Feeds
TechBeamers Python: Python Map vs List Comprehension – The Difference Between the Two
In this tutorial, we’ll explain the difference between Python map vs list comprehension. Both map and list comprehensions are powerful tools in Python for applying functions to each element of a sequence. However, they have different strengths and weaknesses, making them suitable for different situations. Here’s a breakdown: What is the Difference Between the Python […]
The post Python Map vs List Comprehension – The Difference Between the Two appeared first on TechBeamers.
FSF News: Hayley Tsukayama will speak about grassroots activism at LibrePlanet 2024
ADCI Solutions: A Guide to Creating Pages with Layout Builder
In this post, we explain to all novice Drupal developers and Drupal site owners how to develop a page layout for a Drupal-based site using the Layout Builder.
This is part 2 of the series on the Layout Builder. You can find the first post here: Layout Builder | The power module in a nutshell.
ADCI Solutions: Upgrade Drupal 9 to 10 twice as fast
With Composer and several useful modules, your Drupal 9 site can be upgraded to Drupal 10 as quickly as possible. Here is a step-by-step guide on how to do this and save you time.
Real Python: Python Basics: Lists and Tuples
Python lists are similar to real-life lists. You can use them to store and organize a collection of objects, which can be of any data type. Instead of just storing one item, a list can hold multiple items while allowing manipulation and retrieval of those items. Because lists are mutable, you can think of them as being written in pencil. In other words, you can make changes.
Tuples, on the other hand, are written in ink. They’re similar to lists in that they can hold multiple items, but unlike lists, tuples are immutable, meaning you can’t modify them after you’ve created them.
In this video course, you’ll learn:
- What lists and tuples are and how they’re structured
- How lists and tuples differ from other data structures
- How to define and manipulate lists and tuples in your Python code
By the end of this course, you’ll have a solid understanding of Python lists and tuples, and you’ll be able to use them effectively in your own programming projects.
This video course is part of the Python Basics series, which accompanies Python Basics: A Practical Introduction to Python 3. You can also check out the other Python Basics courses.
Note that you’ll be using IDLE to interact with Python throughout this course.
[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]
LN Webworks: Voice Search Optimization & Set Up for Drupal: A Step-by-Step Setup Guide!
Drupal voice search has evolved from being a mere trend to becoming a standard feature for websites today. If you find yourself wondering, 'How do I enable search based on voice recognition on my Drupal website?' — you're in the right place.
Integrating voice search functionality into your Drupal site is not only modern but also enhances user experience and is extremely important for SEO ranking. In this blog post, we'll walk you through the steps to set up search based on voice recognition, making your Drupal site more accessible and user-friendly. But before we dive into the steps, let’s understand…
Python Bytes: #368 That episode where we just ship open source
Specbee: (Not Just Any) Drupal VS WordPress Blogpost - Your Top 5 FAQs Answered
Glyph Lefkowitz: Your Text Editor (Probably) Isn’t Malware Any More
In 2015, I wrote one of my more popular blog posts, “Your Text Editor Is Malware”, about the sorry state of security in text editors in general, but particularly in Emacs and Vim.
It’s nearly been a decade now, so I thought I’d take a moment to survey the world of editor plugins and see where we are today. Mostly, this is to allay fears, since (in today’s landscape) that post is unreasonably alarmist and inaccurate, but people are still reading it.
Problem Is It Fixed? vim.org is not available via https Yep! http://www.vim.org/ redirects to https://www.vim.org/ now. Emacs's HTTP client doesn't verify certificates by default Mostly! The documentation is incorrect and there are some UI problems1, but it doesn’t blindly connect insecurely. ELPA and MELPA supply plaintext-HTTP package sources Kinda. MELPA correctly responds to HTTP only with redirects to HTTPS, and ELPA at least offers HTTPS and uses HTTPS URLs exclusively in the default configuration. You have to ship your own trust roots for Emacs. Fixed! The default installation of Emacs on every platform I tried (including Windows) seems to be providing trust roots. MELPA offers to install code off of a wiki. Yes. Wiki packages were disabled entirely in 2018.The big takeaway here is that the main issue of there being no security whatsoever on Emacs and Vim package installation and update has been fully corrected.
Where To Go Next?Since I believe that post was fairly influential, in particular in getting MELPA to tighten up its security, let me take another big swing at a call to action here.
More modern editors have made greater strides towards security. VSCode, for example, has enabled the Chromium sandbox and added some level of process separation. Emacs has not done much here yet, but over the years it has consistently surprised me with its ability to catch up to its more modern competitors, so I hope it will surprise me here as well.
Even for VSCode, though, this sandbox still seems pretty permissive — plugins still seem to execute with the full trust of the editor itself — but it's a big step in the right direction. This is a much bigger task than just turning on HTTPS, but I really hope that editors start taking the threat of rogue editor packages seriously before attackers do, and finding ways to sandbox and limit the potential damage from third-party plugins, maybe taking a cue from other tools.
AcknowledgmentsThank you to my patrons who are supporting my writing on this blog. If you like what you’ve read here and you’d like to read more of it, or you’d like to support my various open-source endeavors, you can support me on Patreon as well!
-
the documention still says “gnutls-verify-error” defaults to nil and that means no certificate verification, and maybe it does do that if you are using raw TLS connections, but in practice, url-retrieve-synchronously does appear to present an interactive warning before proceeding if the certificate is invalid or expired. It still has yet to catch up with web browsers from 2016, in that it just asks you “do you want to do this horribly dangerous thing? y/n” but that is a million times better than proceeding without user interaction. ↩
Seth Michael Larson: Removing maintainers from open source projects
Published 2024-01-23 by Seth Larson
Reading time: minutes
Here's a tough but common situation for open source maintainers:
- You want a project you co-maintain to be more secure by reducing the attack surface.
- There are one or more folks in privileged roles who previously were active contributors, but now aren't active.
- You don't want to take away from or upset the folks who have contributed to the project before you.
These three points feel like they're in contention. This article is here to help resolve this contention and potentially spur some thinking about succession for open source projects.
Why do people do open source?Most rewards that come from contributing to open source are either intrinsic (helping others, learning new skills, interest in a topic, improve the world) or for recognition (better access to jobs, proof of a skill-set, “fame” from a popular project). Most folks don't get paid to work on open source for their first project, so it's unlikely to be their initial motivation.
Recognition is typically what feels “at stake” when removing a previous maintainer from operational roles on an open source project.
Let's split recognition into another two categories: operational and celebratory. Operational recognition is the category of recognition that has security implications like access to sensitive information or publishing rights. Celebratory has no security implications, it's there because we want to thank contributors for the work they've done for the project. Here's some examples of the two categories:
Operational:
- Additional access on source control like GitHub (“commit bit”)
- Additional access on package repository like PyPI
- Listing email addresses for security contacts
Celebratory:
- Author and maintainer annotation in package metadata
- Elevating contributors into a triager role
- Maintainer names listed in the README
- Thanking contributors in release notes
- Guest blog posts about the project
You'll notice that the celebratory recognition might be a good candidate for offsetting the removal of incidental operational recognition (like your account being listed on PyPI).
Suggestions for removing maintainers' with empathyEnsure the removal of operational recognition is supplanted by deliberate celebratory recognition. Consider thanking the removed individual publicly in a blog post, release notes, or social media for their contributions and accomplishments. If there isn't already a permanent place to celebrate past maintainers consider adding a section to the documentation or README.
Don't take action until you've reached out to the individual. Having your access removed without any acknowledgement feels bad and there's no way around that fact. Even if you don't receive a reply, sending a message and waiting some time should be a bare minimum.
Practice regular deliberate celebratory recognition. Thank folks for their contributions, call them out by name in release notes, list active and historical maintainers in the documentation. This fulfills folks that are motivated by recognition and might inspire them to contribute again.
Think more actively about succession. In one of the many potential positive outcomes for an open source project, you will be succeeded by other maintainers and someone else may one day be in the position that you are in today.
How can you prepare that individual to have a better experience than you are right now? I highly recommend Sumana Harihareswara's writing on this topic. There are tips like:
- Actively recruit maintainers by growing and promoting contributors.
- Talk about succession openly while you are still active on the project.
- Give privileges or responsibility to folks that repeatedly contribute positively, starting from triaging or reviewing code.
- Recognize when you are drifting away from a project and make it known to others, even if you intend to contribute in the future.
Thanks for reading! ♡ Did you find this article helpful and want more content like it? Get notified of new posts by subscribing to the RSS feed or the email newsletter.
This work is licensed under CC BY-SA 4.0
Dirk Eddelbuettel: x13binary 1.1.60 on CRAN: Upstream Update, Updated Build
The x13binary team is thrilled to share the availability of Release 1.1.60-1 of the x13binary package providing the X-13ARIMA-SEATS program by the US Census Bureau which arrived on CRAN earlier today.
This release brings the package up to speed with the most current release by the Census Bureau. More importantly, we finally made good on an old promise to ourselves and now install the binary by compiling from its Fortran sources! No more pre-made binaries. This required some work by Kirill, Michael, and Jeroen to finalize matter because, as we all know, the CRAN build processes and tool chains can be a little byzantine in their details. Use on platforms not covered by binaries from CRAN (or r-universe) should just work too as the demands on the (Fortran) compiler are fairly standard. All in all the build is fairly lightweight and quick even when rebuilding from source.
Courtesy of my CRANberries, there is also a diffstat report for this release showing changes to the previous release.
If you like this or other open-source work I do, you can sponsor me at GitHub.
This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.
Python Morsels: None in Python
Python's None value is used to represent emptiness. None is the default function return value.
Table of contents
- Python's None value
- None is falsey
- None represents emptiness
- The default function return value is None
- None is like NULL in other programming languages
Python has a special object that's typically used for representing emptiness. It's called None.
If we look at None from the Python REPL, we'll see nothing at all:
>>> name = None >>>Though if we print it, we'll see None:
>>> name = None >>> name >>> print(name) NoneWhen checking for None values, you'll usually see Python's is operator used (for identity) instead of the equality operator (==):
>>> name is None True >>> name == None TrueWhy is that?
Well, None has its own special type, the NoneType, and it's the only object of that type:
>>> type(None) <class 'NoneType'>In fact, if we got a reference to that NoneType class, and then we called that class to make a new instance of it, we'll actually get back the same exact instance, always, every time we call it:
>>> NoneType = type(None) >>> NoneType() is None TrueThe NoneType class is a singleton class. So comparing to None with is works because there's only one None value. No object should compare as equal to None unless it is None.
None is falseyWe often rely on the …
Read the full article: https://www.pythonmorsels.com/none/Talking Drupal: Talking Drupal #434 - Talking Drupal
Today we are talking about te show itself. We’ll also cover Autosave Form as our module of the week.
For show notes visit: www.talkingDrupal.com/434
Topics- Update on the show
- Guest hosts
- MOTW Correspondent
- Newsletter
- Sponsorship
- Open Collective
- Content
- New content in 2024
- Expanding team
Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Stephen Cross - stephencross.com stephencross
MOTW CorrespondentMartin Anderson-Clutz - mandclu
- Brief description:
- Have you ever wanted an autosave feature on your Drupal site’s forms, so content creators won’t lose their work if they accidentally close the window or lose power? There’s a module for that.
- Module name/project name:
- Brief history
- How old: created in Nov 2016 by Hristo Chonov of 1x Internet, who is also one of the organizers of Drupal Dev Days 2024 in Burgas
- Versions available: 8.x-1.4 which works with Drupal 9 and 10
- Maintainership
- Actively maintained, most recent comment less than 3 months ago
- Test coverage
- 38 open issues, 20 of which are bugs
- Usage stats:
- 6,414 sites
- Module features and usage
- Works by automatically saving the content of the current form every 60 seconds, though the time period is configurable
- When a user opens a form, if an autosaved state exists for that form a dialog will be shown asking if they want to resume editing or discard any autosaved states
- Once a form is submitted, any saved states will be automatically deleted
- Notionally it should work with both content entity forms and config forms, but the majority of development and testing has been with entity forms in mind
- The project page also mentions an issue with nested entity reference inline forms, and has links to relevant Drupal core issues
- Worth noting that this module uses AJAX to save the states to the Drupal database, separate from entity revisions
- If you want a solution that save form states into the browser’s localStorage instead, you can check out the Save Form State module, using the jQuery Sisyphus plugin
FSF Events: Free Software Directory meeting on IRC: Friday, January 26, starting at 12:00 EST (17:00 UTC)
gprofng-gui @ Savannah: gprofng GUI 1.1 released
gprofng GUI is a full-fledged graphical interface for the gprofng profiler, which is part of the GNU binutils.
The tarball gprofng-gui-1.1.tar.gz is now available at https://ftp.gnu.org/gnu/gprofng-gui/gprofng-gui-1.1.tar.gz.
--
Vladimir Mezentsev
Jose E. Marchesi
22 January 2024
TechBeamers Python: Is Python Map Faster than Loop?
In this short tutorial, we’ll quickly compare Python map vs loop. We’ll try to assess whether the Python map is faster than the loop or vice-versa. The comparison between using map and a loop (such as a for loop) in Python depends on the specific use case and the nature of the operation you are […]
The post Is Python Map Faster than Loop? appeared first on TechBeamers.
Glyph Lefkowitz: Okay, I’m A Centrist I Guess
Today I saw a short YouTube video about “cozy games” and started writing a comment, then realized that this was somehow prompting me to write the most succinct summary of my own personal views on politics and economics that I have ever managed. So, here goes.
Apparently all I needed to trim down 50,000 words on my annoyance at how the term “capitalism” is frustratingly both a nexus for useful critque and also reductive thought-terminating clichés was to realize that Animal Crossing: New Horizons is closer to my views on political economy than anything Adam Smith or Karl Marx ever wrote.
Cozy games illustrate that the core mechanics of capitalism are fun and motivating, in a laboratory environment. It’s fun to gather resources, to improve one’s skills, to engage in mutually beneficial exchanges, to collect things, to decorate. It’s tremendously motivating. Even merely pretending to do those things can captivate huge amounts of our time and attention.
In real life, people need to be motivated to do stuff. Not because of some moral deficiency, but because in a large complex civilization it’s hard to tell what needs doing. By the time it’s widely visible to a population-level democratic consensus of non-experts that there is an unmet need — for example, trash piling up on the street everywhere indicating a need for garbage collection — that doesn’t mean “time to pick up some trash”, it means “the sanitation system has collapsed, you’re probably going to get cholera”. We need a system that can identify utility signals more granularly and quickly, towards the edges of the social graph. To allow person A to earn “value credits” of some kind for doing work that others find valuable, then trade those in to person B for labor which they find valuable, even if it is not clearly obvious to anyone else why person A wants that thing. Hence: money.
So, a market can provide an incentive structure that productively steers people towards needs, by aggregating small price signals in a distributed way, via the communication technology of “money”. Authoritarian communist states are famously bad at this, overproducing “necessary” goods in ways that can hold their own with the worst excesses of capitalists, while under-producing “luxury” goods that are politically seen as frivolous.
This is the kernel of truth around which the hardcore capitalist bootstrap grindset ideologues build their fabulist cinematic universe of cruelty. Markets are motivating, they reason, therefore we must worship the market as a god and obey its every whim. Markets can optimize some targets, therefore we must allow markets to optimize every target. Markets efficiently allocate resources, and people need resources to live, therefore anyone unable to secure resources in a market is undeserving of life. Thus we begin at “market economies provide some beneficial efficiencies” and after just a bit of hand-waving over some inconvenient details, we get to “thus, we must make the poor into a blood-sacrifice to Moloch, otherwise nobody will ever work, and we will all die, drowning in our own laziness”. “The cruelty is the point” is a convenient phrase, but among those with this worldview, the prosperity is the point; they just think the cruelty is the only engine that can possibly drive it.
Cozy games are therefore a centrist1 critique of capitalism. They present a world with the prosperity, but without the cruelty. More importantly though, by virtue of the fact that people actually play them in large numbers, they demonstrate that the cruelty is actually unnecessary.
You don’t need to play a cozy game. Tom Nook is not going to evict you from your real-life house if you don’t give him enough bells when it’s time to make rent. In fact, quite the opposite: you have to take time away from your real-life responsibilities and work, in order to make time for such a game. That is how motivating it is to engage with a market system in the abstract, with almost exclusively positive reinforcement.
What cozy games are showing us is that a world with tons of “free stuff” — universal basic income, universal health care, free education, free housing — will not result in a breakdown of our society because “no one wants to work”. People love to work.
If we can turn the market into a cozy game, with low stakes and a generous safety net, more people will engage with it, not fewer. People are not lazy; laziness does not exist. The motivation that people need from a market economy is not a constant looming threat of homelessness, starvation and death for themselves and their children, but a fun opportunity to get a five-star island rating.
AcknowledgmentsThank you to my patrons who are supporting my writing on this blog. If you like what you’ve read here and you’d like to read more of it, or you’d like to support my various open-source endeavors, you can support me on Patreon as well!
-
Okay, I guess “far left” on the current US political compass, but in a just world socdems would be centrists. ↩
Chris Lamb: Increasing the Integrity of Software Supply Chains awarded IEEE ‘Best Paper’ award
IEEE Software recently announced that a paper that I co-authored with Dr. Stefano Zacchiroli has recently been awarded their ‘Best Paper’ award:
Titled Reproducible Builds: Increasing the Integrity of Software Supply Chains, the abstract reads as follows:
Although it is possible to increase confidence in Free and Open Source Software (FOSS) by reviewing its source code, trusting code is not the same as trusting its executable counterparts. These are typically built and distributed by third-party vendors with severe security consequences if their supply chains are compromised.
In this paper, we present reproducible builds, an approach that can determine whether generated binaries correspond with their original source code. We first define the problem and then provide insight into the challenges of making real-world software build in a "reproducible" manner — that is, when every build generates bit-for-bit identical results. Through the experience of the Reproducible Builds project making the Debian Linux distribution reproducible, we also describe the affinity between reproducibility and quality assurance (QA).
According to Google Scholar, the paper has accumulated almost 40 citations since publication. The full text of the paper can be found in PDF format.
The Drop Times: The DropTimes Carousels and Exciting Events
Have you ever wondered what a media partnership means to us? Simply put, it's like teaming up with some of the most remarkable events to bring their incredible stories directly to the readers through multiple channels, including our social media handles. We are humbled to acknowledge that The DropTimes (TDT) got the opportunity to be a media partner for several upcoming events, such as Florida Drupal Camp, Drupal Mountain Camp, and NERD Summit. We're already in friendly talks with events happening in 2024 for web coverage! We're planning to bring you even more fantastic stories.
Now, let's take a trip down memory lane with captivating carousels. Think of them like visual stories capturing the most exciting moments from events. It's our way of sharing each event's fun, happiness, and success. These carousels are like time machines, taking you back to the best parts of our media partnerships and the lively Drupal community.
The first features highlights from last year's events, including DrupalCon Pittsburgh and DrupalCon Lille 2023. Plus, get an exclusive sneak peek into what's coming up at DrupalCon Portland 2024 and DrupalCon Barcelona 2024.
But that's not all! Brace yourselves for a visual feast as we proudly present a collection of the best moments from Splash Awards (Germany and Austria), Drupal Developers Day Vienna, and DrupalCamp Costa Rica in 2023.
Moreover, we've compiled The Drop Times 2023 Carousel, a journey back to revisit the year's most noteworthy moments and achievements.
A big shout-out to the fantastic Drupal community for all the support in 2023. Your love and encouragement mean the world to us!
These moments are just the beginning. We're eager to build more partnerships in the future and share even more exciting stories with you. Now, let's shift our focus to the present. Explore some of the latest news stories and articles we covered last week. We've got a mix of engaging content waiting for you.
Elma John conducted a captivating interview with Nneka Hector, the Director of Web Development at DSFederal and a co-lead for Drupal GovCon. Nneka reflected on the community's eagerness for in-person interaction and valuable lessons learned.
Lukas Fischer, Founder of NETNODE AG and one of the developers behind the Content Planner module, shared a customised Dashboard for Drupal websites. Covered by Alka Elizabeth, the latest enhancements promise to make your Drupal experience even more delightful and user-friendly.
The Event Organizers Working Group (EOWG) election has wrapped up, and we're eagerly awaiting the results. Alka Elizabeth shared insights into the candidates' unique contributions. Stay tuned for the big reveal!
Meet Drupal Droid, a specially crafted AI model designed exclusively for the Drupal Community. Offering assistance with Drupal 9+ site building, development, and coding standards, this innovative tool was introduced by Michael Miles. Alka Elizabeth, sub-editor of The Drop Times, connected with Michael to glean insights into the creation and potential of Drupal Droid.
Now, let's explore what's been happening on the event front: Get a chance to showcase your talent and win a ticket to DrupalCon by submitting your design for the official DrupalCon Portland t-shirt. Enter before February 12! Volunteer as a Trivia Night Coordinator and embrace the opportunity to contribute to the organization of the iconic DrupalCon Trivia Night at Portland 2024.
Drupal Mountain Camp is leading the charge for diversity and inclusion in the Drupal community with a new initiative. They actively encourage underrepresented voices to participate, promoting a more diverse and enriched community. For more information, click here.
Explore exclusive sponsorship opportunities for NERD Summit 2024, a prominent mini-conference in web development and technology. Today is the last day for the NERD Summit 2024 for session submission. Make sure to propose your sessions or ideas before midnight. Get more details here.
Discover the upcoming Drupal Iberia 2024 event, set to convene in Evora on May 10th and 11th.
The largest Drupal Conference in Poland, DrupalCamp Poland 2024, calls for session submissions until April 16, 2024.
Secure your spot at Drupalcamp Rennes 2024! Ticket reservations are now available for the three-day event featuring insightful conferences and contribution opportunities.
Join the Drupal Delhi Meetup Group as they bring back the joy of in-person gatherings on February 24, 2024. Get more information here.
Missed LocalGov Drupal Week 2023? Don't worry! Dive into the virtual experience on their YouTube channel. Explore 14 sessions over five days, where 530+ participants shared experiences, best practices, and innovative code.
Join the GitLab Innovation Pitch Competition to showcase your software innovation skills. Compete for a $30,000 prize pool and the opportunity to collaborate with GitLab, focusing on DevOps, Machine Learning/AI, and Social Good projects. Deadline: Feb 27, 2024.
Here is a noteworthy update from the past week: Drupal pioneers innovation with its new credit bounty program, encouraging contributors to align with impactful projects and fostering a purpose-driven community for lasting impact.
There are more stories available out there. But the compulsion to limit the selection of stories is forcing us to put a hard break on further exploration.
As always, stay tuned for more exciting stories and updates. follow us on LinkedIn, Twitter and Facebook.
Thank you,
Sincerely
Kazima Abbas
Sub-editor, TheDropTimes