Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Treść dostarczona przez Real Python. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Real Python lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
Podobny do The Real Python Podcast
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
We'll investigate the one-packet attack on Linux systems and then discuss Valve’s major Wayland moves and what they hope to fix. Join our live chat!
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
))
Welcoming PyPI's Safety & Security Engineer Mike Fiedler
Manage episode 381080928 series 2637014
Treść dostarczona przez Real Python. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Real Python lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
You may remember a recent Python Package Index (PyPI) announcement about hiring a full-time security engineer. We’ve also mentioned several current security initiatives from PyPI. This week on the show, we talk with Mike Fiedler about accepting this new role and securing accounts on PyPI.
Mike talks about how he started as a contributor to PyPI and eventually became a maintainer. We dig into why he fits this new role well and what his responsibilities are.
We discuss the initiative to secure accounts using two-factor authentication (2FA) methods. Mike also explains how package maintainers can adopt a new, more secure publishing method called trusted publishing that doesn’t require long-lived passwords.
We also discuss Mike’s recent talk called “How to Give Back to Open Source Without Losing Your Mind.” Mike shares advice and resources for finding your own contribution entry points.
Course Spotlight: Publishing Python Packages to PyPI
In this video course, you’ll learn how to create a Python package for your project and how to publish it to PyPI, the Python Package Index. Quickly get up to speed on everything from naming your package to configuring it using setup.cfg.
Topics:
- 00:00:00 – Introduction
- 00:02:11 – PyPI Safety and Security Engineer
- 00:05:21 – Why did you initially become a PyPI contributor?
- 00:11:26 – What are you most excited about in your new role?
- 00:12:02 – Current security concerns
- 00:15:07 – Focus on malicious package reporting
- 00:16:30 – 2FA enforcement and building trust
- 00:26:51 – Managing credentials and password managers
- 00:29:24 – Forms of 2FA
- 00:31:48 – Trusted publishers
- 00:38:08 – Video Course Spotlight
- 00:39:28 – Updating an older project
- 00:41:44 – Evolution of security
- 00:43:06 – Typosquatting and evolving security
- 00:49:13 – How To Give Back to Open Source Without Losing Your Mind
- 00:52:48 – What are you excited about in the world of Python?
- 00:54:45 – What do you want to learn next?
- 00:57:06 – How can people follow your work online?
- 00:57:37 – Thanks and goodbye
Show Links:
- PyPI hires a Safety & Security Engineer - The Python Package Index
- Inbound Malware Volume Report - The Python Package Index
- 2FA Enforcement for New User Registrations - The Python Package Index
- PyPI 2FA Security Key Giveaway - PyPI
- Software Bill Of Materials - National Telecommunications and Information Administration
- Introducing ‘Trusted Publishers’ - The Python Package Index
- Trusted Publishers - Getting Started - PyPI Docs
- How To Give Back to Open Source Without Losing Your Mind – vBrownBag
- Good First Issues - OpenSauced
- Good First Issues
- Participation - Hacktoberfest 2023
- Python Release Python 3.12.0 - Python.org
- htmx - high power tools for html
- The web framework for perfectionists with deadlines - Django
- The Python Package Index - Blog
- Mike Fiedler, Code Gardener (@miketheman@hachyderm.io) - Fosstodon
- Mike Fiedler, Code Gardener (@mikefiedler) / X
- Mike Fiedler’s personal website
Level up your Python skills with our expert-led courses:
223 odcinków
Udostępnij
Manage episode 381080928 series 2637014
Treść dostarczona przez Real Python. Cała zawartość podcastów, w tym odcinki, grafika i opisy podcastów, jest przesyłana i udostępniana bezpośrednio przez Real Python lub jego partnera na platformie podcastów. Jeśli uważasz, że ktoś wykorzystuje Twoje dzieło chronione prawem autorskim bez Twojej zgody, możesz postępować zgodnie z procedurą opisaną tutaj https://pl.player.fm/legal.
You may remember a recent Python Package Index (PyPI) announcement about hiring a full-time security engineer. We’ve also mentioned several current security initiatives from PyPI. This week on the show, we talk with Mike Fiedler about accepting this new role and securing accounts on PyPI.
Mike talks about how he started as a contributor to PyPI and eventually became a maintainer. We dig into why he fits this new role well and what his responsibilities are.
We discuss the initiative to secure accounts using two-factor authentication (2FA) methods. Mike also explains how package maintainers can adopt a new, more secure publishing method called trusted publishing that doesn’t require long-lived passwords.
We also discuss Mike’s recent talk called “How to Give Back to Open Source Without Losing Your Mind.” Mike shares advice and resources for finding your own contribution entry points.
Course Spotlight: Publishing Python Packages to PyPI
In this video course, you’ll learn how to create a Python package for your project and how to publish it to PyPI, the Python Package Index. Quickly get up to speed on everything from naming your package to configuring it using setup.cfg.
Topics:
- 00:00:00 – Introduction
- 00:02:11 – PyPI Safety and Security Engineer
- 00:05:21 – Why did you initially become a PyPI contributor?
- 00:11:26 – What are you most excited about in your new role?
- 00:12:02 – Current security concerns
- 00:15:07 – Focus on malicious package reporting
- 00:16:30 – 2FA enforcement and building trust
- 00:26:51 – Managing credentials and password managers
- 00:29:24 – Forms of 2FA
- 00:31:48 – Trusted publishers
- 00:38:08 – Video Course Spotlight
- 00:39:28 – Updating an older project
- 00:41:44 – Evolution of security
- 00:43:06 – Typosquatting and evolving security
- 00:49:13 – How To Give Back to Open Source Without Losing Your Mind
- 00:52:48 – What are you excited about in the world of Python?
- 00:54:45 – What do you want to learn next?
- 00:57:06 – How can people follow your work online?
- 00:57:37 – Thanks and goodbye
Show Links:
- PyPI hires a Safety & Security Engineer - The Python Package Index
- Inbound Malware Volume Report - The Python Package Index
- 2FA Enforcement for New User Registrations - The Python Package Index
- PyPI 2FA Security Key Giveaway - PyPI
- Software Bill Of Materials - National Telecommunications and Information Administration
- Introducing ‘Trusted Publishers’ - The Python Package Index
- Trusted Publishers - Getting Started - PyPI Docs
- How To Give Back to Open Source Without Losing Your Mind – vBrownBag
- Good First Issues - OpenSauced
- Good First Issues
- Participation - Hacktoberfest 2023
- Python Release Python 3.12.0 - Python.org
- htmx - high power tools for html
- The web framework for perfectionists with deadlines - Django
- The Python Package Index - Blog
- Mike Fiedler, Code Gardener (@miketheman@hachyderm.io) - Fosstodon
- Mike Fiedler, Code Gardener (@mikefiedler) / X
- Mike Fiedler’s personal website
Level up your Python skills with our expert-led courses:
223 odcinków
Усі епізоди
×
Zapraszamy w Player FM
Odtwarzacz FM skanuje sieć w poszukiwaniu wysokiej jakości podcastów, abyś mógł się nią cieszyć już teraz. To najlepsza aplikacja do podcastów, działająca na Androidzie, iPhonie i Internecie. Zarejestruj się, aby zsynchronizować subskrypcje na różnych urządzeniach.
Podobny do The Real Python Podcast
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Get ready for a weekly dose of all things Enterprise Software and Cloud Computing! Join us as we dive into topics including Kubernetes, DevOps, Serverless, Security and Coding. Plus, we’ll keep you entertained with plenty of off-topic banter and nonsense. Don’t worry if you miss the latest industry conference - we’ve got you covered with recaps of all the latest news from AWS, Microsoft Azure, Google Cloud Platform (GCP) and the Cloud Native Computing Foundation (CNCF).
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 13 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell (@jcutrell), co-founder of Spec and Director of Engineering at PBS. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Twitter: @developertea :: Email: deve ...
…
continue reading
We'll investigate the one-packet attack on Linux systems and then discuss Valve’s major Wayland moves and what they hope to fix. Join our live chat!
…
continue reading
Join our weekly discussion about how to build top end Angular applications and become an Angular expert. Become a supporter of this podcast: https://www.spreaker.com/podcast/adventures-in-angular--6102018/support.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Player FM - aplikacja do podcastów
Przejdź do trybu offline z Player FM !
Przejdź do trybu offline z Player FM !
