Notices by Seth Larson (sethmlarson@fosstodon.org), page 3

Loving the new website @hugovk! I've changed my RSS reader to the new feed URL :)

https://hugovk.dev

I've made the source of my #TipTheTinyWeb project public, there is no license yet. I'm quite happy with what I've been able to do with tools I'm not familiar with like Alembic and SQLAlchemy. 500 lines of Python code is powerful!

https://github.com/sethmlarson/tip-the-tiny-web

Congrats to @kjaymiller for becoming a @ThePSF Fellow!!! :partyparrot:

👏👏👏👏👏

https://kjaymiller.com/blog/on-becoming-a-psf-fellow.html

Oh, you support private E2EE communication? Then where's your #Signal supporter badge? 👀🔎

https://signal.org/blog/become-a-signal-sustainer/

@joshbressers I'm not sure! I'll send it to the team to see if they know.

I tested out an experimental packaging of Cosign (Sigstore) for Debian thanks to Simon Josefsson. Adoption of Sigstore by Linux distros is an exciting sign, there will be an abundance of Sigstore attestations in the near-future thanks to PEP 740 for PyPI.

https://sethmlarson.dev/cosign-and-debian

This is awesome, I'm so glad there was a writeup (with good advice!) accompanying the support I received to Github Sponsors! 💜

https://kvinogradov.com/algo-sponsors/

I've noticed a concerning trend of "slop security reports" being sent to open source projects. Here are thoughts about what platforms, reporters, and maintainers can do to push back:

#oss #opensource #security

https://sethmlarson.dev/slop-security-reports?utm_campaign=mastodon

We have an /extremely serious/ Pikmin Bloom group, and we are very excited for community week 🤩 The amount of strategization is so great.

For PEP writers using #PyCharm: Settings > Code Style > General > Visual guides for Columns (80)

Published a visualization for my proposal on SBOM data for Python packages. Take a look and share comments or questions!

#security #python #sbom #supplychain

https://sethmlarson.dev/visualizing-the-python-package-sbom-data-flow

My work on supply-chain security has only been possible through the "Developers-in-Residence" program at the Python Software Foundation.

Security work is unlikely to be anyone's favorite thing to do with #Python, my job is to do that work! Consider me Python's security janitor 🧼🫧🧽

You can support my mission! 🚀 The PSF is hosting its end-of-year fundraiser where direct donations go to lovely programs like the Developers-in-Residence. Thank you for your consideration.

https://www.python.org/psf/donations/2024-q4-drive/

Idle thought, what if Python typing allowed this?

dict[str, any]

🤔

Looks like @ambv seems to be looking for type-hints allies in the last episode of core.py podcast, let it be known that I type-annotate throwaway Python scripts 😊 PyCharm makes it so easy!

Congrats Matt Greer for solving software distribution! E-Reader card with Solitaire delivered in an envelope by mail earlier today. Love it! 😍 (https://retrodotcards.com)

#gameboy #gba #retrogaming

Finding a vendor-neutral description of SBOMs that isn't enterprisey challenge. Difficulty level: IMPOSSIBLE

Migrating from Omnivore to Inoreader reminded me to not trap my efforts to annotate articles and feeds in a service, even one that I pay for. I started regularly dumping this info into OPML and using that data to generate my blogroll page:

https://sethmlarson.dev/links

Sentry putting their money where their mouth is, and a teaser for @ecosystems and @opencollective cross-over project too? This is awesome!

https://blog.sentry.io/we-just-gave-750-000-dollars-to-open-source-maintainers/

Today is my 5-year blog-iversary! 😊 Writing had a positive impact on my life, I would love to see more people writing and sharing on the internet. I wrote a few pieces of advice for new prospective writers:

https://sethmlarson.dev/writing-for-the-internet

PEP 761 has been accepted by the Steering Council, CPython 3.14 and onwards won't provide PGP signatures:

This is a win for Python release managers who volunteer their time for the #Python community for 7+ years. Thanks to all past and current release managers 💜

https://peps.python.org/pep-0761/