really liked, like for the things that I care about.
41:57 Like maybe there's amazing data science stuff there, but there's not things that I care about.
42:01 So I thought with the usual programmers hubris, sure, I can do that.
42:04 And I'm trying to build our own.
42:06 We're doing it.
42:07 How hard can it be?
42:08 And so I'm trying to do content that I wish existed for me 15 to 20 years ago.
42:14 But to be honest, like the ultimate trigger is that before COVID, I had like this nice lifestyle where I wrote one amazing conference talk per year, like scare quotes.
42:23 And I could just like travel the world and give it.
42:27 And this doesn't work anymore.
42:28 Like the conference world has more or less collapsed.
42:31 Conferences have no money anymore.
42:33 It's much harder to get invited.
42:34 So I told you I work for a small company.
42:39 So like my actualization and creativity comes mostly from the community.
42:43 And I felt like being cut off.
42:46 Like I couldn't do my creative work anymore because I couldn't pay for all those flights.
42:50 The same happened to writing.
42:52 I mean, whatever Google and Twitter are doing right now, unless your blog post lands on Hacker News front page, you basically get no more traffic anymore.
43:01 It has been completely obliterated.
43:03 Like my blog has like 40% less traffic than a year ago.
43:07 And I don't think it's that my content got stale.
43:09 It just changed.
43:11 I thought I should try a new avenue.
43:14 I should go where the people are.
43:15 I read somewhere that like YouTube is the second biggest search engine or something.
43:19 So I'm trying my hand.
43:21 It's an interesting outlet.
43:22 And you know, you look at it's the numbers are ridiculous.
43:26 Right.
43:26 I look at, oh, this person just posted a video on this.
43:30 And six hours later, it has more views than if it was a major television series or something like this.
43:35 It's a weird world.
43:36 It's a weird world for sure.
43:38 I'm a niche in a niche.
43:39 So I don't expect ever to blow up like this.
43:41 But yeah, we'll see how it goes.
43:44 It's still great.
43:45 Let's talk a little bit about some of your projects.
43:48 Talked about Argon.
43:50 I think maybe one of the things you're best known for might be Adders.
43:54 Would you say?
43:55 It depends who you ask.
43:56 Okay.
43:56 I think Adders has the big, had the biggest impact on the community because they are the direct predecessor of data classes that I designed with Guido and Eric back then.
44:06 That goes back to Adders because people wanted something like Adders in a standard library.
44:10 But all right.
44:12 Well, tell us, tell people about Adders for those who don't know.
44:14 Imagine data classes, but more powerful, more powerful.
44:17 People sometimes try to compare it to PyDentic, but that's not that.
44:22 Adders is not trying to be a validation thing.
44:25 Adders is there for creating classes that you would have written yourself.
44:29 And I call it like a class writing toolkit.
44:33 And data classes keep catching up with what we do, but we are still ahead.
44:38 So we have more features.
44:39 We work better.
44:40 And especially for data science-y things, because we allow people to define comparisons in a custom way.
44:47 So you can compare NumPy arrays and everything.
44:50 And yeah, things like that.
44:52 And you don't need to use type annotations if you hate them.
44:55 That's also a big feature we have.
44:57 Yeah.
44:57 So when you create a class, you can just put some fields on it and that's great.
45:02 But there's probably some other things you might want to do, like define a hash and define an equals and an not equals and stir and a repr and all these kinds of things.
45:12 Right?
45:12 Yeah.
45:13 You just get that out of the box, right?
45:14 And maybe you want the class to be frozen.
45:17 Maybe you want slots and these kind of things.
45:20 Slots.
45:20 Interesting.
45:21 I don't know.
45:22 Everyone knows about slots.
45:23 Slots are kind of a cheat code for low memory, fast access.
45:28 Tell people about slots.
45:29 Dunder slots.
45:30 When you create a class in Python, by default, it's a so-called dictionary class because it has a dunder dict field where all the attributes are defined.
45:40 And you can do those classes whatever you want.
45:41 You can just add more attributes.
45:43 But if you define a slotted class, which doesn't have this dunder dict, but dunder slots, and you enumerate all attributes that this class will have, and it's then baked into the class.
45:54 So this is the big upside.
45:55 It's like, if you try to assign an attribute that doesn't exist, it will throw an error, which is good because it probably means that you mistyped.
46:04 And this is like the thing that you see from the outside, from the inside, it's much more interesting because those classes are more baked.
46:09 So they are just faster.
46:10 They're faster and use less memory.
46:12 Yeah, they use quite a bit.
46:13 I think named tuples use more memory, you know, and you think how tuple is kind of like as about as bare bones as it can get.
46:20 But yeah, it's quite interesting.
46:22 My experience is that even attribute access is a tiny bit faster than in regular classes.
46:28 Yeah, and this is why in the new APIs, it's the default in others.
46:32 Like data classes grew slots too, but it's optional in others.
46:36 It's now opt out because it's really good.
46:39 Yeah, yeah.
46:39 Because why not?
46:41 My experience is it's cool to have the dynamic nature of classes and types and you can do all sorts of stuff to change them.
46:49 But most of the time you don't.
46:50 And if you're not going to, like you said, get the I mistyped something catch because it won't let you do it.
46:57 And the better memory and better performance, right?
46:59 Yeah, I think this is something that Rust has changed too.
47:03 The influence of Rust on Python has been that we got a little less dynamic with time, which I personally think is a good thing.
47:10 Because I started moving away from that sooner.
47:12 Like using dictionaries and tuples and all these things.
47:16 It's just very hard to reason about when you come back like a year later and try to understand what this code is doing.
47:22 What is this star star KWRX thing?
47:24 What are we doing here?
47:25 Oh yeah, there's still so many APIs.
47:27 You have a nice IDE.
47:29 You press F12.
47:31 You jump to the function and it's star star KWRX.
47:34 And thank you.
47:36 Yes, exactly.
47:36 You know, if that works out well, there might be a big doc string that says these are the seven things that can actually go in this keyword arguments.
47:44 And here's their type.
47:45 You're extra lucky it's true.
47:47 Yeah, it's actually true or it's actually comprehensive.
47:51 Yeah.
47:52 I don't know.
47:52 I feel a lot of times if when you're doing that kind of stuff, if you end up back in the documentation, like something's kind of gone a little bit wrong.
47:59 Like you should probably be able to tell at least, does it take arguments?
48:02 What might they possibly be?
48:05 But then you go to the documentation, it's auto generating.
48:07 Like, well, no, not getting far on this one.
48:09 All right.
48:10 Well, since we have this, the opinion of Hennick episode, what are your thoughts on types?
48:16 What do you think?
48:17 Like I just said, I was moving to like more static things in general because it's just easier to reason about, easier to understand.
48:24 And it informs the design of APIs too, like which I just find the APIs that come out nowadays are widely more accessible than what we used to have.
48:35 And as Lukasz Langer's keynote a few years ago at PyCon US was like, if something is hard to type, maybe it's just bad design.
48:41 That's an interesting take.
48:43 Yeah.
48:43 It's not always true, by the way.
48:45 Like there are legitimate use cases for Python where typing is a bad fit.
48:50 It's completely true and it's not great for everything.
48:52 But I personally just take any help that I can get that helps me to make my code more understandable and help me like ensure that I'm writing what I'm thinking I'm writing.
49:04 Like types helped me the best with finding logic errors in what I thought I was passing around and what I was actually passing around.
49:11 Because like things that work by accident because something gets auto-converted somewhere are the most dangerous things because they explode when you are on the beach with your margarita.
49:21 Yeah, they do.
49:22 And that's not good, as we already pointed out.
49:24 You know, another thing that I really like about them, I'm kind of on your team with this one as well.
49:29 And I really like that I hinted at before.
49:31 You don't have to go to the documentation and go like, what is this?
49:34 I know it says it takes an options.
49:36 What is an options?
49:37 You know, like I have no idea what goes here still.
49:39 This doesn't tell me.
49:40 But if it means it's this class or it's a dictionary, well, at least you got some hints on like, well, this is where I start knowing what I'm supposed to do here.
49:47 And also with the editor, right?
49:49 If I hit dot, it gives you a way better chance of just continuing to type instead of going and looking up stuff.
49:55 And also, that's something people don't talk that much about, but it forces you to give things names.
50:00 Sometimes when you have problems to give a type a name, that's a sign that you don't quite understand what the thing is doing.
50:08 Or maybe it's doing too many things.
50:09 And that way you have like this instant feedback about your design and how you think about things.
50:15 And that I find very useful.
50:17 And also, I have to point is, typing would be just marking things that could be none or not.
50:22 That would be already like 99% of the value of types.
50:27 Like just helping to avoid non-type errors.
50:31 Yeah.
50:31 Optional or not optional?
50:32 What are we going to do here?
50:33 Yeah.
50:34 Yeah.
50:34 I do like that it's optional, that it's progressive.
50:38 I came from static languages to Python.
50:41 And the fact that it didn't have types, I kind of wanted something.
50:44 But I also played around with TypeScript.
50:47 I battled with the TypeScript system where it's like, well, we don't know what this thing is, but you're supposed to pass in something that's known in the type system.
50:53 And you're like, I know this will work.
50:55 Just get out of my way and let me do it.
50:57 You know what I mean?
50:57 And I think there's a pretty good balance that's got here.
51:01 I have a whole keynote in my head about the true Python superpower is the graduality.
51:06 Because you can start with the biggest trash, shitty code in a Jupyter notebook and just work yourself up by putting it in a file, running rough linter, then adding types and so on.
51:18 And you end up with production code of the best kind.
51:21 But you started with complete shit.
51:23 And that's how my brain works.
51:24 Like, I like to try things out and then just polish the turds, must I say.
51:28 Polish it when it's proven that it's worth putting your time and energy to, right?
51:33 Exactly.
51:33 And I find this very frustrating with languages like Rust or Go, which I read a lot of Go.
51:37 And Go won't even compile your thing if you have an unused import.
51:41 And this is just so frustrating.
51:43 Oh my gosh.
51:45 Just eat my trash and make it work.
51:46 I will fix it later.
51:48 I promise.
51:48 That's a pretty interesting take.
51:50 All right.
51:50 Well, let's give maybe a shout out to Stamina also.
51:55 Like, that's the story of Stamina.
51:57 That's a good one.
51:58 Yeah?
51:58 It's like from my latest projects, kind of the most popular one, because it just solved
52:04 the problem we all have that we use Tenacity, which is a great.
52:07 We all used Tenacity, which is a great package, but it has no good default because it's also
52:12 a very old package.
52:13 And everybody's just copy pasting these standard settings around that make it behave in a good
52:20 way.
52:21 And it's also, at least back then, didn't do proper typing.
52:24 So I just wrote this tiny shim around that so I can stop copy pasting the same things
52:29 over and over again.
52:30 It turns out a lot of people have the same problem.
52:32 Yeah.
52:32 So if you've got a function, for example, I give a little example here that might crash
52:37 because it's here.
52:39 Like, you know what?
52:40 If I just tried this again, I bet it would work.
52:42 Right?
52:43 Just add stamina dot retry.
52:44 Specify the error.
52:45 Yep.
52:46 And I don't, it's been a while since I checked it out, but it's got like exponential back
52:50 off and other, other types of things like.
52:52 And jitter.
52:52 Oh, and jitter.
52:53 Okay.
52:53 Nice.
52:53 Yeah.
52:54 I use it in certain things.
52:56 It's not very often that you need something like this, but when you do, you're like, oh,
52:59 yes, it's getting this.
53:00 Like in my experience, you need it whenever you talk to external systems, because if you're
53:05 doing this API cost, it will fail at some point.
53:07 And just, just put it on it.
53:08 Just think.
53:09 I mean, nowadays it has a lot of more features.
53:12 Like you can now like have a callable that decides where you want to really want to retry.
53:16 For example, you've got an HTTP error, but in HTTPX, there's no difference between HTTP error
53:21 because you got a 500 back or because you got a 401 back.
53:25 If you keep retrying on 401 or 403, you will get banned from the API, right?
53:29 On the 500, you probably want to retry.
53:31 These kind of things.
53:32 Yeah, absolutely.
53:33 Yeah, the whole rate limiting thing.
53:35 That's also tricky to work with.
53:38 But I suppose if you said, like, okay, well, retry it, but put some kind of delay, you know,
53:42 maybe, maybe you'll be all right.
53:44 The delay is built in.
53:45 That's the whole point.
53:46 It's exponential back off.
53:47 One thing I do want to talk about as well is just Argon.
53:50 Yes.
53:51 So quick, like very, very cool algorithm.
53:54 It's one of these so-called memory hard problems that is somewhat resistant to brute forcing
54:00 over just massive parallelism and so on.
54:03 Want to talk about that real quick?
54:04 What do you want to hear?
54:05 Well, just tell people what it is.
54:07 Maybe, you know, what's your project about and what should people consider using it, you know?
54:10 Yeah.
54:11 So many, many years ago, I think it was like 2016 or so, there was this password hashing
54:15 competition because we needed to find a way to hash our passwords in a way that is, as
54:22 you just said, memory hard.
54:23 If you hear of rainbow tables, you shouldn't be using MD5.
54:28 All these things are like all part of that.
54:29 Like we got to get past that, right?
54:31 But this is like next level because people are running ASICs.
54:33 So like programmable boards that are just specifically for cracking passwords in parallel.
54:40 The only way to get to fight this is make it memory hard.
54:44 like checking these passwords or hash, this hashing algorithm also needs a lot of memory
54:49 to work.
54:50 There's one more famous one, which is called S-crypt or Yes-crypt, which is nowadays also
54:56 part of the standard library.
54:57 So that's that.
54:59 But Argon2 won the password hashing competition.
55:01 And yeah, it works.
55:03 It's in wide use.
55:05 And yeah, I'm maintaining it for now like six years or something, or I think longer.
55:10 So if you're storing your own passwords, certainly this is one of the good options.
55:15 Do you know what the story is with, oh gosh, what is it?
55:18 Is it passlib, I believe?
55:20 Yeah, this is really, passlib is throwing a lot of warnings about things that it's using
55:26 that are being deprecated or even removed.
55:29 I feel like it was really great for a while, but you know, now you go to it, it's like...
55:34 Yeah, last edited four years ago, that's a problem.
55:36 Yeah, it's not great.
55:38 And I feel like it was on, almost on SourceForge or something for a while, which is really, you
55:43 know, I can't remember exactly where I was talking about.
55:44 Bitbucket.
55:44 It was in Bitbucket.
55:45 Bitbucket's fine.
55:46 Yeah, okay.
55:46 Bitbucket's fine.
55:47 No, it's not.
55:48 It's gone.
55:49 Oh, is Bitbucket gone?
55:51 Yeah, more or less.
55:51 You can see the URL.
55:53 This is a Heptapod, which is like the only Mercurial hosting that open source projects
56:00 can use nowadays.
56:01 There you go.
56:02 Bitbucket, deprecating Mercurial support, yeah.
56:04 All right, but well, they also have Argon2 support, which is nice.
56:08 They use my library.
56:09 Yeah, that's what I thought.
56:10 Yeah, that's what I thought.
56:11 Yeah, super cool.
56:12 Awesome.
56:12 All right, let's close this out with one more take before, I think we're pretty much out
56:17 of time, but it's been a lot of fun.
56:19 LLMs.
56:20 LLMs writing code for us.
56:22 Are we just going to be out of work in a year or two?
56:25 What do you think about this?
56:26 I'm not super worried about it, but it's definitely changing things, I think.
56:30 When you say we, it can mean we, the two of us.
56:33 The answer is clearly no.
56:35 I think we, as in Michael and Hinnick, will benefit from LLMs, I think.
56:39 But we, as programmers in general, and especially junior programmers, that's going to be a different
56:46 thing.
56:46 And I wouldn't dare to guess how that will play out.
56:51 Like, I'm personally using LLMs.
56:55 I use Anthropic.
56:57 But I use it in a way that I feel like you have to be very senior to actually use that.
57:05 Because when you ask it for code, you just get code with old libraries because it's trained
57:11 on old code from GitHub, right?
57:14 My co-pilot once gave me a SQL injection code suggestion.
57:20 It'll be fine.
57:21 What is the most common security problem with code?
57:25 Yeah, SQL injections.
57:26 Of course, it's going to be in those LLMs and suggesting it to me.
57:30 I think it's going to, it is a useful tool.
57:32 It usually doesn't give me what I need, but it gives me enough to help me to ask a search
57:38 engine what I actually need.
57:40 So this is what I'm going to say.
57:41 What it's actually really good for is writing SQL in my experience, because my brain, I somehow,
57:46 I cannot write CTEs.
57:48 Like, I just, the syntax, I don't know.
57:51 I just can't.
57:51 So I usually ask an LLM to write the CTE for me and then just write the rest of the query.
57:57 Well, for me, that's regular expressions.
57:58 That's why I go to LLMs.
57:59 I'm like, you need to write me a regular expression with some capture groups because this is too much
58:05 for me.
58:05 I've been using LM Studio, which is really nice.
58:09 It lets you download a bunch of different models and been running Llama and Mistral lately,
58:14 and they've both been pretty good.
58:15 Yeah, but they run locally, right?
58:17 They run, it's free.
58:18 It's super nice.
58:19 One thing that's pretty interesting here is if you talked about this as well, and I don't
58:24 know what this trend means.
58:25 If you go to Stack Overflow Trends and you look at the most popular languages and you look
58:30 right around late 2022, early 2023, there is a ridiculous drop in the popularity of questions
58:39 on Stack Overflow for Python, for JavaScript, and interestingly, not a whole lot for the others.
58:44 But that's when ChatGPT came out.
58:47 Yeah.
58:47 All right?
58:48 So I don't know what it's going to mean, but it's clearly having some kind of effect somewhere,
58:53 right?
58:53 I don't know, but that might just be making people more productive and they're not on Stack
58:57 Overflow, right?
58:57 That might be a Stack Overflow problem, not a developer ecosystem problem.
59:00 The friction to ask LLM is much, much smaller than asking actual people and then get some,
59:07 get trolled by some moderator or whatever.
59:12 So I can see that people are going to prefer LLMs to talking to people.
59:16 And also most questions on Stack Overflow are quite trivial, to be honest.
59:20 So I think that makes sense.
59:21 How do I connect to a database using this library, right?
59:24 How do I disable SSL because I'm getting this certificate error all the time, the classics.
59:29 But it also means that a lot of trash code is being written right now, right?
59:34 Like the things that I just told you that where you and I, we look at this code and we say,
59:38 okay, this in principle is useful, but I cannot put this into production because error handling
59:44 is wrong or there's some security issue or whatever.
59:47 This is something that actually concerns me.
59:49 Like a lot of people are writing code they don't understand or putting into production.
59:53 And I think that's going to have consequences that are not going to be pretty.
59:56 Yeah, I totally agree with you.
59:58 And also my, one of my concerns you touched on as well is like, how do you go from beginning
01:00:03 developer to slightly beyond junior developer?
01:00:07 I don't know if LLMs are going to help people make that jump quicker or if they're just going
01:00:11 to make that jump like a wider chasm because people won't need juniors because they're just
01:00:15 going to ask the LLM to just do the thing, you know?
01:00:18 Yeah.
01:00:18 Yeah.
01:00:18 This is, this is the problem.
01:00:19 Like, like bean counters are going to look into Excel and I got to wonder what makes more
01:00:25 sense, right?
01:00:26 And the fact that they're eating their seed for next year and there's suddenly, oh my God,
01:00:31 why are there no new senior software engineers?
01:00:34 Well, we didn't make them, but yeah, it's going to be like a Cobalt.
01:00:38 Fewer people who are really, really needed to keep things working.
01:00:43 We will never retire, Michael.
01:00:44 You will never retire.
01:00:45 Exactly.
01:00:45 Yeah.
01:00:46 We're going to be programming on the beach with our margaritas in our seventies.
01:00:50 Well, let's leave it there.
01:00:53 Is that a positive take?
01:00:54 I don't know.
01:00:54 I really enjoyed our conversation though.
01:00:56 And a lot of good advice for people.
01:00:58 So thanks for being here.
01:00:59 Yeah.
01:01:00 Thanks for having me.
01:01:00 Yeah, you bet.
01:01:01 See you later.
01:01:01 This has been another episode of Talk Python to Me.
01:01:05 Thank you to our sponsors.
01:01:07 Be sure to check out what they're offering.
01:01:08 It really helps support the show.
01:01:10 This episode is brought to you by WorkOS.
01:01:13 If you're building a B2B SaaS app, at some point, your customers will start asking for enterprise
01:01:18 features like SAML authentication, skim provisioning, audit logs, and fine-grained authorization.
01:01:24 WorkOS helps ship enterprise features on day one without slowing down your core product development.
01:01:30 Find out more at talkpython.com.
01:01:32 And this episode is brought to you by Bluehost.
01:01:37 Do you need a website fast?
01:01:38 Get Bluehost.
01:01:39 Their AI builds your WordPress site in minutes, and their built-in tools optimize your growth.
01:01:45 Don't wait.
01:01:45 Visit talkpython.fm/bluehost to get started.
01:01:49 Want to level up your Python?
01:01:50 We have one of the largest catalogs of Python video courses over at Talk Python.
01:01:54 Our content ranges from true beginners to deeply advanced topics like memory and async.
01:02:00 And best of all, there's not a subscription in sight.
01:02:02 Check it out for yourself at training.talkpython.fm.
01:02:05 Be sure to subscribe to the show.
01:02:07 Open your favorite podcast app and search for Python.
01:02:10 We should be right at the top.
01:02:11 You can also find the iTunes feed at /itunes, the Google Play feed at /play,
01:02:16 and the direct RSS feed at /rss on talkpython.fm.
01:02:21 We're live streaming most of our recordings these days.
01:02:24 If you want to be part of the show and have your comments featured on the air,
01:02:27 be sure to subscribe to our YouTube channel at talkpython.fm/youtube.
01:02:31 This is your host, Michael Kennedy.
01:02:34 Thanks so much for listening.
01:02:35 I really appreciate it.
01:02:36 Now get out there and write some Python code.
01:02:38 I'll see you next time.