Python Bytes - #237 Separate your SQL and Python, asynchronously with aiosql
Episode Date: June 9, 2021Topics covered in this episode: Textual Pinning application dependencies with pip-tools compile Pynguin Python Advisory DB Function Overloading with singledispatch and multipledispatch Aiosql Extra...s Joke See the full show notes for this episode on the website at pythonbytes.fm/237
Transcript
Discussion (0)
Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to your earbuds.
This is episode 237, recorded June 9, 2021. I'm Brian Ocken.
I'm Michael Kennedy.
And I'm Mike Groves.
Hey Mike, thanks for showing up today. Tell us a little bit about yourself.
Yeah, well thank you guys for having me. This is actually really fun.
My name is Mike Groves. I am leading the engineering at a company called Assembly AI. We are mainly a Python shop, but we do a lot.
We do speech to text for developers.
We're an API company.
So you can really think of us as we are trying to make speech to text and all of the ways
that you can take that text and do things with it really easy for developers so that
they can integrate this value into their products
and make their customers happier.
Yeah, that's really cool.
I had somebody who, you know,
I had spoken to you guys at Assembly AI
for some TalkPython stuff,
but someone else that I'm working with reached out to me
and said, hey, I'm doing this stuff
with this Assembly AI API,
and I don't know how to save the file that well.
Can you help me?
I'm like,
oh, this looks really simple. This is really nice. So yeah, you guys are doing good work.
Yeah. We try to make it really simple. Yeah.
Yeah. Fantastic. Brian, shall we kick it off?
I think we should.
With a TUI.
Oh yeah.
A GUI, a graphical user interface. And this new trend of taking stuff that happens in the terminal
and making it nicer.
We've covered things like rich and stuff before, right?
Yeah, a lot.
I love rich.
Yeah, I do too.
And I'm super, super big fan.
So I want to cover something that's like a derivative of rich from Will McGann.
See, here we are messing up names already.
Sorry, Will.
And the idea is if I wanted to create like Emacs or a richer UI with something
like rich, I can sort of control stuff on the screen and how it prints, but it's not full on
curses, right? It's not, I want to write in this section over here and I want to dock this other
bit to the right and have rich automatically put stuff into it and so on. So I introduce you to
Textural. It was called rich.tui ui as in text terminal user
interface but it's uh now called textual and the idea is we can have these cool things like i would
like a thing to be a header of my terminal app and the footer of my terminal app and i want to dock
a 30 column wide section to the left and then just fill out the rest in a little area that just takes the rest of the space. How cool is that? Yeah, it's great. Yeah. And then each one of
these areas is written to and controlled by Rich. So all the nice stuff that we've already talked
about with Rich and the really nice things you get from there. So, you know, if people remember,
like Rich lets you have spectrums and like centered text or right aligned text and tables and just all sorts of good stuff.
So think of doing that. But on top of this, like it's almost like a layout for terminals.
Yeah, he's kind of rethinking how to do terminal stuff.
So this I know you can do all of this stuff with Curses libraries and things like that.
But Curses isn't always easy on all platforms.
So he's rethinking all of it.
And I think it's really kind of fun.
Yeah, I do want to point out something here really quick.
There's a comment in the reading that says this project is currently a work in progress and may not be usable for a while.
So, you know, just kind of maybe watch the repo and get notifications and stuff and see,
you know, keep your eye out for it.
On the other hand, this kind of thing, these early stages, a lot of people contact us and
say, I really want to get into open source.
I want to contribute to some project.
What should I work on?
Should I work on Django?
It's like, well, that's going to be a little bit complicated.
It's highly polished and there's a ton of dependencies.
Like projects like this that are in the early stages are really good for jumping in and getting involved if it sparks your interest. So. Yeah. And there's a
lot of room for people to do things like out of the testing, do documentation, test on different
platforms and really help it so that Will can concentrate on doing more features. Yeah. Yeah,
exactly. Even documentation, like a little tutorial or whatever.
And Kim out in the live stream, hey Kim, says, I would argue Curses isn't easy anywhere.
I agree.
It always feels like, oh boy, we're going down this path.
Mike, what do you think?
Well, it looks like a really cool library.
And I think for me, I try to think of what would I use it for?
And certainly a lot of internal tooling that we could use this for so that we can make better ways of monitoring our machine learning
systems and how that all works. And so, yeah, I think that would be something I would like to look
at. And yeah, and also just a lot of times too is just trying something out, even if you have
a day or two to just try it out and hit the bug so you can can really communicate that with the community on what's, you know, what, what is
broken and what could be, what could be fixed. Yeah, absolutely. I'm excited to see where this
goes. Yeah. So next up, I, we want to talk about pip tools. So we've actually, one of the listeners,
John Hagen contacted us a while ago and said, Hey, have you covered this? And we thought we had, but I don't think we have.
So I'm going to cover it now.
PIP tools.
So we've talked about other things around PIP,
like poetry and there's other ways to,
and some virtual environment controllers and stuff.
This isn't that.
This isn't an all-in-one thing.
But one of the things that,
like for instance, poetry gives you is,
and a couple other packaging things is lock files and stuff um and kind of a lock file really isn't i mean it isn't
really what it does i don't know if it's a lock file or pinned pinned requirements but the idea
around on pip tool just does a whole bunch of stuff but right now i'm just going to concentrate
on the compile part so the problem it solves is so let's say i've got like i'm going to give an example of i've got
like a requirement my my dependency is rich and typer is a like two libraries i'm depending on
i could just have a simple requirements.in file that has this just those two two two labels in it
and then with pip tools,
I can take that and take that requirements in file
and compile it.
I run pip compile,
and then I get like a pinned list.
And it actually just goes in
and writes the requirements.txt file.
So just from an easy, I require these things
and it'll pop out the actual pinned dependencies. And now
I can deploy this and all the other developers and stuff can use it and be okay with it. Of course,
before you do the deployment, please test this. So that's the idea as you upgrade your,
update your requirements, and then test it before you deploy it.
But this little extra step of taking,
like I've got a loose list of requirements
and I want to create a pinned list.
You can also, there's pip tools also has a way to just say,
let me get the syntax right, upgrade.
So you say dash dash upgrade
and it updates your requirements.
One of the things i
love about it also is it doesn't just do one file so if you've got a requirements.txt and a
a dev requirements.txt for instance with your you know your testing tools by test and such
you can throw that in a different file and it'll it'll update those too so you can have as many
actually as many uh requirements files as you want and it handles it just fine. So this is a really cool thing.
Jonathan also gave us an example project,
this Python Blueprint that has example code in it,
and it uses this workflow, and it has it in the README.
So if you want to check out a project that uses this,
go ahead and do that.
I don't really, actually, to be honest,
I don't use pip tools for anything other than this. This is what I use pip tools for, is just this. Go ahead and do that. I don't really actually, to be, to be honest, I don't use the
pip tools for anything other than this. This is what I use pip tools for is just this. I know it
does other things too, but this is what I use it for. I'm psyched about this. This looks fantastic.
I, I have a requirements.txt and a dev requirements-dev.txt. And in there I've been
putting like at the top, here's the stuff that i really wanted to
install and below it these are the things i want to pin not because i actually care about them or
you would actually need to mention them but i want things like to pin the bot to see that there's a
security problem in the dependency i'm using not the thing itself and so it'll bump the version
and fix it right yeah and that means i just noticed a couple days ago that there's these other libraries. I'm like, where did this come from? This is in my virtual environment
and I didn't, it's not in either of those scenarios, right? Well, some new dependency
was added to the main dependency that I didn't pay attention to. So now I'm like babysitting
the bottom half of my requirements.txt file, which seems like a thing I don't want to do with life.
This is beautiful. I'm all about this.
I'm very much thinking that this is going to be something I'm using out there. I seem to agree.
Yeah, I absolutely agree. And I actually have, we do not use this. I do not use this, but I will
be looking into this right after this podcast. So why am I not doing well?
This is, this, this will make my life a lot easier and I'm definitely gonna look into it. Now, Juergen brings up,
oh, the PipTools is awesome.
Yes, it is.
And he also brings up that
it's all about the app versus library story.
So PipTools is definitely on the app side.
So you wouldn't want completely pinned dependencies
in a library because it might conflict with the rest of the application.
Right, or pin you to say, I have to have the one that has the vulnerability in it rather than the newer one that fixes it, right?
You don't want that.
Yeah, right.
Yeah.
Awesome.
Yeah.
So I think you're up, Mike.
I think I'm up.
All right.
Okay, so here's a hint on the pronunciation, but you're going to have to give this a shot on your
own. Yeah. So I'm going to say it's, it's Pinegwin, but I guess you could call it Penguin. I don't
know. I don't know what the proper pronunciation there is, but so Penguin is a library for
automating the generation of tests. So basically what you do is it's CLI. You set this up. You point it at your code.
You can sometimes give it hints.
And then it goes off and it processes your files and produces tests.
Just disclaimer here.
They mentioned this several times, and this is very important.
It will run your code.
And it will try many different inputs. So you have to be very
careful with what that code is doing. So they suggest wrapping it in a Docker container to
prevent it from affecting or poisoning your file system. Maybe don't give it access to the
production database, something like that. Yes, exactly. Exactly. So yes, I didn't go deep into it, but I know that
they're using some interesting search techniques. This is actually developed at a university and
there's a white paper behind it. I don't think it's here, but if you look it up, I'm sure you
could find the white paper that's associated, but it's supposed to be a very interesting technique around searching for the inputs that would find good edge cases. So it does take a while to run,
they say, so you can give it some hints and they talk about that within the documentation.
But I really think this is something for me, I look at tools, I'm like, well, what would I use
it for? And I think a lot of times we're busy and we don't get the coverage that we
really want to get because, you know, deadlines and, you know, we want to land this customer.
And, and so we have to get, we have to, you know, work really quick to get this one feature done.
We only get half coverage instead of getting, you know, 90% or plus. So I think this tool could help maybe bridge that gap in those cases and maybe
give you a jumpstart to getting the coverage that you're looking for on your projects.
So that's what I'm looking at it for. And yeah, I think it's a cool project.
It looks like one of those systems a little bit like Hypothesis. Are you familiar with Hypothesis?
Only by name. I haven't actually looked into it.
Where it kind of tries to determine,
oh, what are some edge cases?
And some, like you give it bounds of data
and it'll test different scenarios for you.
It looks quite interesting.
Brian, are you familiar with this?
I'm not.
I'm actually often leery of test generators,
but I don't know if people find it useful.
Maybe it's worth checking out.
Yeah.
Yeah, it looks neat. Yeah, I'm the same. I would say I'm the same, Brian.
I did, you know, I was a little bit leery, I guess about, about the idea of it. For me,
as I said, I think it's just really that gap that, you know, if you have a gap in coverage
and you're really just trying to get a quick, a quick jumpstart on, on your, your coverage,
this might be a good tool to start with. That's, that's my thought. Yeah. Yeah. Very cool. That's good. Although Brian,
I don't know if you really, uh, want to encourage it too much. You're getting out there. I'd known
about penguin earlier. I might not have bought Brian's testing book. You didn't need to highlight
that. Uh, indeed, indeed. All right. You got the next one? Well, I wanted to, I think we're at the sponsor bit.
I believe we are.
Yeah, so let's, yeah, so I don't have our sponsor up.
I got you.
There we go.
This episode of Python Bytes is brought to you by Sentry.
How would you like to remove a little stress from your life?
Well, do you worry about users that,
do you worry that users may be having difficulties
or encountering errors in your app? Right now, would you worry that users may be having difficulties or encountering errors in your app?
Right now, would you even know until they sent you a support email?
How much better would it be to have the error and performance details
immediately sent to you, including the call stack and values of local variables
and the active user recorded in the report?
That'd be awesome.
With Sentry, it's not only possible, but simple.
In fact, Michael uses Sentry on it's not only possible, but simple.
In fact, Michael uses Sentry on all of his web properties,
including Python Bytes here.
He actually fixed a bug triggered by a user
and had the upgrade ready to roll out
as he got the support email.
That's also Sentry,
but also because Michael's awesome.
But anyway, surprise and delight your users today.
Create your Sentry account at pythonbytes.fm slash Sentry.
And please, when signing up, click the got a promo code and redeem and enter Python Bytes, all one word.
It's good for two free months of Sentry's team plan, which will give you up to 20 times as many monthly events as well as other features.
That's pythonbytes.fm slash Sentry and promo code Python Bytes.
Yep.
Thanks, Sentry.
All right.
I guess I got the next one.
This one is sent in by a friend of the show, Brian Skin.
Thank you, Brian.
And he let us know that there is something out there for all of us who love these external
packages and all of these amazing Lego building blocks that are PyPI.
And yet, that's running other people's code with dependencies on them getting things right.
And this is under the PyPA.
So this is sort of pretty neat in terms of being officially the Python Packaging Authority group, I believe.
And so it's called the advisory-db.
It's a security advisory database
for Python packages published on pypi.org.
And the idea is if somebody finds some major problem
with the package or maybe even worse,
maybe it's like a typosquatting scenario,
but more like, you know,
that part where they were supposed to check the input
in that form and then they did this direct SQL query? They didn't do that. Now they are, you really, really should
change that so that they're using like parameterized queries now. And so there's a vulnerabilities
directory that is just a bunch of YAML files. You come over here, like let's take a one here
that maybe a security conscious bleach. I love the name of this package.
The idea is you take user input and you sanitize it by putting bleach on it, which is fantastic.
But even the sanitizers can have problems, right?
So we check this out back.
Apparently in 2020, there's a problem with bleach in PyPI. of bleach before 3.12 a mutation xss cross-site scripted in bleach.clean when rcd rc data and
either the svg or math tags are whitelisted and such and such is set like oh my gosh but here's
all the version it affects and here's the fixed version and then there's some more info about like
where that was spoken about like where the problem was discovered and so on this is really cool so
if you depend on these packages and we already spoke at the beginning about how having a tracking your
dependencies not just the things you directly install let you lets you be more aware of this
right you could look at that pip tools generated requirements.txt file and see this problem
and then very likely github through dependent bot would even be proposing a fix what do you guys
think yeah that's great um i think this is cool so how do you use it do you you just look stuff up or you let it help you i mean you
can come over here and obviously look it up uh it depends on what's going on i think more if you're
maintaining a package you can do a pr to let people know there's a triage service which uh
goes through the nist it pulls a lot of data from the NIST, what's called the National Vulnerability Database
Data Feed.
Say that again.
So if it gets submitted there, a lot of the data gets pulled back in.
They have a tool to perform some heuristics to match that back up.
And then you can do, most importantly, is there's an API that you can use.
So these vulnerabilities when submitted
to this GitHub repository are then submitted outwardly to this place called the open source
vulnerability or the database for open source vulnerabilities. And then this has an API that
people can call to learn about these problems. So if you ran, I don't know, if you were an API
company and you wanted to make sure your API wasn't getting hacked by having a bad dependency.
Maybe you make this part of your CI CD or something, Mike.
Yeah, absolutely.
I'm gonna have to tell our DevOps, our DevOps guru, Mitch, to look into this.
Exactly.
So, I mean, for the most part, having stuff pinned in GitHub will trigger an immediate
security notification to you when GitHub finds out
about it and when that makes it out. But if you want to be a little more proactive or you're a
security researcher or something like that, this looks like a good one. In the longer term, we're
working with the PyPI team to build a pipeline to automatically get these vulnerabilities into
PyPI. So maybe you could see it or something like that. I'm not exactly sure what the story is there, but it's a start for basically storing that data and sharing that data.
And then hopefully like it, it makes its way over to PyPI and such. Sam Morley, welcome. Glad you
made the live show, man. I said, is there a tool that can run like a pre-commit hook? I feel like
maybe with just a tiny bit of wrapper, you could call that API over at
the open source vulnerabilities project and get some information back. Yeah, that'd be cool. Yeah,
that would be a cool thing. Like, don't check that in. It's got a problem. Don't push it. Yeah,
exactly. Exactly. So anyway, I think this is a pretty cool one. Thanks, Brian Skin for sending
it in. Yeah. So, um, I don't know sorry i was gonna say yeah you're c++ developer right
yeah and c++ is all about overriding functions by type like oh it takes an int it takes a float
this one takes a string and it's totally different python doesn't have that yeah what's funny is i
don't actually use it that much in c++ i mean you you learn about it a lot but i don't mean i
normally don't write a whole bunch of functions that that have the same name
but take different parameters but you can do yes you can do that definitely do it in c++ and c
um and there's probably other languages you can do that in but those are the two main languages
that I work with c sharp for example does it as well um the python you cannot so python just uh
it's if you if you try to do that the second one wins and you just have another name that is attached to the function.
So I never really thought that I had a problem with this, but there are definitely times where it would be simpler to not try to put a switch in place or something and just have several functions that dealt with related things, but in different functions.
So there's an article called
the correct way to overload functions in Python.
And maybe it is, but I'm just,
I'm not somebody that likes to use the phrase
the correct way because somebody will tell me I'm wrong.
But anyway, it's an interesting article.
You might, for example, hear like,
you shouldn't overload functions in Python. You're doing it wrong if you do it at all for example right yeah exactly but although
this is a cool solution i totally like it definitely it's a cool solution so there's
this um there's a apparently a built-in way with uh funk tools so there's a uh funk tools has a um
a decorator called single dispatch and what what it does is you can decorate a,
basically a function signature with a single function.
You say, I'm going to single dispatch this function.
And then you register all,
you do like the name of the function dot register
as decorators around other functions.
And the example shown in the article
just uses underscore.
I'm guessing that's just because
you don't care what the name is.
I don't know.
But that seems like a good way to do it.
And then you've got,
then after that,
you just have,
that works.
It works like you've done function overloading.
Yeah, that's awesome.
So in the example,
it takes,
you can call this format function
with a string,
with a date, with a date time and a time.
And you actually get, there's like three different functions that get called.
One for a string, one for a date, one that just falls back or something, right?
Yeah. I mean, it's a pretty simple example.
And it's pretty clean code.
So I would definitely try to keep all these things together in one, you know,
in one module, of course. You would be mean to put them in different places. That would be so wrong. Or even like spread out in the same function would be terrible, but keeping them together,
this is great. One of the things that the article mentions is that this, you can't really,
it's called single dispatch because it's based on the type of the first I think it's based on the type of the first parameter so if you
want to do multi-parameter ones there is a there's a third-party plugin called multiple dispatch
you can just pip install and then it kind of works the same although i kind of like this one better
honestly the syntax is a little different and it it probably does single dispatch too i'm guessing
but yeah just one parameter um but uh in this this one yeah a similar sort of thing it just uh
kind of works on multiple parameters i'm digging the multiple dispatch style where you just say
dispatch this is arguments are list stir.
You know, we're going to maybe get to where Mike is going at the end of the show, but it would be even cooler if you could just say at dispatch and then put a type like a colon list, B colon stir.
So I want to dispatch on types and stuff like that and have the dispatch decorator look at the function that's passed in and look at the type parameters and then just do that.
So you don't have to say the types more than once.
Anyway, we come back to that as well.
Yeah, so I, you know, in a past life,
I was a Java engineer.
So we, you know, we call it dynamic dispatch in Java
and it's actually, there's a lot of patterns,
object-oriented patterns that kind of are derived from that feature from the, you know, from,
again, from the C++, well, from the old days. And yeah, no, to me, this actually, you know,
when I saw it, I was like, okay, I could definitely use this for a lot of cases.
I know that like when you might want to build,
when you have a piece of code that has to work with a variety of different types, but they're
very similar types maybe, and you want to do something with that family of types, I think
that would be something I would think to look at to solve with something like this.
Yeah. Yeah. I kind of had the same thought and I do not think I would make this
any sort of normal workflow use case for my code.
But there are times where you have some code that says,
if argument is the type of this is a list, do this thing.
If it's not a list, then make an empty list,
put it in and then do this other thing.
If you're doing that type switching already,
this dispatch thing might actually make it more clear. It's not common to do it in Python, know, like if you're doing that type switching already, like this dispatch thing
might actually make it more clear, right?
It's not common to do it in Python,
but there are times you're like,
I kind of want to be able to take a string or a date time
and then just parse the string of it,
you know, those kinds of things.
So as an API company,
this is actually kind of interesting.
It fits into what we do as an API company.
We have to, a lot of times, you know,
we're not very,
we're not overly strict on our input types. We allow truthy and falsy
types to come in for booleans. And I could see us using this for that. So that way, instead of
using all the helper code we've already written for that, have it more along the lines of, okay,
if it's this type of input, then you can convert it this way. If it's this type of input, you can
convert it that way. And I think we probably write some some code to uh to handle our inputs differently using
using this pattern yeah yeah very neat insight there brian you blew up our chat with this
well you want to pull out some uh highlights yeah all right so john sheehan says function
overloading was one of those things like switch statements that i missed when i first started
python but then i found i rarely needed it yeah i'm kind of with you on that like i said there's a few cases for me that i'm like
where i'm doing a type check or is instance of that i think is the one time but that's you know
a couple times in a whole program what do you think bray yeah i did i definitely missed it at
first and now i just don't even really notice it yeah then you've got uh you're gonna get it says luciano romano romano uh also explains
this in fluent python i just read the pre-version of the second edition uh getting some polish yeah
very nice that's a really good book fluent python as well um kim out there says that's the kind of
thing i was thinking of yeah um oh sorry that's a different comment we'll come back to that in a
minute and then sam morley uh i don't tend to. We'll come back to that in a minute. And then Sam Morley,
I don't tend to find this kind of dispatching
that useful.
I generally just write a master function
that takes star args, star kv args,
and dispatch to other functions.
Yeah.
But if you're switching on instance,
it could be a time.
Yeah.
And then stepping back,
one quick topic.
Kim Vanowick says,
would be handy if some pip tooling
could automatically check the PyPA advisory before downloading a package. That would be slick. Yeah. I just did a typo squatting
and PyPI security episode over on TalkPython. And we had a lot of interesting ideas, like almost
like a have I been pwned, like remember what I installed. And if you ever see I installed
something out of vulnerability, quick, shoot me a note and let me know, hey, a few weeks ago,
you installed this thing. You might want to get rid of it now.
Stuff like that.
But I think this is another interesting thing along those lines.
All right, like kind of cache that data and then just say, you know, I know you want to install it.
And maybe this is what they're talking about with integrating that into PyPI.org itself.
Who knows?
Very cool.
All right, Mike, you got the last one.
Yeah, so AIoSQL is a, as it says, simple SQL in Python. It's a SQL templating framework or
library that really you, what you do is you give it some SQL files with some, it has some
conventions around how you define queries. And then it essentially gives you a query mapping
that you can then use in your code. And this is kind of a, it's a minimalistic way of accessing your database.
It is, you know, with the A in front of it,
it's natively asynchronous.
It works really well with AsyncPG.
I know that we use Postgres.
So, you know, that was a good,
that was a highlight for us to look at it.
And, you know, I think we all have worked with ORMs.
I've come back and forth on ORMs over the years.
I think this is a nice fit for when you don't have to touch a lot of different tables or
do a lot of joins.
Maybe you have a small microservice that just needs to do a couple um you know uh reads and
writes updates um and uh and also i think this really helps because orms especially when you're
dealing at scale you have to really know the orm at a very deep level to understand what it's doing
and this kind of exposes all of you know it really just brings you down to the sequel level so now
you know exactly what you're doing and you you can be a little bit more direct on what you want to do with your data. Yeah. Yeah. Sometimes you're like, well, I want to do
the join and then the filter, not the filter, then the, I don't know. Like if you're really
good at SQL, you can put these little tricks and like, oh, it's actually likes it better if we do
it this way rather than that way. And oh, I'm probably not going to let you do that. So let
me just describe this to people out there because it's breaking some paradigms for me.
So this is a library that allows you to write queries against a database,
but you do it almost with data access layer style of things.
So you don't do a quote select star from such and such.
You would say like query dot get all greetings or get user by
username. And you pass a like username equals such and such in an asynchronous way, which is
pretty interesting. But the way that that has meaning is you create a dot SQL file that has
like a doc string like thing. And you write a bunch of SQLs, almost like stored procedures,
but just in a text file, this thing parses it and then it becomes like a smart query data access layer. Correct. Yeah. So it basically builds out other data
access layer or data access object kind of for you where you can basically map in these, these,
these queries and it's not just queries. You can do mutations and you can do, you can do a DDL and
all of that. So yeah. Yeah gives you- Like create tables or whatever
could be a function you call, yeah.
Absolutely.
So Brian, what do you think?
Do you touch SQL much these days?
I'm touching it more and more
and I love this actually.
Because I always assume if there's a bug,
it's probably in my SQL statement.
But this looks pretty cool.
So get your selects and stuff figured out
what kind of queries you want to do ahead of time and then use them in your code. This pretty cool. So get your selects and stuff figured out what kind of queries you want to do ahead of time
and then use them in your code.
This is cool.
Yeah, I mean, I'm very repelled
by writing raw SQL statements in my code.
Very much like Kim Van Wijk out there is like,
this looks exactly what I like,
like not writing SQL, but not using an ORM.
So it's no secret to the world out there
that I'm a MongoDB fan. So I don't have like direct use for this a lot, but I do find this
super valuable, especially if people on the team are really good at SQL and they're like, oh, this
library is inhibiting me from like using my superpower on the database. Right, Mike?
Exactly. Yeah, that's exactly. And I was just about to say that, you know, if you have a DBA
or you have someone who is, you know, basically they are focused or concentrated on the database and optimizing those queries, you know, I think what this allows you to do, then you can go define your queries.
You can write them yourself how they are as a developer, and then maybe you can take that to the expert and have him refine them for, without actually changing the abstraction, right? Like without, you still get that. Yeah. Yeah. There's also
times where like, let's say I've got a internal tool that I want to put together and it needs
a database and it's really not that big of a deal to tell like your, your it department and your
supervisor and stuff that you're going to throw up on my SQL database and, or something and,
and interact with it or Postgres. Um, but to say, hey, I'm going to throw Mongo in there,
that might bring up just a discussion
that you're just not ready to have.
Yeah, for sure.
Let me suggest a pairing,
kind of like as you pair wines,
a pairing with this library.
I think Pydantic might go fantastic with this, right?
So you get these results back as tuples
and then you could just, you know,
star args that into your Pydantic models
and you get your validation
and all sorts of like stuff.
And then you get a list of Pydantic,
like you're one list comprehension away
from something beautiful here.
Yeah, this is, that's exactly what we're doing.
You know, we're using, you know,
I think right now we're building out a new stack
and it's basically, it's FastAPI, Pydantic, you know, AI using uh you know i think right now we're building out a new stack uh and it's basically it's it's it's fast api pydantic um you know aio sql oh interesting
and you'll find it works well oh it's yeah and it's very performant so it's um you know because
it's asynchronous right we're using async pg all the way down to the database too so uh it's pretty
much asynchronous from end to end um fantastic this is a really good recommendation yeah you
like it too right brian Brian? It's pretty sweet.
Yeah, this is great.
Yeah, I do.
I really like the separation of concerns
of the SQL statements and the Python code,
but the flexibility of having both,
it's pretty cool.
Awesome.
Brian, is that it for us?
Yeah.
Anybody got any other topics they want to bring up?
Oh, you know I do.
Kind of crazy.
So it's not quite an extra, extra, extra, extra
here all about it.
But a couple of things sent in from some listeners.
So let me make sure I credit these.
So Daniel Mulkey sent this one in and said,
there is now, has been for a little while
from Science Direct,
there's a journal for academics called Software X.
And this library
is pretty cool. So it aims to acknowledge the impact of software in today's research. So if
you're in academics, one of the big challenges is that whole publish or perish sort of thing.
And it would be great to take this cool library and make it a thing that's out on PyPI or Conda
that people can use. Oh, but that's going to take a week and a half and you really
only get credit for your citations in articles, not in code, right? So this kind of addresses
that to try to give people a place to publish like their projects in a meaningful way. And I just
want to point out that there's a special issue on the software that contributed to the LIGO
experiment, the gravitational wave discovery, which pretty sure got the Nobel prize. I don't totally remember, but if you just start poking around here, you know, you might find the
word Python periodically in this, this thing here. So, uh, over this one, we've got some Python. I'm
just randomly clicking articles and they're all coming up Python. So I think that that's pretty
sweet. If people are in science and they do this computational side of thing, check this out.
Very cool.
Yeah, that's number one.
Number two, Hycon has been finished for a little while.
And we were able to go through some like meeting platform type thing where we could watch the
replays, but it's a little bit wonky in the way that the playback worked.
Like I had to do some weird stuff to actually get logged back in after a while.
Anyway, it was fine for live stuff, but it was fine for live stuff but it was weird for playback youtube is pretty awesome for playback
and here's the i'm i put in the show notes the playlist for all of pycon 2021 us so that's pretty
cool i don't know how many videos are in here it looks like 86 videos so if you want to catch up
on the pycon talks there's a really good way nice it looks like um uh you're gonna have a uh uh had a lightning talk there so yeah it's cool yeah very cool well done and um also
want to get make sure i get the credit for this one right um madison swain boden who we both met
i believe at py cascades uh shared this with us that AICS image IO,
which is used all over biology,
biological imaging and microscopy and that kind of stuff from the Allen Institute,
Allen Brain Institute,
I'm guessing is was just released.
So if you're doing anything with like graphics and pictures and file formats
and stuff for that,
check that out.
And yeah,
that's it for me.
I think Mike,
you got one as well,
right?
At least. Yeah. So yeah, that check that out and uh yeah that's it for me i think mike you got one as well right at least
uh yeah so yeah uh it's pep 563 um was it's i think it's proposed postponed uh evaluation of
annotations and uh basically there was there was some as i think i mentioned before you know uh
i'm a big i'm a big fan of fast api and Pydantic. And there was some worry a couple months ago that this change would effectively break these
projects in 3.10 if it was introduced.
And so I just wanted to give a shout out to the community for jumping on this and just
being really open-minded about this and basically postponing this a little further so that better decisions can be made on
how to navigate this change. So I don't want to go too deep into it, but I read some of the threads
on this and it was just really positive exchange within the community. And I think it turned out
really well. It was like a unanimous decision, I believe, to postpone it. And it saved these projects from having to, well, basically. At a minimum scramble, right? Worst case,
not work. Yeah. Yeah. Let me see if I can give the elevator pitch. There was a proposal in Python 3.10,
I guess, 5.3.8. No, sorry, 5.6.3. I don't know where that came from. 5.6.3, 5.5.6.3,
where there is an attempt to simplify and speed up
type annotations and by
because right now if you want to do a type annotation
if I'm going to say I've created a Pydantic model
it's called user and I'm going to say this thing returns a user
I have to import user at the top
and it was like well you're not going to get those
evaluated or really dealt with
unless you're doing type
annotation analysis so we're going to
treat those as strings, basically.
Yeah.
Right.
And things like FastAPI and Pydantic and others were going, they would actually get the type
information, standard Python style, and then use that to modify behavior, right?
Like to do, oh, it says it's a list of ints.
So we're going to convert from this list of those, or maybe a list of user, we're going
to convert these JSON things to users. But with this change, it would have said,
well, it's a string and what does user mean, right? If you don't know the actual type where
it's coming from, there could be multiple users. It could be a user it couldn't track down. Has
it been imported yet? All sorts of weirdness around it. So the runtime behavior of these
type annotated things like typer, pydantic, fast API were not sure how they were going to keep
working with this being adopted
and it sounds like it's postponed at least
till 3.11. Yeah, exactly.
Yeah, thanks for bringing this up. That's a good one.
Alright, well
kind of end of the show. Do we have any jokes?
I got some
for you. I'll tell you
let me know if it qualifies. This is
from Zach, Rrf on twitter
says um did you hear about the four pythonistas that robbed a bank three got caught and when
questioned they all stated that the fourth would never be caught couldn't be caught because he knew
reg regex and it was something of an escape artist that's funny yeah i think that's pretty good well done zach thanks for sending that in
brian you got anything as well yeah let me uh pull it up um so uh rich uh not rich uh will
mccougan uh asked about rich and said um uh said hey if i wrote a book about rich um what should
how much money would you pay for it but also what should be
in the book of course i said it should cover how fast it is to install it kind of a get rich quick
guide love it love it and i believe the response was something like get out get out yeah definitely
oh nice will's getting a lot of coverage this week.
That's beautiful.
He's doing good work.
All right, speed of coverage.
Yeah, thanks for being here, Mike.
Well, thank you guys for having me.
This was really fun.
Yeah, thank you.
Thanks for everybody for joining
on the live stream as well.
Wow.
Thank you for listening to Python Bytes.
Follow the show on Twitter via
at Python Bytes.
That's Python Bytes as in B-Y-T-E-S.
And get the full show notes at pythonbytes.fm.
If you have a news item you want featured, just visit pythonbytes.fm and send it our way. We're
always on the lookout for sharing something cool. On behalf of myself and Brian Auchin,
this is Michael Kennedy. Thank you for listening and sharing this podcast with your friends and
colleagues.