Python Bytes

Topics covered in this episode:

Vulnerability and malware checks in uv

HTTP GET requests with the Python standard library

Millions of AI agents imperiled by critical vulnerability in open source package

alembic-git-revisions

Extras

Joke

Watch on YouTube

About the show

Goodbye and Thanks Brian

Thanks Calvin for being part of this and future episodes! Also new time for the live show. Thanks Brian for all the hard work over the years.

Calvin #1: Vulnerability and malware checks in uv

release just yesterday by Astral https://astral.sh/blog/uv-audit

uv audit scans dependencies for known vulnerabilities and abandoned packages via the OSV database — runs 4–10x faster than pip-audit

Malware check runs on every install/sync, catching actively malicious packages (credential stealers, etc.) before they execute — including ones PyPI quarantined but lockfiles can still reference

Enable malware scanning with UV_MALWARE_CHECK=1 — it's opt-in and in preview

Future roadmap includes a resolver that steers toward vulnerability-free versions and install-time warnings scoped to newly added deps only

Michael #2: HTTP GET requests with the Python standard library

If you’re doing HTTP in Python, you’re probably using one of three popular libraries: requests, httpx, or urllib3.

There have been issues with httpx lately.

Niquest is another option: Drop-in replacement for Requests. Automatic HTTP/1.1, HTTP/2, and HTTP/3. WebSocket, and SSE included.

But maybe less is more, especially in the age of agentic AI

A good candidate needs two things to be true at once, not one: the used surface is small, and the behavior behind that surface is shallow.

Calvin #3: Millions of AI agents imperiled by critical vulnerability in open source package

"BadHost" (CVE-2026-48710) is a critical vulnerability in Starlette — the ASGI framework underlying FastAPI — with 325 million weekly downloads; also affects vLLM, LiteLLM, and most MCP server tooling

The exploit is trivial: injecting a single character into an HTTP Host header bypasses path-based authentication, and can lead to credential theft, SSRF, and in some cases remote code execution

MCP servers are a prime target since they store credentials for external services (email, databases, cloud accounts) — exposed data in the wild includes biopharma clinical trial DBs, full mailboxes, HR/PII pipelines, and AWS topology

Fix is available — patch to Starlette 1.0.1 immediately; use the free scanner at mcp-scan.nemesis.services to check if your servers are still running a vulnerable version

Open source sustainability footnote: the maintainer triages near-daily security reports solo, in his free time — most are AI-generated noise, and real ones like this still compete for the same evenings and weekends

Michael #4: alembic-git-revisions

By Julien Danjou from Mergify

Automatic Alembic migration chaining based on git commit history. No more Multiple head revisions are present for given argument 'head'.

See the introductory article

Caused by two migrations landed with the same down_revision, and Alembic doesn’t know which one comes first. The fix is always the same: someone manually edits the migration file to re-chain the revisions.

The insight: git already knows the order

Extras

Calvin:

GNU make can do pattern matching in the target. Not new at all, mentioned in the 1994-era docs. just and task don’t have this super power on the target name yet.
train-%:
uv run ./train.py $* --save-hyper-params --overwrite $(TRAIN_ARGS)

Michael:

Updated my HTTP client using packages from httpx to httpx2: listmonk, umami, and memberful. For motivation, see this reddit thread.

Joke: Accurate

Topics covered in this episode:

CVE-2026-48710: A Maintainer's Perspective

daily-stars-explorer

Markdown to pdf with pandoc and typst

postman2pytest

Extras

Joke

Watch on YouTube

About the show

Brian #1: CVE-2026-48710: A Maintainer's Perspective

Marcelo Trylesinski

suggested by Lee Luocks

Short version:

users of Starlette: upgrade to Starlette 1.0.1

security professionals: we can’t treat open source projects like corporations

This top link is a Starlette security advisory with the title

Missing Host header validation poisons request.url.path, bypassing path-based security checks

The CVE apparently caused some negative press targeting starlette.

However, “the vulnerability came from the application pattern and the deployment, never from something Starlette intended.”

A quote from an OSTIF article: “This bug is a classic “responsibility gap” where if this maintainer didn’t patch, thousands of exposed projects would have to individually secure their projects. In doing this work, they’ve voluntarily taken on the responsibility to protect the ecosystem from long-term systemic harm. As with all open source projects, they owed us nothing and could have left this to be everyone else’s problem and took the extraordinary steps of helping the ecosystem.”

Both X40 D-Sec and Ars Technica expected immediate fixes and responses from Starlette.

That’s not good. We can do better.

Michael #2: daily-stars-explorer

Explore the full history of any GitHub repository.

📈 Full Star History - Complete daily star counts for any repo

⏰ Hourly Stars - Hour-by-hour activity with timezone support

🔀 Compare Repos - Side-by-side comparison of any two repositories

📊 Activity Timelines - Commits, PRs, Issues, Forks, Contributors over time

📌 Pin Favorites - Bookmark repos for quick access without retyping

📰 Feed Mentions - See when repos were mentioned on HN, Reddit, YouTube, GitHub

💾 Export Data - Download as CSV or JSON

🌙 Dark Mode - Easy on the eyes

Try/use it online at emanuelef.github.io/daily-stars-explorer or install it for yourself.

Brian #3: Markdown to pdf with pandoc and typst

typst suggestion from Matt Harrison

Markdown is awesome

Pandoc is great for converting markdown to tons of stuff

but for pdf, it goes through LaTeX, which is … yuk (my opinion)

Pandoc also can convert to typst

And typst creates beautiful pdfs and is way easier (my opinion) to deal with than LaTeX.

New tools

brew upgrade pandoc

brew install typst

Now convert

pandoc something.md --to typst -o something.typ

typst compile something.typ something.pdf

Michael #4: postman2pytest

via Mikhail

Based on postman app

Convert Postman Collection v2.1 JSON into executable pytest test suites

Postman collections document your API. postman2pytest turns that documentation into executable regression tests that run in CI. No manual rewriting, no drift.

Extras:

New blog, who dis? - testandcode.org is now on .org and a blog and soon to be a “publisher”.

Joke: Centering a div

Topics covered in this episode:

Dumb Ways for an Open Source Project to Die

How to create a pylock.toml lockfile

https://github.com/facebook/Lifeguard

Choosing a Python Logging Library in 2026

Extras

Joke

Watch on YouTube

About the show

Sponsored by us! Support our work through:

Our courses at Talk Python Training

The Complete pytest Course

Patreon Supporters

Connect with the hosts

Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)

Brian: @brianokken@fosstodon.org / @brianokken.bsky.social

Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Michael #1: Dumb Ways for an Open Source Project to Die

Core categories

The maintainer left

The maintainer is still there

Sabotage and capture

The release pipeline broke

Force majeure

The world moved on

The project split

-

Examples

Bulma PRs still from 2023, issues and PRs with no maintainer response for years, last release 1.5 years ago

diskcache Similar, got hired by OpenAI, crickets after that

Brian #2: How to create a pylock.toml lockfile

Tim Hopper

Tim walks through using uv, pip and pdm to create pylock.toml files.

Recommendation: use uv export --format pylock.toml -o pylock.toml

He also has How to install from a pylock.toml lockfile with pip but the short version is:

use -r because tools treat it like a requirements file

Michael #3: https://github.com/facebook/Lifeguard

Lifeguard is a static analyzer to detect Lazy Imports incompatibilities and ease the adoption overhead for Lazy Imports in Python.

I’m more excited about lazy imports after my Cutting Python Web App Memory Over 31% experience

Some Python patterns depend on imports executing immediately. For example:

Module-level side effects — a module that registers a handler or modifies global state at import time will behave differently if that import is deferred.

The registry pattern — a module that registers itself (e.g., adding to a global dict) when imported will silently fail to register under Lazy Imports.

sys.modules manipulation — code that reads or writes sys.modules assumes prior imports have already executed.

Metaclasses and __init_subclass__ — class creation side effects may depend on imports being resolved.

Project Stage: Beta Lifeguard is in active development. We are aiming to be ready for general use by the Python 3.15 final release.

Brian #4: Choosing a Python Logging Library in 2026

Ayooluwa Isaiah

" which libraries matter, how they compare, where they overlap with the standard module, and when each one makes sense.”

The slant with this article is the need to log json output, which seems reasonable as things like API entry and exit point logging will include json.

Covered libraries

standard library logging with a hat tip to python-json-logger

Same site has a guide to setting up python-json-logger

structlog

Loguru

Logbook

picologging

Some benchmarks with structlog, stdlib+json, and Loguru, with structlog coming out faster

I liked the Loguru example

I’m going to have to try @logger.catch and logger.exception() for easily logging exceptions and serialize=True to enable JSON output.

Extras

Brian:

When Women Stopped Coding - Planet Money segment , spotted on BlueSky from Savannah Ostrowski

Lean TDD is now leaner

Still working on audio version, but some great changes in 0.7.1 version

Ch 6, TDD Interpretations, move ATDD and some of BDD to chapter

Ch 7, Change name to TDD with Teams: BDD and ATDD

Ch 9, Lean TDD, streamline steps and chapter

Ch 10, Change name to Lean TDD with Teams: Lean ATDD

Ch 11, Lean TDD with AI, Add short discussion about guardrails and security

Michael:

New course: Python Web Security: OWASP Top 10 with Agentic AI

All courses now with Spanish subtitles, see announcement

Joke: Stop texting me

Topics covered in this episode:

Using Django Tasks in production

Co-authored with Claude?

PyPI packages are increasing rapidly

httpx2

Extras

Joke

Watch on YouTube

About the show

Sponsored by us! Support our work through:

Our courses at Talk Python Training

The Complete pytest Course

Patreon Supporters
Connect with the hosts

Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)

Brian: @brianokken@fosstodon.org / @brianokken.bsky.social

Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)
Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too.
Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Brian #1: Using Django Tasks in production

Tim Schilling shares how the Djangonaut Space website has been using Django’s new tasks framework and some of the info missing from the official Django docs.

Tasks require a third party package, django-tasks-db to actually run the tasks.

Article walks through all changes necessary to get an email process running to notify admins of new testimonials. Cool simple example.

With the db backend, you can monitor progress of tasks in the admin, to see which tasks are scheduled, completed, or have errors.

Some wishes for the community to implement

new tutorial in the Django docs

Django Debug toolbar panel for tasks

test/mock backend

Great title for wish list: Thinks I’d like to see, but I’m too lazy to implement myself.

Michael #2: Co-authored with Claude?

Via Nik T.

We don’t put “executed on macOS”, “edited with PyCharm”, etc. in our commits. Why Claude?

Seems like a growth hack to me, that I don’t really care to participate in.

Some projects that have formalized their thoughts on this: The Generative AI Policy Landscape in Open Source

Adjust to turn off in ~/.claude/settings.json see the docs.

{
"attribution": {
"commit": "",
"pr": ""
}
}

Brian #3: PyPI packages are increasing rapidly

Artem Golubin

There’s been an increase of published packages per week on PyPI

A pretty big increase in the last handful of months.

30% increase since 2025, clearly due to AI

Artem is building hexora, a malicious Python code detector.

Cool package too, it can:

Audit project dependencies to catch potential supply-chain attacks

Detect malicious scripts found on platforms like Pastebin, GitHub, or open directories

Analyze IoC files from past security incidents

Audit new packages uploaded to PyPi.

Artem is using hexora to analyze recently published pypi packages and many are obviously vibecoded and trigger false positives for abuses of eval, exec, and subprocess

Side note: I don’t think that’s necessarily a false positive. Not malicious, but maybe a stupid-code-detector?

Lots are LLM related, Lots have bots contributing code

Publishing rate is crazy, dozens to hundreds of published versions in a day is a bug, not a feature

Brian’s proposal, PyPI should limit releases per day for any package to something a sane human would do, even if they make a mistake on a release, to maybe like 2-3, definitely under 10, in a day. And if the repo has obvious agent contributors listed, maybe lower to the limit to 1-2 a day? Honestly, “move fast and break things” doesn’t apply to breaking the commons.

Michael #4: httpx2

More on the httpx, httpxyz, etc changes: Pydantic people started their own fork, httpx2.

Michiel says “while we think httpxyz was definitely needed, we welcome httpx2 and think it should be the ‘blessed’ fork.”

Kludex, who is among other things maintainer of Starlette, was considering a fork

As it stands, httpx2 is lacking the performance improvements they added to httpxyz. But it will not be long before they will add those, too.

Also they already made some smart decisions:

they are switching from certifi to truststore

they are switching to compression.zstd on Python 3.14+, enabling zstd compression by default

they merged httpcore and vendored it in their repository

Discussion on Hacker News

Extras

Brian:

The Four Horsemen of the LLM Apocalypse - Anarcat

Django/JetBrains 2026 developer survey is open

Pyrefly 1.0 : “meaning we are confident that Pyrefly is ready for production use.”
Michael:

Just about ready to release Python Web Security: OWASP Top 10 with Agentic AI course. Be sure to be on the courses newsletter to get notified.

Joke: Proud Parents

Topics covered in this episode:

httpxyz one month in

Learn concurrency - a deep dive into multithreading with Python

pip 26.1 - lockfiles and dependency cooldowns

Python 3.15 sentinal values from PEP 661

Extras

Joke

Watch on YouTube

About the show

Sponsored by us! Support our work through:

Our courses at Talk Python Training

The Complete pytest Course

Patreon Supporters

Connect with the hosts

Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)

Brian: @brianokken@fosstodon.org / @brianokken.bsky.social

Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Michael #1: httpxyz one month in

First version of httpxyz contained just the fixes to get zstd working, and the fixes to get the test suite running on python 3.14, some ‘housekeeping’ changes related to the renaming

End of March: a compatibility shim that allows you to use httpxyz even with third-party packages that import httpx themselves, as long as you import httpxyz first.

Importing httpxyz automatically registers it under the httpx name in sys.modules , see https://httpxyz.org/httpx-compatibility/

Fixed a WHOLE bunch of performance related issues by forking httpcore

Brian #2: Learn concurrency - a deep dive into multithreading with Python

Nikos Vaggalis

“Whenever you are trying to speed up code using multiple cores, always ask yourself: “Do these threads need to talk to each other right now?” If the answer is yes, it will be slow. The best parallel code splits a big job into completely isolated chunks, processes them separately, and merges the results at the finish line.”

Good overview of thread concurrency with Python and how that’s been improved dramatically with free-threaded Python

Defines lots of terms you come across, including “embarrassingly parallel multithreading”

There’s a counter example that’s nice

Start with a shared resource, a counter, and multiple threads updating it

Attempt to fix with threading.Lock(), which fixes it, but slows things down

Good explanation of why

Proper fix with concurrent.futures and separating the work of different threads so that they can be independent and their results can be combined when they’re all finished.

Michael #3: pip 26.1 - lockfiles and dependency cooldowns

Python 3.9 is no longer supported

Experimental: installing from pylock files

Dependency cooldowns (see my post about this)

Lifting several 2020 resolver limitations

Brian #4: Python 3.15 sentinal values from PEP 661

MISSING = sentinel("MISSING")
def next_value(default: int | MISSING = MISSING):
...
if default is MISSING:
...

Take a name str as a constructor parameter

Intended to be compared with is operator, similar to None

Sentinal objects can be used as a type, also similar to None

and can be combined with other types with |.

Unlike None, sentinal values are truthy. (Elipses ... are also truthy)

This seems like a strange choice. but I guess it must have made sense to someone.

It does force you to use is instead of depending on False-ness, so I guess it’ll make code using sentinels more readable.

Interesting that the PEP was started in 2021, and we’re finally getting it this year.

Extras

Brian:

Before GitHub - Armin Ronacher

tenacity - cross-platform multi-track audio editor/recorder

learned about it from Armin’s article

Joke:

Joke option Make it myself

Seems similar to what people think about software now

Links

httpxyz one month in

httpxyz.org/httpx-compatibility

Learn concurrency - a deep dive into multithreading with Python

pip 26.1 - lockfiles and dependency cooldowns

my post about this

Python 3.15 sentinal values from PEP 661

Before GitHub

tenacity

Make it myself