Notices by Seth Michael Larson (sethmlarson@fosstodon.org)

Pixelfed is being slammed with traffic right now, send them some support if you support their mission :)

https://mastodon.online/@mastodonmigration/113822619296882086

Meta is scared of Pixelfed. This is the biggest endorsement of Pixelfed that I've seen so far.

https://fosstodon.org/@mastodonmigration@mastodon.online/113819524021365621

This model has me excited, web pages that asynchronously load #Python and #Pyodide for a seamless experience for the user while allowing developers to use Python.

https://kai.bi/post/run-python-programs-easily-in-the-browser

What the fuck is happening over at Meta???

Fake AI profile of a "Black queer momma of 2" that Meta is proudly putting its name on ("AI managed by Meta" in the profile) featuring pictures of fake charity donations and children.

https://mastodon.social/@kjhealy/113765040222504912

@baconandcoconut In our case it was blind assumptions, I wouldn't expect them to check social media but internalizing how we sign off on our own cards or texting to clarify are well-within the realm of expectations for them. I would not be surprised if for both family members this was their first experiences with a married couple that didn't share a family name.

@baconandcoconut We had this same problem from multiple family members, took an unfortunate (>3) number of reminders but it seems to have stuck for this past round of holiday cards?

Loving the new website @hugovk! I've changed my RSS reader to the new feed URL :)

https://hugovk.dev

I've made the source of my #TipTheTinyWeb project public, there is no license yet. I'm quite happy with what I've been able to do with tools I'm not familiar with like Alembic and SQLAlchemy. 500 lines of Python code is powerful!

https://github.com/sethmlarson/tip-the-tiny-web

Congrats to @kjaymiller for becoming a @ThePSF Fellow!!! :partyparrot:

👏👏👏👏👏

https://kjaymiller.com/blog/on-becoming-a-psf-fellow.html

Oh, you support private E2EE communication? Then where's your #Signal supporter badge? 👀🔎

https://signal.org/blog/become-a-signal-sustainer/

@joshbressers I'm not sure! I'll send it to the team to see if they know.

I tested out an experimental packaging of Cosign (Sigstore) for Debian thanks to Simon Josefsson. Adoption of Sigstore by Linux distros is an exciting sign, there will be an abundance of Sigstore attestations in the near-future thanks to PEP 740 for PyPI.

https://sethmlarson.dev/cosign-and-debian

This is awesome, I'm so glad there was a writeup (with good advice!) accompanying the support I received to Github Sponsors! 💜

https://kvinogradov.com/algo-sponsors/

I've noticed a concerning trend of "slop security reports" being sent to open source projects. Here are thoughts about what platforms, reporters, and maintainers can do to push back:

#oss #opensource #security

https://sethmlarson.dev/slop-security-reports?utm_campaign=mastodon

We have an /extremely serious/ Pikmin Bloom group, and we are very excited for community week 🤩 The amount of strategization is so great.

For PEP writers using #PyCharm: Settings > Code Style > General > Visual guides for Columns (80)

Published a visualization for my proposal on SBOM data for Python packages. Take a look and share comments or questions!

#security #python #sbom #supplychain

https://sethmlarson.dev/visualizing-the-python-package-sbom-data-flow

My work on supply-chain security has only been possible through the "Developers-in-Residence" program at the Python Software Foundation.

Security work is unlikely to be anyone's favorite thing to do with #Python, my job is to do that work! Consider me Python's security janitor 🧼🫧🧽

You can support my mission! 🚀 The PSF is hosting its end-of-year fundraiser where direct donations go to lovely programs like the Developers-in-Residence. Thank you for your consideration.

https://www.python.org/psf/donations/2024-q4-drive/

Idle thought, what if Python typing allowed this?

dict[str, any]

🤔

Looks like @ambv seems to be looking for type-hints allies in the last episode of core.py podcast, let it be known that I type-annotate throwaway Python scripts 😊 PyCharm makes it so easy!