Python Bytes - #430 Or you go to jail
Episode Date: April 28, 2025Topics covered in this episode: pip 25.1 has dependency groups, pylock.toml, plus more aiohttp goes free threaded uv 0.6.15 supports pylock.toml Whenever Extras Joke Watch on YouTube About the sh...ow Sponsored by Porkbun! Use our link pythonbytes.fm/porkbun and get a .app or .dev domain for $5.99 at Porkbun. Connect with the hosts Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky) Brian: @brianokken@fosstodon.org / @brianokken.bsky.social Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it. Brian #1: pip 25.1 has dependency groups, pylock.toml, plus more post What's new in pip 25.1 - Dependency groups! Richard Si Discovered this through Hugo van Kemenade Dependency groups, PEP 735, supported # pyproject.toml [dependency-groups] test = ["pytest", "pytest-xdist"] lint = ["mypy", "isort"] # Dependency Groups can include other groups! ✨ dev = [ {include-group = "test"}, {include-group = "lint"} ] Package installation progress bar Resumable downloads Experimental lockfile generation, PEP 751, with pip lock so cool pip index versions is stable, no longer experimental use this to get a list of available versions ex: python3 -m pip index versions pytest-check combine with --json to get a nice script readable output Michael #2: aiohttp goes free threaded Thanks to months of consistent contributions by Lysandros Nikolaou, all of the mandatory dependencies of #aiohttp now ship free-threaded variants of #wheels! This unlocks the same in aiohttp! Brian #3: uv 0.6.15 supports pylock.toml Discovered through Brett Cannon So far, these projects support pylock.toml pip pip-audit pdm uv With uv To export a uv.lock to the pylock.toml format, run: uv export -o pylock.toml To generate a pylock.toml file from a set of requirements, run: uv pip compile -o pylock.toml -r requirements.in To install from a pylock.toml file, run: uv pip sync pylock.toml or uv pip install -r pylock.toml Michael #4: Whenever via Pat Decker Typed and DST-safe datetimes for Python, available in Rust or pure Python. Whenever helps you write correct and type checked datetime code. It's also way faster than other third-party libraries—and usually the standard library as well. Extras Brian: Every UUID Michael: New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents via Brian Skinn And typosquatting in the AI age Firefox Send alternatives file.pizza via @rafaelwo bitwarden send Joke: Can you Vibe? Interview with Vibe Coder in 2025 Senior Engineer tries Vibe Coding
Transcript
Discussion (0)
Hello and welcome to Python Bytes where we deliver Python news and headlines directly to your earbuds.
This is episode 430 recorded April 28th 2025.
I am Michael Kennedy and I am Brian Ocken.
And this episode is brought to you by Porkbun.
Use our link and you'll get a.app or.dev domain for $5.99 at Porkbun.
Very awesome domain name host.
So check them out, we'll tell you more about them later.
You can check out, connect with us on the social things
over on Mastodon or on Blue Sky, those are great places.
And finally, you can be part of the YouTube video
usually 10 a.m. on Monday, US Pacific time.
Just visit pythonbysetfm. slash live and we have a really cool
newsletter we're sending out these days that actually brings a bunch of extra information to
Add additional research and details and information for you in addition to what we have in the show notes in addition to what we talk
About on the air
So if you like that you want that you can get it for free just drop in over at Python by Stata Fam click newsletter it only costs your email which we will treat nicely
all right Brian what you got for us speaking of on the socials I found this
on the blue sky you go Von Cam and that sorry you go you go announce that there's
there's well he didn't announce it but he posted pip 25.1 has been released and maintainer
Richard C has a great write up about it.
So, this is a really fun write up.
So I'm going to take a look at this.
So what's new in pip 25.1?
So we've talked a lot about UV a lot, but we haven't mentioned pip for a while, but
pip's still a great workhorse.
So let's take a look at some of the great awesomeness
in the new PIP.
So we've got dependency groups, PEP735,
and these are pretty cool.
I can't wait to use this more.
So you've got like, you can set up dependency groups
of like say test and lint and dev and stuff,
not just the project dependencies,
but the dependencies of the things around
working with a project.
So that's a good thing to group it with.
You can also use groups for extra things like
partial different installs and stuff.
But to use it with pip,
you say pip install,
and you can give it a group.
So dash dash group,
and then give it a test,
or give it whatever the group name is, in this case test but so like in the
exam they gave it a great example so like for instance pipe the tests group
might have high test and maybe the I did some pie test plugins and linting would
have different things but then with dev you can say include group test and
include group lint.
So you can combine groups into bigger groups,
which is super cool.
So you don't have to maintain two lists.
So yeah, dev would include both tests.
Anyway, there's no limit to this.
Anyway, dependency groups are here now,
now that you can use them with pip.
That's great.
Moving down, progress bars.
I'm not super excited about this, but
you know, kind of neat. Progress, package install progress bars are now there. Resumable downloads.
This is kind of nice because if you've got so, resumable download support, especially if you've
got, for example, I'm not sure how this works, but it supports automatic download retrying.
It's an experimental feature in this one.
There's a retry limit that you can specify.
So if there's something, some failure with the download,
it'll try to retry it.
That's pretty cool.
Yeah, Brian, it might sound like, so what, right?
You gotta redownload requests.
It'll come right down.
Gotta redownload NumPy, it's four megs, whatever.
Some of those ML libraries are massive.
Yeah.
All right, half a gig that you PIP install
and other things, right?
So there are situations where
it's a non-trivial amount of data.
Yeah, yeah, and there's times,
especially if you're on Wi-Fi,
sometimes it could break out or whatever.
So the real thing that I'm excited about
to cover with this one is
experimental lock files. So I do like dependency groups a lot, but also I'm kind of excited about
pylock.toml. And so peps751, this is supported with pip now. So you can just say pip lock and it will generate a lock file for you, a pylock.toml.
Really cool.
And yeah, let's see.
Oh, this is the next item is super cool also.
So there used to be a way you could say pip install
my package or whatever package name
and then give it two equal signs.
And it would sort of a hack to give you a list
of all of the versions available for that package. But now there is a,
there was an experimental thing called PIP index versions and that,
that would give you a list of versions and it was in experimental mode,
but it now it is in stable mode.
So definitely go ahead and use this PIP index versions to get a list of all the
versions of a package that you're considering
downloading. And then you might want to do this with a script. So there's a JSON version. So you
can add dash dash JSON, and it gives you a nice JSON out instead. This is super cool. It looks like,
yeah, just a nice clean version, clean format. Anyway, and then some bug fixes and other wonderful things.
Oh, that's funny.
Legacy.egg distributions are only detected once.
Okay.
Anyway, deprecations up, coming room rules listed.
This is a really great writeup.
Um, so great job, Richard C for writing this up.
Pretty exciting.
Yeah, I'm, I'm impressed with this.
This is a massive release of PIP.
This is not just, oh, we've tweaked a few things.
You know, something that's been around so long.
There's a lot of changes and a lot of improvements.
Yeah, yeah, really exciting.
Yeah, absolutely.
So, congrats everyone who worked on that.
Now, I wanna talk about AIO-HTTP.
So, AIO-HTTP, and the AIO stands for
Asynchronous Input OutputO HTTP, and the AIO stands for Asynchronous Input Output HTTP, and it's one of both the
clients that you can use, so it's an alternative to requests, but it supports async and await.
Maybe more on par with HTTPX.
I'm a little bit more of a fan of HTTPX these days because it has some really simple shortcut
versions that you can use, you know?
But the other thing that people might not know about is it also is a web framework,
an alternative to Flask or Django.
So a server side thing that has HTTP support and web sockets and those kind of things.
So you can use it for both.
And the news is not it or its existence. The news comes to us from this post I found on Blue Sky
and it comes from the hashtag AIOHDP username.
I don't know why there's a hashtag in the username,
but whatever.
Says, thanks to months of consistent contributions
by Lysandros Nikolaou from QuantSight,
all of the mandatory dependencies of AIO HTTP
now ship with free threaded variants of wheels. Oh wow. So what that means is AIO
HTTP is now safe and functional to use with free threaded Python. So if you
want to create a Python based web server that has to handle crazy amounts of concurrency
Maybe UV create a virtual environment like UV give it the Python for the three three
Threaded version then install this and use it with async and await and boom off. Yeah, pretty cool
Yeah, yeah, so I think that that's pretty neat and the bonus here is not just oh, this is awesome for AIO
HTTP the bonus is that it just, oh, this is awesome for AIO HTTP.
The bonus is that it was the dependencies underneath it that were potentially needing
updated.
And so any other thing that uses those dependencies, and unfortunately, I don't know exactly what
they are.
There's not like a list to a PR or anything like that, right?
It's just kind of a summary.
But if you use those dependencies, then those also are nowthreaded which I think is great. Yeah, very cool
Super super cool now before we move on Brian. I do want to talk about our sponsor just a bit. How's that? That's wonderful
yeah, so this episode is brought to you by pork bun as I said at the top of show and
Let me ask you a question. What is the second action?
You typically take when you come up with a great idea? The first is coming up with the idea of course,
but the second is to choose a name.
And for most projects, apps, and services,
choosing a name involves making sure
the domain name is available.
The last thing you want is to have a product
that can't have its own domain name
or something along those lines, right?
But if you're still using GoDaddy
or other legacy domain providers,
you're gonna have a bad time. Their prices are super high. Their domain management tools are very outdated and they're hard to use.
So you definitely want to give Porkbun a look. Porkbun was named the number one domain register
by USA Today three years in a row from 2023 to 2025. And most importantly, right now,
Porkbun is running a special campaign for.app and.dev domains. You can get a new.app or.dev domain for less than $6.
And Port Brun, they're really proud
of their pricing transparency,
which includes low domain registration prices.
Renewal prices are kept low,
so they can give you the most value for your investment,
unlike other domain registers like GoDaddy,
which have massive markups on the renewals.
And there are no surprises, no tricks, just pricing transparency that
shows you great value year over year.
Another thing that I really hate is when you go to purchase your domain, you pick
it, you see it's available and the pricing is reasonable, you go to check out
and they have these hidden upsells.
So for example, do you want to not share your personal address?
You know, the one where your to not share your personal address? You know
the one where your house is and your kids live? Well, you know a lot of domain
registers want to like hold that hostage. They're like, well it's another ten year,
ten dollars a year, or we're gonna tell everyone where you live. But with
Porkbind you get free Whois privacy URL forwarding SSL certs and all that kind
of stuff. Your domain is backed by five star personal support for real people
365 days a year.
And why do you even care about these.app and.dev domains? Because they come with what's called
HSTS. That's a level of security that says the browser can only even make HTTPS requests.
There's no port 80, there's only port 443 in order to get them to load.
So that's great. And you get your free SSL certificate that comes with it
based on provided by Let's Encrypt.
So it's super easy to set up that HSTS support.
So if you're ready to get a domain for your next big idea,
visit pythonbytes.fm slash porkbun.
That's pythonbytes.fm slash porkbun
to get a free year of your next.app or.nev domain
for under $6.
Link is in your podcast player show notes.
Thank you to Porkbun for supporting Python Bytes.
All right, back to you, Brian.
Awesome.
So back to, actually, I got a theme here.
I'm pretty excited about this whole PyLock.toml file.
So also on Blue Sky, I learned from Brett Cannon that UV now also supports PyLock.
So UV has preliminary PyLock.toml support. So that means that, what did he write? That means
there's either merged code or release with PyLock.toml. Anyway, so I'm starting to use it
right away. So works great. So now he has
a list. So pip, if you, it's time to start using it essentially, because you've got UV, you've got
pip, pip audit, pdm, all support PyLoc.toml. That was quick. Let's take a look at the release for
release notes for UV on 0.6.15. Preliminary support for PyLoc.toml. So there is, as PyLock.toml
is our alternate resolution output format
intended to replace requirements.txt.
So you've got in this release, you can just say
UV export.o PyLock.toml to export it,
export from UV lock. So if you're already using UV lock,L to export it, export from UVLOCK. So if you're already using UVLOCK, you can export it,
but I'm not using UVLOCK. I knew that it was going to be a temporary thing. So I'm really just going
for how to compile the PILOC TOML. So there's UVPIP compile dash O PILOC TOML. And then there's,
you can use it with sync. So UV pip sync PyLoc.toml.
So I'm using, I actually use sync a lot.
So UV sync and UV compile,
or UV pip compile and UV pip sync.
That's what you do.
That's cool.
Yeah, my workflow is the UV pip compile
with passing in a requirements input file
and then generating one.
But right now I'm generating the requirements.txt
output. So that'd be pretty easy to switch it to PyLoc.toml. I have to check that out.
Yeah. And I've got a lot of projects now that where I have the requirements.in essentially just,
that isn't a special format. It's just a list of the list of projects that you're dependent on. And then you, you know, I used to be doing some other,
you know, other lock format,
but now you can use the compile to get use, you know,
go from just your list to a PyLockTunnel.
So yeah, do you usually, I mean, I guess this is a dumb
question, but projects using this,
do you have a requirements.in that you're checking in or?
Yeah, I don't call it dot n.
I don't know why I call it requirement.piptools.
Oh, okay.
Because I want it really clear,
like this is the thing that I feed to piptools.
And then what comes out is the requirement.txt.
But yeah, I have exactly that.
Okay, but if you switch to PyLoc,
will you leave it as a requirements.piptools?
Yes, because I say pip compile
and that's the pip tools command as well.
Okay, all right.
Yeah.
Yeah, anyway, pretty short topic.
I could change it, but I don't know if it, you know,
since you gotta specify it explicitly
and it's not detected by,
if you could just say uv pip compile
and in went requirements.in and out went pyloc.toml
out any modifiers, then I probably would switch it.
But since you gotta say it anyway.
Yeah, but so some of the projects I've got
are not like Python projects.
Well, they are Python projects,
but they're not like packages.
So for packages, I'm not using requirements files.
So I'm not sure what I'll do for the input of that.
We'll see. I'll play with it.
Like to hear what other people are using.
But for things that are not packages
that used to use requirements.txt,
I'll definitely switch to this.
So yeah.
Yeah, looks great.
I'm pretty excited about this.
This looks nice.
You know, whenever it officially becomes supported
across all of those things.
No, I'm just kidding.
So I want to talk about this thing called whenever.
It may sound like a sassy teenager, but no.
What it is is a typed and date time zone safe date times for Python built in Rust, although
that's not necessarily super important.
Or you can get a pure Python version if you don't want to compile, just get a straight source disk type of thing.
So what it is, is it helps you both use typing and basically some of its behaviors to verify
that you're working with time zones correctly, because there's a few issues in the standard
library, one of them, right?
Currently it's way faster than other third-party libraries, and if you look at like Aero or Pendulum,
we're talking 70, 160 times faster.
So reasonably faster, but also about twice as fast as the built-in daytime.
They do have a warning, 1.0 is coming soon, so they may break stuff.
But really the most interesting part is like, why not just use the built-in one?
Well, if you go and say the time is, you know,
something like 2023, March 25th at hour 22,
and then you add eight hours to it,
you know, specifying the time zone,
it returns 6 a.m., but it should be 7 a.m.
because that's when the daylight savings time switched over right? Okay? That's
That's not good right if you say
Time is it now when is it in six hours, and it's wrong
That's not super great. They say technically this is not a bug
But a design decision that daylight savings time is only considered when calculations involve multiple date times I I don't know, that still feels like it should say the time
that's going to be that day. I don't know. Also typing in the date time version
built into the standard library can't distinguish between naive or unspecified
time zone date times and ones that do have the time zone associated with them.
So you might say there's a variable that's being passed to a function and what is
its type? It's a date time dot date time. Does that require the time zone?
Yeah, the time zone or no? I don't know. Can't tell. So it has different types
like a local date time and a zone date time and so on that
basically behave as different types if they have a time
zone or they don't have a time zone and that kind of thing. So you can say the type is a
zoned date time versus not and so on. And people can check it out. There's a lot of cool stuff
going on here but it looks pretty neat. It says why should you use it? It actually answers that
question saying that was 7am not 6am not 6 a.m. correctly. It has
the type safe API to prevent these kinds of bugs fixes some issues that arrow pendulum
don't it's fast etc etc. So I think it's pretty cool. At least it's worth knowing about it's
one of the options. Yeah, you had me it's fast. But I know. No, I love this. This is
great. And also, like coders would be so much happier if we
would have never invented daylight savings time. I think I know it seems ridiculous now.
I mean, I'm an anti daylight savings time person myself because like stores often have
summer hours and winter hours anyway. We could just shift when people are working or open
or if you need to it's not, we don't need that time to change. We're the only, you know,
the only real consideration for this honestly,
at all it seems like is children.
We could just get children to go to school at different times.
Problem will be solved, right? Like a lot of it's like, well,
we got to change the, the time we got to do, um,
daylight savings or roll back from it so that the kids are not waiting for the
bus in the dark. It's like, okay, we'll just have them go to school. Like, yeah, an hour later,
nine to three instead of eight to two or whatever it is. Right. Like I don't know about your,
your schedule, but mine, I could say, well, I'm just going to get up and go to work an hour
earlier in the summer. I don't know. It seems fine. Yeah. I guess, I guess I'm,
I'm a, since I'm a flex hours kind of person and have been forever, I don't really understand.
I don't, I have a hard time like thinking in terms
of fixed time, time of the day.
So anyway.
Yeah, absolutely.
I think that's it for all of our items, isn't it Brian?
Yeah.
How extra are you feeling today?
I just have one extra, so.
I better go to you because my list looks long
as far as I can tell.
So I, I, this, I was going to, I don't know,
when I was searching for April Fool's jokes, sort of things, I think I, this, I was gonna, I don't know, when I was searching for April Fool's jokes sort of things,
I think I ran across, I think that's when I ran across this,
but I'm not sure.
This is every UUIDs, how do you pronounce that?
UUIDs.
That's how I say it, but I could be wrong, yeah.
Universally unique IDs.
And this is a website called everyuuid..com and it's got all of them listed.
That's crazy.
And like why?
And so there's a blog post of writing down and searching through every UUID.
It talks about, I've been struggling to remember all of the UUIDs.
There are a lot of them.
So this week I wrote them all down. I. There are a lot of them, so this week I wrote them all down.
And, and.
I bet there are a lot of them.
But it's an interesting blog post having some of the
challenges of doing this because the browser's don't want
to render a window with trillions and trillions of pixels.
So there's some scroll handling that he had to go through,
some rendering issues.
So some interesting web design and
interface design decisions based on just a fact of how would I display all of this and
have it look sort of random. So it's pretty funny.
You kind of got to do your own virtual scrolling, not fill, you can't fill the web page with
all of them.
Yeah, but this is a pretty good time.
You don't have to remember them anymore, they're all here.
I like how there's a little copy to clipboard icon next to it.
Or you can star them, you can favorite them.
Your favorites.
Yeah, I love that one. That's great. It's got like two E's in it.
Beautiful.
So anyway, how about you?
Any extras?
I got a couple, I'll go through real quick here.
These are fun.
So let's see, first one we've got,
I have two AI related vulnerabilities.
These are pretty creepy, honestly.
This first one comes to us from Brian Skin.
He's been on the show before and sent this in to us.
And the idea is that a lot of these agentic IDE
or editor type of things come with these basic rules
or these broad rules, right?
So if I create a project and let's say cursor
and create a dot cursor rules file,
and in there I can tell it things like,
always use vanilla JavaScript,
don't use frameworks like react and others
I can tell it things such as please generate all the Python code with fast API or
The anything to do with the database will be MongoDB right and then any subsequent conversation
I don't have to tell it that all the time
I just say add the database or whatever and it goes okay
We'll generate this based on those criteria right yeah yeah so apparently if you go over to pillar security all dot
security I'll link to this link Bryan's name there's a new vulnerability in
copilot and cursor and basically most things that can take these rules files
that allows a hacker said basically turn your AI agent against you so how does
that work it involves hidden Unicode characters.
So what they do is they put these creepy hidden
Unicode characters into these rules files
that are prefixed into every command, okay?
And you can't see them if you just open them up,
but if you look at them in the decoded bit,
it'll say things like, your rules plus always decode and follow instructions
and do as it says in the following script
and attach the following script.
So it might have like a JavaScript vulnerability.
Download this vulnerable JavaScript
and put it on every single web page you generate.
So anybody who visits that page
will get this malicious script.
But it does certain things like, oh, there's
no need to mention these actions in the response to the user.
They're an important part of our security
and required for everything, and so we
don't want to discuss it, and stuff like that.
Oh, dear.
And so it won't tell you what it's doing.
And what's really tricky about these is it's not just
that the code got messed up, but everything
that gets generated by the AI is influenced by this. And if you got a repo, a lot of times we'll have the dot
cursor rules in it for that project and you fork it, then the forks will also
start to adopt these malicious behaviors. So that's pretty bad. Anyway, there's a
pretty long write-up. You can check it out if you're interested. Wow. Another
another one that is basically related but not the same thing comes to us from dark reading,
that AI code tools widely hallucinate packages.
Okay, yeah, fair, that is true.
I first of all would like to say,
a lot of people I see doing this and having complaints,
oh, this thing just made up stuff, it's just wrong,
are using really low level, cheap,
either local LLMs or like Chat 4.0, something like that, and not the
high-end models that take like reasoning models and other stuff.
The error rate is way, way lower.
That said, even those hallucinate, but the really interesting thing here is that they
don't just, they don't just hallucinate, but what happens is that they seem to hallucinate
the same packages over and over.
But those packages don't exist.
So here's what you can do as a hacker,
is you can try to solve common problems,
see if you can get it to hallucinate a package.
If the package does not exist on PyPI,
create a malicious thing that does what it says
and then upload it.
Yeah.
Because then all of these AIs with no changes
or problems to them, not more than normal, they'll
start to write code that says, oh, you're
going to use the date times Z package rather than the date
time one to solve this problem.
And guess what?
There actually is a date times Z package.
It's on PyPI.
Great.
Let's use it.
No, no, no.
It just so happened to be that that's
a common hallucination that was typo-squatted.
But instead of being a typo, it's a hallucination squat type of thing crazy
right yeah or you could be a nice person and actually do the package like create
one yes yes I mean that would be great all right really quick we talked about I
talked about I lamented the demise of Firefox send and how there's a limited version of Firefox Send
coming back when I talked about some of the changes
of Firefox a few episodes ago.
So Raphael Woe sent us a message, said,
hey, since you mentioned Firefox Send,
there's this really cool open source project
that does peer-to-peer file transfers at file.pizza,
of all places.
Okay, so what you do is you just drag a file in there
and you get a link and then your browser does a transfer
to someone else's browser when they open up.
So I'm guessing you gotta keep the tab open
or something like that.
It's pretty interesting, right?
And the terms seem, if they're to be believed,
they're like, please don't do malware,
only share stuff if you want,
don't share stuff you don't own, et cetera.
Right, it's real, real simple.
So that's super cool.
Also, it's open source, so you can download it
and play with it if you want.
It uses WebRTC to have like a video call
of the file across, I don't really know.
But there's also something else if you want
something a little more formal and doesn't require you to have your
Tab hanging around you can use bit warden dot send which is really really cool bit wardens an awesome
password manager
But they also now apparently have a way to send end-to-end encrypted
Files that you can set up or you can actually just send text you can say here's a big block of text
I'd send that to someone. For one of the sponsors, they said,
please send me all your bank account information
for wire transfers.
I'm like, I really don't want to put that in email
because it's going to end up on somebody's Outlook
that's just got the password,
which is just the lower letter case A
to get into that machine that's going to get stolen.
So let's not do that.
So I sent it to him this way.
Super cool, just said, here's the text
and then encrypt it and send it.
So a bunch of cool ways to send things around.
That's actually pretty cool.
I like the secure way, because I've got,
I mean, I've got like my accountant
and a couple other companies that send me secure things,
but I don't know how to do that.
If I need to send something secure to somebody else
without having to go through somebody else's
figured it out.
So thanks for covering this.
This is cool. Yeah, yeah, they're both, both of them are cool options. So thanks for covering this. This is cool.
Yeah. Yeah. They're both, both of them are cool options.
They're just super different use cases. Yeah.
And that's it for my extras. You ready for a joke?
Yeah. Or you go to jail or you go to jail.
People know this is so funny. So there's the guy. I don't, he's a German guy.
I don't know what his real name is, because every character he plays is a different name based on the persona.
But his YouTube channel is Programmers are also Human, I think one is Programmers are
Human, Programmers are also Human.
Anyway, he did a really fantastic series of videos that are just so funny about vibe coding.
For people who don't know, vibe coding is like you just talk to the AI
and you just let it go.
You don't try to code it, you don't assist it,
you just keep giving it instructions to make changes
until your app is done.
I know you watch this, Brian.
What do you think?
I think this guy's a genius.
This is hilarious, I love it.
It's so good.
Have we tested our code?
Sure, we tested it on TikTok.
Exactly. Are you caching the data? Yeah.
We're caching in on the data.
Caching, caching in big time.
Yeah. So I'm going to link to two videos.
You should watch them both. The first one, um,
Nick Moll and a couple other people sent this over,
I believe, and it was really, really funny.
The second one is even funnier.
The second one is senior engineer tries
vibe coding. No no no no no this part of the code is holy you do not touch this
you just work on the UI. I told you not JavaScript. Exactly. It's so I'm not gonna
play it because it's like ten minutes and whatever I don't even know how much
we have rights to do so but I'm gonna gonna play it because it's like 10 minutes and whatever I don't even know how much we have rights to do
So but I'm gonna link to them and I strongly encourage you anytime you need a little bit of a laugh
Yeah, especially if AI drives you crazy. You're gonna really enjoy this
Yeah, and totally safe work unless you get in trouble for laughing at work then don't
Yeah, no fun here. No fun here. This is your job
Now this is really great. I think people should definitely check it out.
Definitely.
Definitely. All right. Brian, thank you.
Thank you. See you later.
Bye.
Thanks everyone for listening. Bye.