Python Bytes - #377 A Dramatic Episode
Episode Date: April 2, 2024Topics covered in this episode: justpath xz back door LPython dramatic Extras Joke See the full show notes for this episode on the website at pythonbytes.fm/377...
Transcript
Discussion (0)
Hello and welcome to Python Bytes, where we deliver Python news and headlines directly to your earbuds.
This is episode 377, recorded April 2nd, 2024, so it's not an April Fool's joke.
And I am Brian Ocken.
I am Michael Kennedy.
This episode is sponsored by Scout APM.
Please listen to their segment later in the show. If you want to connect with us, we're at Fostadon on Mastodon at Adam
Kennedy at Brian Ocken and at PythonBytes at Fostadon.org. And if you'd like to join us live
for the live show, show up at PythonBytes.fm slash live. Actually, you can just go there anytime and
it tells you when the next recording is so you can put it on your calendar. And finally, if you want an artisanal handcrafted
digest of every week of show notes in your email, so maybe you don't catch the you don't
want to take notes while you're listening, or you miss an episode, you can get it right
in your email, just go to the python by side FM and look for friends of the show. And you'll
get an email too.
Yeah, that's a cool thing we just started doing.
So if you want to just, you don't have time to listen or you forget to show up for an
episode, it'll just show up.
But I love the artisanal part, Brian.
Well done on that.
Very, it's very craftsman like.
Yeah.
Anyway, I just want to talk about paths today.
Can we just talk about paths?
Yeah.
Just paths.
Nothing else.
Nothing.
Just paths.
Actually, that's what it's called just paths okay so here's a tool that is built in python and just is just a language it's 1.2 percent just i don't know this is this is too meta anyway
it's a a quick cli tool built with python and when hear that, the first thing you should think is PIPX install the thing
because that's how you install CLI tools for Python, right?
It gets managed on its own.
It gets, it's upgradable through PIPX and all the things.
They made a little mistake here.
Like I should do a PR and put an X
on the PIPX install just path.
Okay.
So what is this thing?
What it does is it, it's for Windows and macOS,
I believe is what it's for. No, Windows, Linux,
and macOS as well, because it basically pretends macOS is Linux. And what it does is it will look
at your path variable and help you determine if it's good. So if you want to answer questions like,
when I type Python, I always get Python 2. Why is that? When I type Python,
I get Python 3.10, but I have 3.12 installed. Why is that? When I pip install or pipx install a
thing, it claims that stuff that gets installed by it won't be in the path. Wait, I thought it was.
Oh, no, wait, that was 3.11, not the 3.12 version of that. All these complicated little weird things
that you run into all the time. This is just a CLI tool that you just say, tell me how,
how am I doing? What is my path? What stuff like do it? Do I have something in my path that links to a directory, but the directory is no longer there. So for example, if I have
Python 3.10 in my path, but I've uninstalled Python 3.10, but it's still in my.cshrc or
bashrc file or, or windows path environment variables or whatever right that
kind of stuff cool huh yeah actually very cool yeah so it does a bunch of different things
it can do just dash dash raw to show you what it is you can just run it by itself and it gives you
this colored output of each element in your path so it parses the path and then it goes line by
line and tells you green, this exists. Yellow,
it's a duplicate of something that was there before. So if you have something in your path
multiple times, maybe it's earlier and later and you thought it should be later. So that's also a
weird thing going on. Or it'll turn it red if there are some that don't exist. Yeah. So that's
pretty cool. You can ask for just the invalids, just for the duplicates. You can ask it to follow some links and then resolve whether those are duplicates or not.
And then you can say, give me a corrected version as a string or not as a string as
a list.
And then that will let you basically remove the duplicates, remove the missings and go
from there's a little video here.
That's a gift or something.
I don't know.
But if you want to watch the video, you can pull it up and you'll see like what it looks like when it runs and all the colors and stuff, but
it's super easy to try out. So I recommend people check out JustPath. I think it's handy. I,
my score is not that amazing. I just ran it, Brian, 42 directories in my path, 12 do not exist,
fully 12 of them. And four of which that do are duplicates yeah i've got a bunch of
problems with mine okay who knew right well you know you kind of like you know keep things around
you install stuff change things yeah this stuff is right only right like why would you take stuff
out of your path you know you just keep put adding to it and adding to it but then like you say, you uninstall things, stuff changes, et cetera. Yeah.
I have, like, added my users.local slash bin.
Apparently, that doesn't exist anymore, and I don't even remember ever using that.
Okay.
Cool.
Interesting.
Yeah.
It's easy to adopt and use.
You just pipx install it, and you just run the thing, and it tells you what's up. Cool. Well, that's easy to adopt the news. You just pipx install it and you just run the thing and it tells you what's up.
Cool. Well, that's exciting. I have like, you know, doom and gloom next.
Oh no.
Yeah, the XZ backdoor. I don't know if everybody's heard about this. It just really sort of popped up last Friday. So it's fairly recent. Have you been keeping up on XC? Yeah, it definitely has caught my attention and makes me quite nervous. I think we just missed this in getting released to basically every server on the internet, which is really good.
Yeah. So if you've just sort of heard about it, I'm going to provide a, there's a lot of articles
on it and some of it has good information. Some of it has dubious, a little bit, maybe opinionated stuff,
which is fine. But I'm linking to an article from Evan Bowen, but Evan Bowes, B-O-E-H-S,
not sure how to pronounce that. Anyway, everything I know about the XZ backdoor,
and it's a fairly curated timeline of what the backdoor is, but it, well, it's about the XZ backdoor. And it's a fairly curated timeline of what the backdoor is. But it well,
it's about the timeline of how it happened. But the the gist if you haven't heard about it, this
is that there was a backdoor added to I think it's XZ utils. XZ is the compression or like an
unzipper zipper and zipper sort of thing. And archive tool for Linux and other Unix-like distributions.
So it's a weird story that start this multi-year.
That's the part that's freaky,
is a little utility that's included everywhere
that starting in 2021, somebody,
well, they went by the name of Gia Tan,
but nobody really believes that that's really their name,
started contributing to open source, added a patch, and these patches were added in long, long times apart
and then ended up becoming a maintainer of XZ
and then creating in part of the test code and this the there wasn't a
vulnerability in the in github but there was in the distributed tar release i don't know
there's a lot of details that i didn't quite follow all of it however yuck and weird um and
so the part that i want to talk about really is, one, you should just be aware of this, and we're going to link to a good article.
I think it's –
Hey, Brian, before you go on a little farther, because before we move on to just the real basics of it, basically this vulnerability was intentionally put there as a backdoor to break open SSH connections. ssh connections so the idea was if you can ssh to your server this was going to give other people
acts ssh access to your server which is extraordinarily bad yeah and ssh into it
with root access so they they have like full access really um yeah terrible would have been
a terrible backdoor glad it got caught so it got caught by like somebody at microsoft um microsoft postgres team i think
um looking at at some of their over like an update of xc causing or actually a slowdown in some of
their i think it was in their test suite or yeah they were running micro benchmarks and they saw
like a 600 millisecond slowdown or something like geez that's weird how about that testing for the wind brian yeah and then also i guess valgrind uh caught some problems with it as well um so i guess good
thing that people were paying attention to that and then tracked it down rap fairly rapidly um
to a update of xz and then um but then some of the unraveling of this is just, okay, so there was a vulnerability.
It got caught.
People are updating.
That's good because you really don't want this here.
However, some of the ways in which this happened are disturbing.
And so that's why I think it's useful to read up on this a little bit.
Partly because this XC utility was mostly maintained by one person over years, right?
So, and then somebody comes along and wants a patch
and is sort of, there's some sort of
kind of not nice things said,
including things like,
clearly don't do patches to this
because they don't, the current maintainer's lost interest
or doesn't care anymore.
Say and mean things like this,
kind of pressure, and this is way back in
2022, pressuring the person
into adding another maintainer.
Then, hey, there's another maintainer ready
and they're adding garbage
to it. They just happen to
work for some state
sponsored hacker group. I'm sure
they'll do a good job
maintaining it for us yeah um so i'm guessing maybe and and there's um you know basically i
guess watch out for this but also i think so one of the things i wanted to talk about is how do we
how do we avoid stuff like this this is i don't have an answer for it but there's a lot of people
um discussing like what do we do about it um
including a glyph whose answer may have been just um is we're going to link to his article called
software needs to be more expensive essentially um we we get a lot of free software maybe we
should start paying the maintainers so that people i mean burnout is a real thing but you pay people
they will work on stuff um or else will. However, I don't
think that's quite... One of the interesting things, his idea, I'll just mention this because
I think it's interesting, is he's got an idea called just JGMM, just give maintainers money.
And his idea is not to have companies try to figure out who to give money to. It's, it's a, his idea is just give every software engineer with your company, uh, a
discretionary budget of like, say 50 bucks a month or whatever you want to do.
And, and they can distribute that money to open source maintainers, however they want.
Interesting idea.
I don't think if, even if that was in place, I don't think that it, which I think is a
good idea.
Um, I don't think it would be, think it would be have gone to XZ really.
Because I would have thought things like, you know, Django or, you know,
it's Python, but, but would I give money to a little zip utility?
Probably not. Anyway.
So I think this is a good thing to keep up on. And, and I do that.
This idea of like bringing on maintainers you
have to be able to do that but you have to how do you tell if somebody's gonna be malicious a
couple years from now i don't know that's that's how do you i don't think you can check for it is
tough yeah that person that person played the long game for sure yeah so i thought well okay well i
don't run any servers so i'm fine but then i ran across
uh jeff triplett's uh article called uh upgrade update and upgrade homebrew and xz versions i'm
like what yeah so uh you should if you run homebrew on your mac you should run brew info xz
um and if uh if it shows up at 5.6x, you need to update.
And sure enough, I had the vulnerability on my machine.
I checked it and I was out of date.
Or actually, I had upgraded to the new one.
Thanks.
I just checked.
I don't seem to have it, which is very good.
I don't know.
But the thing is, you probably didn't install XE.
You probably installed the other thing,
which depended on something, which depended on XE,
which is all parts of the supply chain problems,
which is scary.
Yeah, but I guess thanks, dude at Microsoft that found this.
Yeah, indeed.
You know, you say you probably would think
that the 50 bucks wouldn't go to XE,
but I really like Glyph's article.
First of all, well done, Glyph.
That was a very nice article you wrote
and I enjoyed reading it.
It's also a very thoughtful idea, I think.
His idea is basically,
instead of trying to get large companies
to come on and be sponsors of open source projects,
usually that's a huge negotiation
and there's all sorts of stuff, right?
It's just not easy.
Just give everybody 50 bucks a year or a month.
I can't remember.
I think it was maybe a month.
Anyway, give people a card and they could just donate it to whichever open source project
that they would like.
And I agree if there's a thousand people that did that, Brian, that XE probably wouldn't
make it.
But wouldn't it be awesome if there was a world where there were so many people
who were just donating to open source that it became super lucrative that second-tier projects
were even potentially full-time things like rockstar developers you know like ballers are
rolling up in their ferrari because they because they're running fast api or you know you know
sebastian is doing that i mean that would be really cool. Think of how much more open source should get created if it was sort of a gold rush as well.
So yeah.
I think it would be neat.
And also even not necessarily
a full-time job,
but just to be able to say,
even if I have to take the time
unpaid from my normal job,
if I took like a day a week off
and just worked on open source,
my open source project instead.
And sometimes it's not even adding features.
It's just going through issues,
doing all of the bookkeeping and the maintenance and everything.
There's a lot.
Yeah.
Or maybe you're a consultant.
You take one for your clients on something like that.
Right.
Yeah,
exactly.
So thanks.
Yeah.
Yeah.
I'm glad you covered this.
Well,
we would like to thank Scout APM for sponsoring this episode.
Thanks scout.
Let me tell you real quick about doubt APM.
They're big supporters of Python bites.
So we appreciate that very much.
So if you are tired of spending hours trying to find the root cause of
issues,
impacting your performance,
then you owe it to yourself to check out scout APM.
They're a leading Python application to check out Scout APM.
They're a leading Python application performance monitoring tool, APM, that helps you identify and solve performance abnormalities faster and easier. Scout APM ties bottlenecks such as memory leaks,
slow database queries, background jobs, and the dreaded N plus one queries that you can end up if
you do lazy loading in your thorium and then you say oh
no why is it so slow why are you doing 200 database queries for what should be one so you can find out
things like that and it links it back directly to source code so you can spend less time in the
debugger and tailing logs and just finding the problems and moving on and you'll love it because
it's built for developers by developers it makes it it easy to get set up. Seriously, you can do it in less than four minutes.
So that's awesome.
And the best part is the pricing is straightforward.
You only pay for the data that you use with no hidden overage fees or per seat pricing.
And I just learned this, Brian.
They provide the pro version for free to all open source projects.
So if you're an open source maintainer and you want to have Scout APM for that project,
just shoot them a message or something on their pricing page about that.
So you can start your free trial and get instant insights today.
Visit PythonBytes.fm slash Scout.
The link is in your podcast player show notes as well.
And please use that link.
Don't just search for them because otherwise they don't think you came
from us and then they'd stop supporting the show so please use our link pythonbytes.fm
scout check them out it really supports the show indeed all right now brian let's talk about some
fast stuff okay l python have you heard of l python no this is news to me so l python is a
high performance type Python compiler.
So basically, if you use type annotations or type hints on your Python code,
it can aggressively optimize and compile your Python code.
And it uses multiple backends, which is pretty interesting.
So you can compile it using LLVM.
You can compile it to C.
You can compile it to C++.
Or you can compile it to Wasm WebAssembly.
That's wild, right?
Yeah.
Yeah.
So right now, just a heads up before people get too excited,
it's in alpha stage, so it's not quite ready for maybe adoption.
But if you're curious about it, you should definitely check it out.
You can play with it and so on.
And so it's starting to pick up speed.
It's got a little over 1,000 GitHub stars.
And you can try it in your browser.
Let's try the browser, huh?
Before I move on though, let's say it's fast.
It's built from the ground up to translate
primarily data science-y code
because that's primarily where things get slow
and actually matter in Python.
But numerical or rate-oriented code
into simple, readable, and fast code.
Basic math.
So it knows about, you know,
size of sized integers, for example,
and 32 and so on.
It has just-in-time compilation,
which you can get
if you don't want to run a compiler itself.
You can just put an at-l python decorator
onto a function,
and it'll just compile at a runtime,
which is kind of cool,
because then I guess you probably don't need
to distribute binary versions on your packages, on your wheels wheels and so on. It's interoperable with
CPython. So basically you can call all the CPython functions and it's also, if it works in CPython,
it works here, it'll work in CPython basically. Is it a subset, I guess, in a sense? And open
source. All right, let's play with it for just a second. So if you go to dev.lpython.org, it loads up in the browser.
And you can notice it loaded pretty quickly, although I have gigabit internet.
It's still loaded pretty quickly.
See this picture here on the screen, Brian?
This is the Mandelbrot set, which I don't know how many people have done fractals, but
it's drawing two different copies of the Mandelbrot set.
And what is that?
A 600 by 600 image, maybe?
About a black and white one and a color map one.
It says it took a little under half a second to compile it
and 80 milliseconds to generate those two images.
And you can come over here and you can say like,
all right, what I'm going to do is,
what is that number?
I'm going to make this, let's say 355 iterations.
And then we'll run it again and 100 milliseconds right if i make that if i make this something really silly here like
oh no why did that go away back button is not supposed or the delete button is not supposed
to navigate backwards hold on ooh really big there we go all right there we go okay so if i run it
again though uh watch how fast this is like boom that's it and then i'll put it back to what was it before i'm real weird the way it's like capturing my
mouth but anyway people can come check this out and see it running it runs super fast as python
you think all this you know iterative generating a ton of paralyzed computation in web assembly
in the browser with python i'm pretty pretty impressed. Yeah, that's pretty
cool. Who's behind this? Do you know? Mr. L Python? I have no idea, honestly.
It's by L compilers is what it says at the bottom. So what is that? L compilers.org. Yeah.
Good question. It has no public members, but it is exciting. So yeah, nor does it have a webpage. Hopefully it's not an APT crew. Anyway, no, seriously, it looks like a cool project and people can check it out. There's a lot of these ideas happening now, but yeah, that's quite interesting. My last topic was kind of dramatic with the whole XZ thing.
So I'd like to continue the drama and bring it into Python
and with the help of Trey Hunter.
And he has a way to make your Python more dramatic.
Actually, your Python output more dramatic with a,
I'm just kind of joking, but it's kind of fun with the name.
He's got a tool called dramatic. Um, and what it does is it slows down the print output, which, which, um,
you know, uh, why would you want this? Um, I don't know, it might be kind of fun if you're
doing a demo or doing a presentation or something, but, um, it does is it's just pretty fun. There's
a lot of ways you can use dramatic you can uh
you can um once you install it you can just use a context manager so that it's only around certain
print statements you can decorate um certain functions so it temporarily does it um and you
can even there's a start and a start and print that to uh to do it targeted one of the fun things
uh and he's got examples on his readme
how to do this.
One of the fun things you can do,
I'm not sure why he included this,
is you can do it outside the whole thing.
He's got a dramatic interpreter.
So if you run like Python dash M dramatic,
it just slows down everything.
You can turn it off though. He's got a way to turn it off as well but you can do speed ups and make it anyway um i think this is you want your python
code to look like chat gpt or something like that right yeah as a typing out and stuff um uh i think
it's kind of especially if you're running, I think it'd be useful.
He gives an example of doing it.
Like, for instance, I guess this isn't an example.
But if you're doing command line interface interactions with a user, I think it is helpful sometimes to have the output go slowly so that it's visually interesting to have it not just pop up with a mountain of text for people to read.
But don't do it too
slow. Cause that's, that's annoying also. But, uh, anyway, uh, I think it's kind of fun, fun thing,
uh, related to this. Um, I thought it'd be, uh, when, when he, he submitted this, uh, the other
day, I remembered, uh, somebody named Alan submitted, uh, uh, a comment to us that texture terminal text was a terminal text effects
library is pretty cool.
And so I'll go ahead and link to that also.
Um,
that's,
that's a fun thing.
It's very dramatic.
That's quite dramatic.
Um,
you've got a whole bunch of cool effects.
Uh,
like,
uh,
there's a grid one where things like show up gradually in a grid
uh there's a bunch of great examples there's beams that popped back and forth this is beautiful
laser beams laser beams that one yes let's do it the binary path kind of looks uh looks kind of uh
what was it matrixy sort of a look listen neo you can't go down there was one that i really liked a lot the fire the burn is is
neat uh crumble is these are all animated gifs on the github repo that brian's like yeah yeah um
but the uh so it i think it'd be cool for your i wouldn't do it all over the place but like for
instance um if you had a like a help not probably not help but an about where and that's sort of where it's
showing here where you show you know the credits and uh who's worked on it and some more info and
stuff that'd be fun to do a a fancy uh fancy dramatic output for for that all right with this
terminal text effects thing yeah i think if you work in the movie industry and you need to have a like a
hacker breaking into a thing or somebody jacking into cyberspace or whatever one of these weird
things are were you going to show a terminal and make it dramatic oh my goodness you could
just basically do this for hollywood yeah yeah couldn't you yeah definitely um uh what is this
language oh my gosh this is vb6 i I know this. I'm tracking his IP.
Like, wait a minute.
What?
What do you think it does?
It would be a little bit better.
Yeah.
Be great.
So anyway, that'd be fun.
If you use both this and textual to turn it into like a Vim clone or something like that with fun effects.
Ooh, that's fun.
The pour is neat.
Yeah, it's almost like the Tetris terminal in a sense not quite but almost anyway i guess that is just a fun wrap up
of our topics but um we got we have some extras uh you have any good years at first since you got
your scram yeah okay so the only thing uh i mentioned textual a little bit um i'll go ahead
and uh say that textual has released a new
version and I'm highlighting this because there's an inline feature which is which is fun so with
with the inline feature let's see if we can get get an example up you can kind of run textual
in run it's not running for me but anyway you can run it in line so like normally if you run
a textual application it takes up your whole your whole terminal area but this will just
take a subset so you can have like a little input screen so you can have kind of like an input
dialogue maybe but it and it's very visual but doesn doesn't take over everything. So, yeah.
Anyway, kind of fun.
Textual and rich continue to impress.
Yeah.
How about you?
Any extras?
I've got a few.
Let's see.
Let's start with a broadcast straight out of the Philippines.
So my keynote, which was entitled The State of Python in 2024, I give two weeks ago at python philippines is out and
the production quality is super high on this video so they did a really great job it was a fun
conference but if you would have loved to hear me give a presentation on the state of python in 2024
but you weren't there then you can still check it out now. It's awesome. And a bunch of people. I really enjoyed it, by the way.
Yeah, yeah.
Oh, thanks so much.
A bunch of the people whose projects we talk about
on this show actually get a shout out there.
So, all right, that's thing one.
Thing two, I just want to encourage people.
I'm not logged in my GitHub,
so I can't unfortunately show it here.
But Brian, do you go to your GitHub
and you know there's that feed in the middle
that shows all the stuff that's going on and who starred this and who's doing that and stuff. Do you ever
use that thing? No, that's what, that's the way I'm like, that's thing's stupid. This is like
80% of the page and it's in the way. What is this? How do I get, get past this? I've started
paying attention to it and I've found so many cool projects. So I, I want to inspire people to
follow people on GitHub. You can can follow brian and me and
see what we're starring but who's starred what who's forked what i found probably three or four
really interesting projects just last week by just kind of skimming that for five minutes a week you
know so that's pretty cool yeah i was really surprised that was useful i guess i need to
follow more people i don't know exactly because i Because I should as well, because I hadn't really
been following more people because why do you follow them? Well, maybe this is why. On to the
thing that continues to perplex me, which is interesting, is that the official way that Python
works is through blogspot.com. But nonetheless, important stuff for you all. If you are living in
the past, like when I ran JustPath earlier, it said your Python 3.10 thing is stupid because that doesn't exist on your computer anymore.
But if you have 3.10, 3.9, or 3.8, there are security updates for the older versions of Python, but not the new one.
They call them boring security releases.
I never think of security releases as boring.
They either go from slightly interesting to, oh my gosh, you have my full attention, like the XZ thing.
Anyway, people can check that out and should probably upgrade if they're running one of those versions, 3.10, 3.9, or 3.8.
And if you're running 3.7 or older, too bad, so sad, no updates for you.
They may be vulnerable, they may be not, I don't know.
And that's just the way it works if you're out of support.
That's why you should stay on some of the new stuff somewhat like the new stuff's really been fairly easy to
upgrade to i haven't it has been in a lot of most of the part well maybe it's just my projects but
i haven't run into any issues really i think if you stay one version behind it's it's there's no
effort at all almost to do it uh going from 3 to 3.12 was actually the hardest upgrade I've ever done
because there was quite a few dependencies I had that used something that was removed as part of
the dead batteries thing or something like that. And I just wouldn't run. And I'm like, oh my gosh,
I was just waiting until some dependency of a dependency got fixed, but it was slow for some
reason. I don't know why, but that got fixed within a few weeks right so if you waited a little bit longer it should be easy yeah so one of the questions i
got while we're looking at this how many um i used to run a lot of versions of python on my
on my mac um but i got a new mac recently and i decided to mostly push most i only run a couple
and then i push do most of my multi Python version testing in CI instead of locally.
How many do you have on your machine or regularly?
Let's see which Python or where your Python rather think.
Oh,
I'm sorry to put you on the spot.
No problem.
You know,
I think I have,
I think I have three 11 and 312 and that's it.
Yeah.
I think that I don't have 3.9.
I don't have 3.10.
I definitely don't have anything else.
So 311 or 312.
Those are the ones that I got right now.
I'm with you.
I try to not put too much stuff on there.
The only reason I really have older stuff on there is because I haven't gone to the trouble of removing it because there's a bunch of of virtual environments i've created off it that i wanted to deal with but ideally i would just have
the latest yeah i think uh i think my normal i don't know what i've got but it's um it's the
well with the the packages i maintain i usually have the the newest and the oldest that i maintain
um and so 312 and then however far back i wanted to go. Yeah. And then so that, so that talks can find those and I can find those locally, but yeah.
Yeah.
You know what I might do?
I'm not doing it because I don't have a huge set of older Pythons I test for.
But if I was like you where I did that, maybe I'd have Docker.
We have some Docker containers for the older ones.
You can just do Docker run Python, this command, you know, this file or whatever.
I don't know. Yeah, yeah maybe keep it cleaned up yeah but you could they run side by side pretty
well so yeah they do anyway just got to keep your path in order so just path just path just path
just jack um so uh should we have some fun something funny uh yes this one actually i
got it pulled up but this one is from you. So
I'm going to let you take the lead on telling us about this joke here. Okay. So I saw this on,
on LinkedIn, actually. It's from Matt Watson. Don't know him, but it's pretty funny. So we've
got some definitions of some software definitions for you. So starting, I've got a whole bunch of
them. So we'll try to go through them. Technical debt. What technical debt is move fast and don't fix things. Agile development is
admitting you have no plan. Test-driven development, guessing the future one test at a time.
I love that. Open source is asking somebody else to fix it. yeah it's not always working maybe a slightly different term
based on the topic i said this week or running running someone else's code from the internet
yeah um right so cicd uh automating your mistakes into production oh that's awesome api is also
asking somebody else to do it devops i love this. DevOps is the belief that more tools fix any
problem. Microservices are creating enough small problems to avoid one big one. Cybersecurity is
playing hide and seek with hackers and serverless is pretending servers don't exist until the bill
comes. Oh yeah. Scrum. I like that. Scrum is group therapy for being behind schedule nice hi my name is michael i'm blocked
hi michael i've been blocked for two months
uh yeah that's great yeah we have to do that um next I'll have to try to incorporate that.
There you go.
Thanks, Brian.
Well, thanks a lot.
Thanks again for a wonderful episode.
And thank you everybody for making,
helping to make Python Bytes a wonderful podcast.
And we don't ask this much,
but if you find this amusing or helpful,
please share with a friend.
And you can sign up for,
one of the great ways to do that is to sign up as a
friend of the show, get the newsletter, and then you can send that you can spam your friends with
that. We're not going to spam people, but you can. So thanks. Indeed. Yeah. Thanks. Bye.