Feeds

Drupal is usually perceived as a slow system, at least compared with frameworks like Laravel or Symfony. It is not that Drupal is slow, but that it does many things, usually very important, than a regular PHP framework. This is why a good use of caching is crucial. Caching reduces the time it takes to generate and deliver web pages by storing frequently accessed data in a temporary storage area. This leads to faster page load times and a smoother user experience.

Today we are talking about Drupal Marketing with version numbers, what competitors are doing, and Learning to Just Saying Drupal with guest Ivan Stegic. We’ll also cover Trash as our module of the week.

For show notes visit: www.talkingDrupal.com/451

Topics

• What is the premise of Just Say Drupal
• Why do you think it is important to drop the version number
• Where do you suggest we drop verison numbers
• In sales, if you don't mention version, how do you talk to clients
• Why could using version numbers be detrimental
• What do you suggest we call Drupal 7
• Have you spoken to the Drupal marketing team
• At Drupalcon they unveiled a new Brand Guide
• What do you think of Drupal Starshot
• Where do we go from here

Resources

• Ten7 Blog - Just Say Drupal
  • https://ten7.com/blog/post/just-say-drupal
  • https://justsaydrupal.org
• Drupal issue
• Drupal Brand Guide
• Drupal.org Issue
• Starshot
  • https://www.drupal.org/starshot
  • https://www.hojtsy.hu/blog/2024-may-13/drupal-11-deep-dive-watch-recording-present-your-own-free-slides
  • https://herchel.com/articles/thoughts-drupals-new-starshot-initiative
  • https://mglaman.dev/blog/starshot-recipe-cook-ambitious-drupal-applications
• Drupal tooling

Guests

Ivan Stegic - ten7.com ivanstegic

Hosts

Nic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Matthew Grasmick - grasmash

MOTW Correspondent

Martin Anderson-Clutz - mandclu.com mandclu

• Brief description:
  • Have you ever wanted your Drupal site to have a trash bin for content entities, so they wouldn’t be immediately deleted from the database? There’s a module for that
• Module name/project name:
  • Trash
• Brief history
  • How old: created in Feb 2008 by rötzi, though recent releases are by Andrei Mateescu (mah-teh-sku) (amateescu) of Tag1
  • Versions available: 3.0.3, compatible with Drupal 9, 10, and 11
• Maintainership
  • Actively maintained, release less than two months old
  • Security coverage
  • Test coverage
  • Number of open issues: 7 open issues, 3 of which are bugs against the current branch
• Usage stats:
  • 1899 sites
• Module features and usage
  • Once the module is installed, you choose which entity types on your site should use the new trash storage
  • For all the configured entities, deleting a piece of content moves it into the new trash storage, along with a timestamp set for when it went into the trash
  • You can configure whether or not the trash should be automatically purged on a periodic basis, and if so how often that should happen
  • It seems that there are some entities for which the Trash module currently excludes its functionality, such as users, comments, taxonomy terms, and so on. The note in the code indicates that more testing is needed, so any of our listeners who wants to trash entities for any of these types could try out patching the TrashSettingsFormand on a local copy and provide feedback based on how things work
  • The ability to restore deleted content is a request I’ve heard a number of times, so this could be a really useful module for making Drupal work in ways that certain teams expect

In Plasma, when the user wants to do some significant layout change in the desktop, such as adding, moving or removing panels or add and manage desktop widgets, will go in the so called “edit mode”, by a context menu entry when driven by mouse, or by long-press in the desktop when driven by touchscreen.

Let me introduce you the improved edit mode workflow Plasma 6.1 will have:

An “edit mode” is necessary because since is an operation potentially destructive, we really want to avoid the user to for instance remove their own taskbar or some similar operation by mistake, during day to day use.

“Modes” in UI are a delicate thing: they have advantage as well many possible problems, which come in when it’s not immediately clear in which mode the user is in, and can try to use the UI as it was “in the other mode” (see https://www.nngroup.com/articles/modes/ as a quick introduction on advantages and disadvantages of modes).

This was a bit of a problem of the edit mode in plasma, as the edit mode was not clearly visually separated with the normal UI workflow of the day to day plasma usage.

Another problem present was that the action buttons of the edit mode toolbar were often hidden away by either the panel configuration window or the add widgets sidebar.

This new mode zooms out the desktop with the same visual effect of the window overview effect (yay for consistency), to well differentiate between normal and edit mode. Using the same zoom effect it puts the whole desktop “out of the way” when either the add widget sidebar of the panel configuration window appear, making sure the whole desktop area is always reachable, applets can be dropped anywhere in the desktop and the edit mode toolbar is always completely accessible.

A week loaded with important questions.

Overarching concerns with Draft v.0.0.8 and suggested modifications

A post signed by the AWS Open Source raised important questions, illustrating a disagreement on the concept of “Data information.”

• A detailed post signed by the AWS Open Source team raises concerns about the draft concept of Data information in v0.0.8 and other important topics. I suggest reading their post. The major points discussed this week are:
  • The discussion on training data is not settled. AWS Open Source team argues that for an Open Source AI Definition to be effective, the data used to train the AI system must be included, similar to the requirement for source code in Open Source software. They say the current definitions mark the inclusion of datasets as optional, undermining transparency and reproducibility.
  • Their suggestion: Use synthetic data where the inclusion of actual datasets poses legal or privacy risks.
    • Valentino Giudice takes issues with the phrase “or AI systems, data is the equivalent of source code,” and states that “equivalent” is used too liberally here. For trained models, the dataset isn’t necessary to understand the model’s operations, which are determined by architecture and frameworks.
      • Ferraioli disagrees, stating that “A trained model cannot be considered open source without the data, processing code, and training code. Comparing a trained model to a software binary, we don’t call binaries open source without the source code being available and licensed as open source. “
    • Zacchiroli adds that they support the suggestion to use “high quality equivalent synthetic datasets” when the original data cannot be released. Although “equivalent” remains undefined and could create loopholes, this issue doesn’t worsen OSAID
  • Some proposed modifications otherwise include:
  • Require Release of Dependent Datasets
    • Mandate the release of training, testing, validation, and benchmarking datasets under an open data license or high-quality synthetic data if legal restrictions apply.
    • Update the “Data Information” section to make dataset release a requirement.
• Prevent Restrictions on Outputs
  • Prohibit restrictions on the use, modification, or distribution of outputs generated by Open Source AI systems.
• Eliminate Optional Components
  • Remove optional components from the OSAID to maintain a high standard of openness and transparency.
• Address Combinatorial Ambiguity
  • Ensure any license applied to the distribution of multiple components in an Open Source AI system is OSD-approved.

Why and how to certify Open Source AI

• The post from AWS team contained a comment about certification process for Open Source AI that deserves a separate thread. There are pending questions to be answered:
  • who exactly needs a certification that an AI system is Open Source AI?
  • who is going to use such certification? Is anyone of the groups deploying open foundation models today thinking that they could use one? For what purpose?
  • who is going to consume the information carried by the certification, why and how?
• Zacchiroli adds that the need for certifying AI systems as OSAID compliant arises from inherent ambiguities in the definitions, such as terms like “sufficiently” and “high quality equivalent synthetic dataset.” Disagreements on compliance will require a judging authority, akin to OSI for the OSD. While managing judgments for OSAID might be more complex due to the potential volume, the community is likely to turn to OSI for such decisions.

Can a derivative of non-open-source AI be considered Open Source AI?

• This question was asked on the draft document and moved to the forum for higher visibility. Is it technically possible to fine-tune a model without knowing the details of its initial training? Are there examples of successfully fine-tuned AI/ML systems where the initial training data and techniques were unknown but the fine-tuning data and methods were fully disclosed?
  • Shuji Sado added that fine-tuning typically involves updating the weights of newly added layers and some layers of the pre-trained model, but not all layers, to maintain the benefits of pre-training.
  • Valentino Giudice raised concerns over this point as multiple strategies for fine-tuning exist, allowing for flexibility in updating weights in any amount of existing layers without necessarily adding new ones. Even updating the entire network can be beneficial, as it leverages the pre-trained model’s information and can be more efficient than training a new model from scratch. Fine-tuning can slightly adjust the model’s performance or behaviour, integrating new data effectively.

Please, especially if you are knowledgeable in this field, we would love to hear more thoughts!

Growth is a natural process of improvement and progress. It's about moving forward, evolving, and reaching new heights. In our digital age, growth manifests in various forms, from expanding online platforms to enhancing user experiences.

Enter Drupal, a powerful tool for nurturing growth in the digital realm. With its robust framework and modular architecture, Drupal empowers users to easily create and expand their online presence. From small blogs to complex websites, Drupal offers the flexibility and scalability needed to support continuous growth and evolution.

When Drupal and growth intersect, possibilities abound. With over 1.7 million websites powered by Drupal, its impact on digital expansion is undeniable. Drupal catalyzes growth, providing individuals and organizations with the tools and resources to thrive in an ever-changing digital landscape.

As we anticipate the future, Drupal continues to evolve in tandem with the demands of the digital age. Drupal remains committed to fostering growth and innovation with each update and enhancement. The upcoming releases, including Drupal 11, promise to further elevate Drupal's capabilities, offering new avenues for digital expansion and creativity.

Now as moving ahead, we are excited to share the latest updates from the Drupal community, as covered by The Drop Times.

In a recent conversation with Alka Elizabeth, our sub-editor, Kristiaan Van den Eynde, Senior Drupal Developer at Factorial, shed light on the upcoming release of the Policy-Based Access Control (PBAC) system in Drupal 10.3.  The project introduced a dynamic system for managing permissions based on predefined policies. This initiative promises enhanced flexibility and security. Kristiaan shares insights into his development process, the challenges faced, and the future of access control in Drupal.

DrupalCamp Poland recently concluded in Warsaw, bringing together Drupal enthusiasts and IT professionals. In our coverage, we share insights from the event's organizers and speakers, showcasing the significance of this conference in driving Drupal's growth and community engagement.

Attendees can now secure their tickets at a reduced Early Bird price for DrupalCon Barcelona 2024, scheduled to take place from September 24 to 27. This event promises to be an enriching experience in the vibrant city of Barcelona, bringing together Drupal enthusiasts and professionals from around the world.

The DrupalCon Europe Advisory Board is now accepting nominations for the Women in Drupal Award sponsored by Jakala. This award recognizes outstanding contributions by women in the Define, Build, and Scale categories. Winners will be announced at DrupalCon Europe 2024 in Barcelona.

EvolveDrupal invites passionate speakers to participate in its upcoming events in Montreal on June 14th and New York City on September 20th. Speakers are encouraged to deliver engaging sessions ranging from 20 to 45 minutes on topics such as coding, CMS, UX/UI design, digital strategy, and higher education.

The Drupal Bulgaria community has announced the program schedule for Drupal Developer Days Burgas 2024, which will take place from June 26 to June 28 at Burgas Free University in Burgas, Bulgaria. This annual event brings together Drupal enthusiasts and professionals to share knowledge, collaborate on projects, and discuss the latest developments in the Drupal ecosystem.

Drupal community events unite Drupal enthusiasts from diverse backgrounds, creating a supportive network centered around Drupal. Explore meetups, webinars, and conferences designed for Drupal enthusiasts at all levels this week. Connect, learn, and grow within the Drupal community with events in Brisbane, Boston, London, Toronto, and Pune.

DICTU, the Dutch government's IT organization, has become a Gold sponsor for the upcoming DrupalJam 2024  Open Up event. Scheduled for June 12, 2024, at DeFabrique in Utrecht, this marks the 20th edition of Drupaljam

Following a successful presentation at DrupalCon Portland 2024, Suzanne Dergacheva, Co-founder and Drupal Practice Lead at Evolving Web, shares her enthusiasm. Alongside Shawn Perritt and Nikhil Deshpande, Suzanne unveiled the new Drupal brand on the main stage, outlining plans to promote it through open marketing tactics. Suzanne calls on marketers at Drupal agencies and end users to become ambassadors for Drupal, encouraging them to contribute to the initiative. She highlighted that both small and large contributions are valuable and provide avenues for involvement. Interested individuals can fill out a volunteer form or contact her directly to participate in the rollout of the new brand.

Boyan Borisov, formerly VP of Digital Solutions Europe at FFW and now Director of Digital Solutions at Jakala, announced a significant milestone on LinkedIn. He marked the integration of FFW into Jakala, following Jakala's acquisition of FFW. This strategic move aims to bolster Jakala's international presence and service offerings

In another exciting development, Ryan Loos, a senior developer at Chapter Three, has announced the release of his first Drupal module, Entity Tracer. Designed to address the complexities of navigating interconnected entity references on Drupal sites, the module provides a visual tool for tracing entity relationships both "up" and "down" through a site’s structure.

We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now.

To get timely updates, follow us on LinkedIn, Twitter and Facebook. Also, join us on Drupal Slack at #thedroptimes.

Thank you,
Sincerely
Kazima Abbas
Sub-editor, The Drop Times.

Python has several basic data types that are built into the language. With these types, you can represent numeric values, text and binary data, and Boolean values in your code. So, these data types are the basic building blocks of most Python programs and projects.

In this tutorial, you’ll learn about:

• Numeric types, such as int, float, and complex
• The str data type, which represents textual data
• The bytes and bytearray data types for storing bytes
• Boolean values with the bool data type

In this tutorial, you’ll learn only the basics of each data type. To learn more about a specific data type, you’ll find useful resources in the corresponding section.

Get Your Code: Click here to download the free sample code that you’ll use to learn about basic data types in Python.

Take the Quiz: Test your knowledge with our interactive “Basic Data Types in Python: A Quick Exploration” quiz. You’ll receive a score upon completion to help you track your learning progress:

Interactive Quiz

Basic Data Types in Python: A Quick Exploration

Take this quiz to test your understanding of the basic data types that are built into Python, like numbers, strings, and Booleans.

Python’s Basic Data Types

Python has several built-in data types that you can use out of the box because they’re built into the language. From all the built-in types available, you’ll find that a few of them represent basic objects, such as numbers, strings and characters, bytes, and Boolean values.

Note that the term basic refers to objects that can represent data you typically find in real life, such as numbers and text. It doesn’t include composite data types, such as lists, tuples, dictionaries, and others.

In Python, the built-in data types that you can consider basic are the following:

Class Basic Type int Integer numbers float Floating-point numbers complex Complex numbers str Strings and characters bytes, bytearray Bytes bool Boolean values

In the following sections, you’ll learn the basics of how to create, use, and work with all of these built-in data types in Python.

Integer Numbers

Integer numbers are whole numbers with no decimal places. They can be positive or negative numbers. For example, 0, 1, 2, 3, -1, -2, and -3 are all integers. Usually, you’ll use positive integer numbers to count things.

In Python, the integer data type is represented by the int class:

Python >>> type(42) <class 'int'> Copied!

In the following sections, you’ll learn the basics of how to create and work with integer numbers in Python.

Integer Literals

When you need to use integer numbers in your code, you’ll often use integer literals directly. Literals are constant values of built-in types spelled out literally, such as integers. Python provides a few different ways to create integer literals. The most common way is to use base-ten literals that look the same as integers look in math:

Python >>> 42 42 >>> -84 -84 >>> 0 0 Copied!

Here, you have three integer numbers: a positive one, a negative one, and zero. Note that to create negative integers, you need to prepend the minus sign (-) to the number.

Python has no limit to how long an integer value can be. The only constraint is the amount of memory your system has. Beyond that, an integer can be as long as you need:

Python >>> 123123123123123123123123123123123123123123123123 + 1 123123123123123123123123123123123123123123123124 Copied!

For a really, really long integer, you can get a ValueError when converting it to a string:

Python >>> 123 ** 10000 Traceback (most recent call last): ... ValueError: Exceeds the limit (4300 digits) for integer string conversion; use sys.set_int_max_str_digits() to increase the limit Copied! Read the full article at https://realpython.com/python-data-types/ »

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

Haruna version 1.1.1 is out.

You can get it now on flathub:

Windows versions:

• haruna-1.1.1-windows-gcc-x86_64.exe
• haruna-1.1.1-windows-gcc-x86_64.7z
• haruna-1.1.1-windows-gcc-x86_64-dbg.7z

Availability of other package formats depends on your distro and the people who package Haruna.

If you like Haruna then support its development: GitHub Sponsors | Liberapay | PayPal

Feature requests and bugs should be posted on bugs.kde.org, but for bugs make sure to fill in the template and provide as much information as possible.

Changelog: 1.1.1

Bugfixes:

• Subtitles menu not including manually added subtitles
• Duration in the playlist being 0
• Preview popup being visible for audio files
• AB loop not resetting

1.1.0

Features:

• Setting to open playlist items with single click

Bugfixes:

• Video opening in a separate window when using mpv version 0.38.0
• Mute resetting when opening a new file
• Playing item in playlist is no longer bold, it made text hard to read under certain conditions

Why would you need a mobile app for your business? Here are the main advantages of mobile apps that can help you drive your business forward.

The Drupal community has introduced a survey for the IXP Fellowship Initiative, aiming to support inexperienced developers by defining core competencies. This initiative encourages companies to mentor new talent, bridging the gap between training and real-world projects.

The 13th edition of Drupal Camp Poland 2024 in Warsaw was a success, featuring learning, networking, and community spirit.

Sorry to annoy you, I would prefer not to deal with politics either, but considering that Mastodon recently lost its status as a nonprofit organisation in Germany without an explanation we cannot ignore that there very much is a direct impact of politics on what we do.

As someone who is collaborating with an international group of nice and smart people every day, it might not come as a surprise that I am opposed to all those parties that keep blaming migration and foreigners for every political failure. Let us try to support the innocent people who are being attacked by terrorist groups or nations. Way too many parties are hostile towards people who try to have a happy, honest life while ignoring or understating the importance of fair taxation and reducing greenhouse gas emissions.

You might say: “But all the parties are corrupt!” – Well, true. In every group there is a share of psychopaths. We even have some in KDE! (Surprisingly few though!) This should not deter you from contributing. Please be the change you want to see in the world and vote for the party that sucks the least! Or don't, it's your life and I am not your mom. Thanks for reading. :^)

I attended the school Yarra Valley Grammer (then Yarra Valley Anglican School which I will refer to as “YV”) and completed year 12 in 1990. The school is currently in the news for a spreadsheet some boys made rating girls where “unrapeable” was one of the ratings. The school’s PR team are now making claims like “Respect for each other is in the DNA of this school”. I’d like to know when this DNA change allegedly occurred because respect definitely wasn’t in the school DNA in 1990! Before I go any further I have to note that if the school threatens legal action against me for this post it will be clear evidence that they don’t believe in respect. The actions of that school have wronged me, several of my friends, many people who aren’t friends but who I wish they hadn’t had to suffer and I hadn’t had to witness it, and presumably countless others that I didn’t witness. If they have any decency they would not consider legal action but I have learned that as an institution they have no decency so I have to note that they should read the Wikipedia page about the Streisand Effect [1] and keep it in mind before deciding on a course of action.

I think it is possible to create a school where most kids enjoy being there and enjoy learning, where hardly any students find it a negative experience and almost no-one finds it traumatic. But it is not possible to do that with the way schools tend to be run.

When I was at high school there was a general culture that minor sex crimes committed by boys against boys weren’t a problem, this probably applied to all high schools. Things like ripping a boy’s pants off (known as “dakking”) were considered a big joke. If you accept that ripping the pants off an unwilling boy is a good thing (as was the case when I was at school) then that leads to thinking that describing girls as “unrapeable” is acceptable. The Wikipedia page for “Pantsing” [2] has a reference for this issue being raised as a serious problem by the British Secretary of State for Education and Skills Alan Johnson in 2007. So this has continued to be a widespread problem around the world. Has YV become better than other schools in dealing with it or is Dakking and Wedgies as well accepted now as it was when I attended? There is talk about schools preparing kids for the workforce, but grabbing someone’s underpants without consent will result in instant dismissal from almost all employment. There should be more tolerance for making mistakes at school than at work, but they shouldn’t tolerate what would be serious crimes in other contexts. For work environments there have been significant changes to what is accepted, so it doesn’t seem unreasonable to expect that schools can have a similar change in culture.

One would hope that spending 6 years wondering who’s going to grab your underpants next would teach boys the importance of consent and some sympathy for victims of other forms of sexual assault. But that doesn’t seem to happen, apparently it’s often the opposite.

When I was young Autism wasn’t diagnosed for anyone who was capable of having a normal life. Teachers noticed that I wasn’t like other kids, some were nice, but some encouraged other boys to attack me as a form of corporal punishment by proxy – not a punishment for doing anything wrong (detentions were adequate for that) but for being different. The lesson kids will take from that sort of thing is that if you are in a position of power you can mistreat other people and get away with it. There was a girl in my year level at YV who would probably be diagnosed as Autistic by today’s standards, the way I witnessed her being treated was considerably worse than what was described in the recent news reports – but it is quite likely that worse things have been done recently which haven’t made the news yet. If this issue is declared to be over after 4 boys were expelled then I’ll count that as evidence of a cover-up. These things don’t happen in a vacuum, there’s a culture that permits and encourages it.

The word “respect” has different meanings, it can mean “treat a superior as the master” or “treat someone as a human being”. The phrase “if you treat me with respect I’ll treat you with respect” usually means “if you treat me as the boss then I’ll treat you as a human being”. The distinction is very important when discussing respect in schools. If teachers are considered the ultimate bosses whose behaviour can never be questioned then many boys won’t need much help from Andrew Tate in developing the belief that they should be the boss of girls in the same way. Do any schools have a process for having students review teachers? Does YV have an ombudsman to take reports of misbehaving teachers in the way that corporations typically have an ombudsman to take reports about bad managers? Any time you have people whose behaviour is beyond scrutiny or oversight you will inevitably have bad people apply for jobs, then bad things will happen and it will create a culture of bad behaviour. If teachers can treat kids badly then kids will treat other kids badly, and this generally ends with girls being treated badly by boys.

My experience at YV was that kids barely had the status of people. It seemed that the school operated more as a caretaker of the property of parents than as an organisation that cares for people. The current YV website has a Whistleblower policy [3] that has only one occurrence of the word “student” and that is about issues that endanger the health or safety of students. Students are the people most vulnerable to reprisal for complaining and not being listed as an “eligible whistleblower” shows their status. The web site also has a flowchart for complaints and grievances [4] which doesn’t describe any policy for a complaint to be initiated by a student. One would hope that parents would advocate for their children but that often isn’t the case. When discussing the possibility of boys being bullied at school with parents I’ve had them say things like “my son wouldn’t be so weak that he would be bullied”, no boy will tell his parents about being bullied if that’s their attitude! I imagine that there are similar but different issues of parents victim-blaming when their daughter is bullied (presumably substituting immoral for weak) but don’t have direct knowledge of the topic. The experience of many kids is being disrespected by their parents, the school system, and often siblings too. A school can’t solve all the world’s problems but can ideally be a refuge for kids who have problems at home.

When I was at school the culture in the country and the school was homophobic. One teacher when discussing issues such as how students could tell him if they had psychological problems and no-one else to talk to said some things like “the Village People make really good music” which was the only time any teacher said anything like “It’s OK to be gay” (the Village People were the gayest pop group at the time). A lot of the bullying at school had a sexual component to it. In addition to the wedgies and dakking (which while not happening often was something you had to constantly be aware of) I routinely avoided PE classes where a shower was necessary because of a thug who hung around by the showers and looked hungrily at my penis, I don’t know if he had a particular liking to mine or if he stared at everyone that way. Flashing and perving was quite common in change rooms. Presumably as such boy-boy sexual misbehaviour was so accepted that led to boys mistreating girls.

I currently work for a company that is active in telling it’s employees about the possibility of free psychological assistance. Any employee can phone a psychologist to discuss problems (whether or not they are work related) free of charge and without their manager or colleagues knowing. The company is billed and is only given a breakdown of the number of people who used the service and roughly what the issue was (work stress, family, friends, grief, etc). When something noteworthy happens employees are given reminders about this such as “if you need help after seeing a homeless man try to steal a laptop from the office then feel free to call the assistance program”. Do schools offer something similar? With the school fees paid to a school like YV they should be able to afford plenty of psychologist time. Every day I was at YV I saw something considerably worse than laptop theft, most days something was done to me.

The problems with schools are part of larger problems with society. About half of the adults in Australia still support the Liberal party in spite of their support of Christian Porter, Cardinal Pell, and Bruce Lehrmann. It’s not logical to expect such parents to discourage their sons from mistreating girls or to encourage their daughters to complain when they are mistreated. The Anglican church has recently changed it’s policy to suggesting that victims of sexual abuse can contact the police instead of or in addition to the church, previously they had encouraged victims to only contact the church which facilitated cover-ups. One would hope that schools associated with the Anglican church have also changed their practices towards such things.

I approve of the “respect is in our DNA” concept, it’s like Google’s former slogan of “Don’t be evil” which is something that they can be bound to.

Here’s a list of questions that could be asked of schools (not just YV but all schools) by journalists when reporting on such things:

1. Do you have a policy of not trying to silence past students who have been treated badly?
2. Do you take all sexual assaults seriously including wedgies and dakking?
3. Do you take all violence at school seriously? Even if there’s no blood? Even if the victim says they don’t want to make an issue of it?
4. What are your procedures to deal with misbehaviour from teachers? Do the students all know how to file complaints? Do they know that they can file a complaint if they aren’t the victim?
5. Does the school have policies against homophobia and transphobia and are they enforced?
6. Does the school offer free psychological assistance to students and staff who need it? NB This only applies to private schools like YV that have huge amounts of money, public schools can’t afford that.
7. Are serious incidents investigated by people who are independent of the school and who don’t have a vested interest in keeping things quiet?
8. Do you encourage students to seek external help from organisations like the ones on the resources list of the Grace Tame Foundation [5]? Having your own list of recommended external organisations would be good too.

Counter Arguments

I’ve had practice debating such things, here’s some responses to common counter arguments.

• Teachers are nice people how dare you criticise them. Teachers like any other large group of people includes good and bad people. The issue is how well the good people are supported in doing good things, how much effort is spent on tracking down and removing the bad people, and how much effort is spent training people to be the best version of themselves. Also my father worked as a teacher so I really don’t think that all teachers are bad.
• Teachers are overworked and underpaid and you shouldn’t criticise them. When a school has 25 students in a class whose parents each pay $30,000 per annum the school can afford to pay as much as is necessary. Arguments about teachers being overworked and underpaid are a criticism of the organisation of private school and of government priorities for public schools not a counter argument to criticisms of the way schools operate.
• When I went to school no bad things happened. Did you go to YV? If not then your experience isn’t relevant to this post.
• I was a prefect at YV and didn’t see any bad things, if you saw bad things you should have reported it to me. I was not aware of any prefect who had a history of opposing bullying in previous years, I can think of some who had a history of encouraging it. Prefects were selected on the basis of supporting the system so anyone who would be expected to try to change things would have been rejected.
• Children will make false and frivolous claims so we should ignore most of what they say, therefore complaints should only come from parents. Children have considerably less ability to lie than adults and the senior teachers are much better at detecting lies than most people. Sorting out accurate claims from false ones shouldn’t be difficult but if you reject all criticism as false claims then you will definitely miss reports of bad things and allow problems to continue.
• I had a hard time at school and I turned out fine. If having bad things done to you doesn’t make you want to protect others from the same things then you didn’t turn out fine at all.
• Kids need to toughen up to survive the real world. The “real world” that I live in doesn’t involve much violence at all, even having someone raise their voice at work is uncommon. Of the situations where being “tough” due to my experience at YV has been useful almost all of them involve me choosing to help someone I don’t know in a dangerous situation while other men pretend that they didn’t even notice it. The real solution is to create a world with less violence and a large part of that involves improving schools.

Conclusion

I don’t think that YV is necessarily worse than other schools, although I’m sure that representatives of other private schools are now working to assure parents of students and prospective students that they are.

I don’t think that all the people who were employed as teachers there when I attended were bad people, some of them were nice people who were competent teachers. But a few good people can’t turn around a bad system. I will note that when I attended all the sports teachers were decent people, it was the only department I could say such things about. But sports involves situations that can lead to a bad result, issues started at other times and places can lead to violence or harassment in PE classes regardless of how good the teachers are.

Teachers who know that there are problems need to be able to raise issues with the administration. When a teacher quits teaching to join the clergy and another teacher describes it as “a loss for the clergy but a gain for YV” it raises the question of why the bad teacher in question couldn’t have been encouraged to leave earlier.

A significant portion of the population will do whatever is permitted. If you say “no teacher would ever bully a student so we don’t need to look out for that” then some teacher will do exactly that.

I hope that this will lead to changes both in YV and in other schools. But if they declare this issue as resolved after expelling 4 students then something similar or worse will happen again. At least now students know that when this sort of thing happens they can send evidence to journalists to get some action.

• [1] https://en.wikipedia.org/wiki/Streisand_effect
• [2] https://en.wikipedia.org/wiki/Pantsing
• [3] https://www.yvg.vic.edu.au/siteassets/Whistleblower-Policy-FINAL.pdf
• [4] https://tinyurl.com/254crjqr
• [5] https://www.thegracetamefoundation.org.au/resources

Related posts:

1. Keating College Some time ago I spoke to Craig Keating about his...
2. Preventing Children from Accessing Porn The following was written by Stefano Cosentino in regard to...
3. Porn For Children James Purser writes about the current plans for Internet filtering...

Drupal Starshot: A New Challenge for Developers kanapatrick Mon, 05/20/2024 - 11:12

The world of web development is constantly evolving, and content platforms like Drupal are at the heart of this transformation. Drupal Starshot, a new initiative by Dries Buytaert, the creator of Drupal, aims to revolutionize the way developers create and manage their websites.

For a while I’d wished there was an easy way to get notified when my favourite open-source packages release a new version. I’d often see something on social media, but that tended to only be for the larger packages – and I wanted to keep up with the smaller ones too.

When I actually bothered to put five minutes of work into finding out if this was possible, I found it was pretty easy. So, here’s how to do it:

1. Go to the Github repository page for the package you’re interested in.

2. Click the down arrow next to the ‘Watch’ badge at the top right of the header:

3. Click ‘Custom’ and then tick ‘Releases’ and click ‘Apply’:

And that’s it! Now you’ll get a notification email when a new release is created on Github. Of course, this relies on the specific project using Github Releases, which not all open-source projects do, but a fairly high proportion of them seem to. After doing this you’ll get an email when there is a new release, with the details of the release and links to see it on Github. An example email for the stac-fastapi repository is below:

Update: Peter in the comments informed me that you can also get an Atom feed for use in your RSS reader by going to https://github.com/{owner}/{repo}/releases.atom. For example, this link for my Py6S package

De 27 a 30 de abril de 2024 foi realizada a MiniDebConf Belo Horizonte 2024 no Campus Pampulha da UFMG - Universidade Federal de Minas Gerais, em Belo Horizonte - MG.

Esta foi a quinta vez que uma MiniDebConf (como um evento presencial exclusivo sobre Debian) aconteceu no Brasil. As edições anteriores foram em Curitiba (2016, 2017, e 2018), e em Brasília 2023. Tivemos outras edições de MiniDebConfs realizadas dentro de eventos de Software Livre como o FISL e a Latinoware, e outros eventos online. Veja o nosso histórico de eventos.

Paralelamente à MiniDebConf, no dia 27 (sábado) aconteceu o FLISOL - Festival Latino-americano de Instalação de Software Livre, maior evento da América Latina de divulgação de Software Livre realizado desde o ano de 2005 simultaneamente em várias cidades.

A MiniDebConf Belo Horizonte 2024 foi um sucesso (assim como as edições anteriores) graças à participação de todos(as), independentemente do nível de conhecimento sobre o Debian. Valorizamos a presença tanto dos(as) usuários(as) iniciantes que estão se familiarizando com o sistema quanto dos(as) desenvolvedores(as) oficiais do projeto. O espírito de acolhimento e colaboração esteve presente em todos os momentos.

Números da edição 2024

Durante os quatro dias de evento aconteceram diversas atividades para todos os níveis de usuários(as) e colaboradores(as) do projeto Debian. A programação oficial foi composta de:

• 06 salas em paralelo no sábado;
• 02 auditórios em paralelo na segunda e terça-feira;
• 30 palestras/BoFs de todos os níveis;
• 05 oficinas para atividades do tipo mão na massa;
• 09 lightning talks sobre temas diversos;
• 01 performance Live Eletronics com Software Livre;
• Install fest para instalar Debian nos notebook dos(as) participantes;
• BSP (Bug Squashing Party - Festa de Caça à Bugs);
• Uploads de pacotes novos ou atualizados.

Os números finais da MiniDebConf Belo Horizonte 2024 mostram que tivemos um recorde de participantes.

• Total de pessoas inscritas: 399
• Total de pessoas presentes: 224

Dos 224 participantes, 15 eram contribuidores(as) oficiais brasileiros sendo 10 DDs (Debian Developers) e 05 (Debian Maintainers), além de diversos(as) contribuidores(as) não oficiais.

A organização foi realizada por 14 pessoas que começaram a trabalhar ainda no final de 2023, entre elas o Loïc Cerf do Departamento de Computação que viabilizou o evento na UFMG, e 37 voluntários(as) que ajudaram durante o evento.

Como a MiniDebConf foi realizado nas instalações da UFMG, tivemos a ajuda de mais de 10 funcionários da Universidade.

Veja a lista com os nomes das pessoas que ajudaram de alguma forma na realização da MiniDebConf Belo Horizonte 2024.

A diferença entre o número de pessoas inscritas e o número de pessoas presentes provavelmente se explica pelo fato de não haver cobrança de inscrição, então se a pessoa desistir de ir ao evento ela não terá prejuízo financeiro.

A edição 2024 da MiniDebconf Belo Horizonte foi realmente grandiosa e mostra o resultado dos constantes esforços realizados ao longo dos últimos anos para atrair mais colaboradores(as) para a comunidade Debian no Brasil. A cada edição os números só aumentam, com mais participantes, mais atividades, mais salas, e mais patrocinadores/apoiadores.

Atividades

A programação da MiniDebConf foi intensa e diversificada. Nos dias 27, 29 e 30 (sábado, segunda e terça-feira) tivemos palestras, debates, oficinas e muitas atividades práticas.

Já no dia 28 (domingo), ocorreu o Day Trip, um dia dedicado a passeios pela cidade. Pela manhã saímos do hotel e fomos, em um ônibus fretado, para o Mercado Central de Belo Horizonte. O pessoal aproveitou para comprar várias coisas como queijos, doces, cachaças e lembrancinhas, além de experimentar algumas comidas locais.

Depois de 2 horas de passeio pelo Mercado, voltamos para o ônibus e pegamos a estrada para almoçarmos em um restaurante de comida típica mineira.

Com todos bem alimentados, voltamos para Belo Horizonte para visitarmos o principal ponto turístico da cidade: a Lagoa da Pampulha e a Capela São Francisco de Assis, mais conhecida como Igrejinha da Pampulha.

Voltamos para o hotel e o dia terminou no hacker space que montamos na sala de eventos para o pessoal conversar, empacotar, e comer umas pizzas.

Financiamento coletivo

Pela terceira vez fizemos uma campanha de financiamento coletivo e foi incrível como as pessoas contribuíram! A meta inicial era arrecadar o valor equivalente a uma cota ouro de R$ 3.000,00. Ao atingirmos essa meta, definimos uma nova, equivalente a uma cota ouro + uma cota prata (R$ 5.000,00). E novamente atingimos essa meta. Então propusermos como meta final o valor de uma cota ouro + prata + bronze, que seria equivalente a R$ 6.000,00. O resultado foi que arrecadamos R$ 6.706,79 com a ajuda de mais de 100 pessoas!

Muito obrigado as pessoas que contribuíram com qualquer valor. Como forma de agradecimento, listamos os nomes das pessoas que doaram.

Bolsas de alimentação, hospedagem e/ou passagens para participantes

Cada edição da MiniDebConf trouxe alguma inovação, ou algum benefício diferente para os(a) participantes. Na edição deste ano em Belo Horizonte, assim como acontece nas DebConfs, oferecemos bolsas de alimentação, hospedagem e/ou passagens para ajudar aquelas pessoas que gostariam de vir para o evento mas que precisariam de algum tipo de ajuda.

No formulário de inscrição, colocamos a opção para a pessoa solicitar bolsa de alimentação, hospedagem e/ou passagens, mas para isso, ela deveria se identificar como contribuidor(a) (oficial ou não oficial) do Debian e escrever uma justificativa para o pedido.

Número de pessoas beneficiadas:

• Alimentação: 69
• Hospedagem: 20
• Passagens: 18

A bolsa de alimentação forneceu almoço e jantar todos os dias. Os almoços incluíram pessoas que moram em Belo Horizonte e região. Já o jantares foram pagos para os(as) participantes que também receberam a bolsa de hospedagem e/ou passagens. A hospedagem foi realizada no Hotel BH Jaraguá. E as passagens incluíram de avião ou de ônibus, ou combustível (para quem veio de carro ou moto).

Boa parte do dinheiro para custear as bolsas vieram do Projeto Debian, principalmente para as passagens. Enviamos um orçamento o então líder do Debian Jonathan Carter, e ele prontamente aprovou o nosso pedido.

Além deste orçamento do evento, o líder também aprovou os pedidos individuais enviados por alguns DDs que preferiram solicitar diretamente para ele.

A experiência de oferecer as bolsas foi realmente muito boa porque permitiu a vinda de várias pessoas de outras cidades.

Fotos e vídeos

Você pode assistir as gravações das palestras nos links abaixo:

• Youtube
• Peertube
• video.debian.net

E ver as fotos feitas por vários(as) colaboradores(as) nos links abaixo:

• Google photos
• Nextcloud

Agradecimentos

Gostaríamos de agradecer a todos(as) os(as) participantes, organizadores(as), voluntários(as), patrocinadores(as) e apoiadores(as) que contribuíram para o sucesso da MiniDebConf Belo Horizonte 2024.

Patrocinadores

Ouro:

• Collabora

Prata:

• Jedai.ai
• Toradex Brasil
• Globo.com
• Policorp Tecnologia

Bronze:

• BRDSoft - Tecnologias para TI e Telecomunicações
• EITA - Cooperativa de Trabalho Educação, Informação e Tecnologia para Autogestão

Apoiadores

• ICTL - Instituto para Conservação de Tecnologias Livres
• Nazinha Alimentos
• DACOMPSI

Organização

• Projeto Debian
• Comunidade Debian Brasil
• Comunidade Debian MG
• DCC/UFMG - Departamento de Ciência da Computação da Universidade Federal de Minas Gerais

SSH commands as API microservices 2024-05-20, by Dariusz Suchojad

This is a quick guide on how to turn SSH commands into a REST API service. The use-case may be remote administration of devices or equipment that does not offer a REST interface or making sure that access to SSH commands is restricted to selected external REST-based API clients only.

Python

The first thing needed is code of the service that will connect to SSH servers. Below is a service doing just that - it receives name of the command to execute and host to run in on, translating stdout and stderr of SSH commands into response documents which Zato in turn serializes to JSON.

# -*- coding: utf-8 -*- # stdlib from traceback import format_exc # Zato from zato.server.service import Service class SSHInvoker(Service): """ Accepts an SSH command to run on a remote host and returns its output to caller. """ # A list of elements that we expect on input input = 'host', 'command' # A list of elements that our responses will contain output = 'is_ok', 'cid', '-stdout', '-stderr' def handle(self): # Local aliases host = self.request.input.host command = self.request.input.command # Correlation ID is always returned self.response.payload.cid = self.cid try: # Build the full command full_command = f'ssh {host} {command}' # Run the command and collect output output = self.commands.invoke(full_command) # Assign both stdout and stderr to response self.response.payload.stdout = output.stdout self.response.payload.stderr = output.stderr except Exception: # Catch any exception and log it self.logger.warn('Exception caught (%s), e:`%s', self.cid, format_exc()) # Indicate an error self.response.payload.is_ok = False else: # Everything went fine self.response.payload.is_ok = True Dashboard

In the Zato Dashboard, let's go ahead and create an HTTP Basic Auth definition that a remote API client will authenticate against:

Now, the SSH service can be mounted on a newly created REST channel - note the security definition used and that data format is set to JSON. We can skip all the other details such as caching or rate limiting, for illustration purposes, this is not needed.

Usage

At this point, everything is ready to use. We could make it accessible to external API clients but, for testing purposes, let's simply invoke our SSH API gateway service from the command line:

$ curl "api:password@localhost:11223/api/ssh" -d \ '{"host":"localhost", "command":"uptime"}' { "is_ok": true, "cid": "27406f29c66c2ab6296bc0c0", "stdout": " 09:45:42 up 37 min, 1 user, load average: 0.14, 0.27, 0.18\n"} $ Note that, at this stage, the service should be used in trusted environments only, e.g. it will run any command that it is given on input which means that in the next iteration it could be changed to only allow commands from an allow-list, rejecting anything that is not recognized.

And this completes it - the service is deployed and made accessible via a REST channel that can be invoked using JSON. Any command can be sent to any host and their output will be returned to API callers in JSON responses.

Next steps

• Read more about using Python in API integrations
• Start the tutorial which will guide you how to design and build Python API services for automation and integrations

More blog posts➤

A few weeks ago (Time flies!) I attended the KDE Goals Sprint in Berlin. I didn't have concrete plans, but I intended to look into accessibility. Quite some time ago I had improved the accessibility of Kleopatra and at Akademy 2023 in Thessaloniki I gave a talk about it. Back then I had taken the easy route fixing everything directly in Kleopatra and working around several issues in Qt instead of fixing the issues in Qt itself so that all apps could profit. Time to do something about it.

(In-)Accessible icon-only buttons

A common problem for accessibility is icon-only buttons. If a button doesn't have text then screen readers can only tell their user that there's a button. That's not very helpful. Sometimes the developers have at least assigned a tool tip to the button. This can be read out by the screen readers (Qt provides the tool tip as accessible description of the button.), but it's often too verbose. To make a button without text accessible the developer has to set the accessible name property of the widget or, in case of a Qt Quick app, the name property of the Accessible QML Type. Unfortunately, that's often forgotten if the UI isn't designed with accessibility in mind.

At the sprint I discussed several ideas with other participants to help developers remember to set the accessible name:

• A helper class to instantiate in your app which inspects the app's windows and prints a report at the end with all inaccessible icon-only buttons it has found. A bit like Qt's QAbstractItemModelTester or the different compiler sanitizers. I implemented a prototype of such a class, but didn't pursue this further. The downside of this approach is that the developer needs to open each window of the app to find all inaccessible buttons. If they are already aware of the problem then it's probably easier to search the code.
• Instead of using a helper class to inspect the widget tree from the inside one could inspect the accessibility tree of the app from the outside. This could be built into our Appium-driven UI test framework so that developers don't have to do anything special. Except that they need to write UI tests that open each and every window of their app. I think it's still worth to look into this.
• Last but not least, we pondered writing a clazy test. Thinking about the many different ways a text can be set on a button (e.g. with KGuiItem::assign) we doubted that it would be feasible to write such a test.

In the end the easiest approach could be education. If the developers are aware of the problem then there's a good chance that they remember to set an accessible name the next time they add an icon-only button to their app.

Accessible date/time inputs

Volker, Carl, David, Harald and me discussed and explored some ideas to make the date and time inputs in Qt Quick apps like Itinerary accessible. In Kleopatra I resorted to allow the user to enter the date in a simple text input instead of trying to make the complex UI of KDE's date picker accessible. Read Volker's blog and David's blog to find out which solutions they found for Qt Quick apps.

A small automation interlude

One advantage of sitting with other people in the same room is that you may overhear them talking about a mistake (e.g. a faulty commit) and you know exactly how to prevent this kind of mistake in the future. In this case the problem was a missing quote character in some YAML file. And the preventive measure was adding a YAML linter CI job. While I was at it I removed some unnecessary code from the CI job and added the job to a second repository.

List views with underlying multi-column model

In several widgets that show or use a simple list of items Qt allows using a model with multiple columns, e.g. QListView, QComboBox, QCompleter. In general this works well except that Qt has a long-standing bug: When navigating through the list screen readers read the entries of the underlying model column by column instead of reading only the entries in the selected model column (QTBUG-33786). In Kleopatra I worked around this bug with a proxy model which pretended that the model only had one column.

During the sprint I finally sat down and prepared a fix for Qt. For better readability I split my changes in five separate commits which resulted in five separate patches for Qt: 556857, 556858, 556859, 556860, 556861. Being used to multi-commit MRs in GitLab I wondered if I had done something wrong when I submitted my changes, but apparently that's Gerrit's way of handling patch reviews. The first two commits are code clean-ups, the third commit changes one aspect of the accessibility test for list views, the fourth commit is the actual fix, and the fifth commit adds a few more unit tests I find useful. The first three commits have been merged, but the actual fix is still waiting for a review.

After that I looked into the problem that QListView emitted an accessibility focus event when the current item changed even if the list view didn't have focus. I found out that this had been fixed recently by a fellow Qt contributor who ran into the same problem independently of me. This meant that I could remove the workaround in Kleopatra for new enough Qt.

Thanks to MBition for hosting us and to Aleix for making sure we don't starve. And many thanks to those donating to KDE which makes these sprints possible.

Links and References For My PyCon US Keynote

It’s another year, and that means it’s time for another PyCon US. This event offers an opportunity to bring together a vibrant and diverse community of engineers, data scientists, researchers, students, and enthusiasts who use the Python programming language for work and for fun.

It also presents a unique opportunity to highlight entrepreneurs building the future of the Python ecosystem. 2024 marks the thirteenth year that PyCon US has invited early-stage companies to present their ventures on Startup Row. Tools and platforms like Pandas, Plotly, and more—now fixtures of the Python software ecosystem—were built by companies that were featured on Startup Row. And with each new year there’s an opportunity to catch a glimpse of what’s next.

PyCon US organizers and the Python Software Foundation are thrilled to welcome seven companies to Startup Row at PyCon US 2024.The Startup Row Lineup at PyCon US 2024DAGWorks

Alexander Hamilton and Aaron Burr might’ve been historic rivals, but the two open-source Python libraries named after them—Hamilton and Burr—work together quite nicely. The company behind Hamilton and Burr, DAGWorks, was founded with the goal of standardizing the way developers build data, LLM, and RAG pipelines, as well as managing and observing application state; both libraries also come with optional self-hosted UIs. Hamilton is the older of the two projects and is used in production by many companies, from banks to startups, to government departments, through to enterprise conglomerates. DAGWorks is based in the San Francisco Bay Area and was founded by Hamilton and Burr co-creators Stefan Krawczyk and Elijah ben Izzy, who previously worked together at Stitch Fix where they built the styling service’s MLOps stack. DAGWorks participated in Y Combinator’s Winter 2023 accelerator batch.

Dispatch

Building and maintaining distributed systems is a complex and often frustrating exercise. A given function might go rogue, either firing too frequently or silently failing to execute when needed. Dispatch is a startup aiming to make building reliable distributed systems a breeze. Its platform offers developers the ability to make any async function resumable by simply wrapping it with a @dispatch.function decorator, enabling durable workflows and robust error handling. Quoting a customer, ““I love the API design, just tuck in a decorator and you’re done, almost feels like cheating!” The company was founded by engineers with experience building high-scale distributed systems at companies like Meta, Segment, and Twilio, among others.

dltHub

Dealing with data can be a chore for developers. One has to actually get the data, clean it up, and that data has to get loaded somewhere for it to be useful. At least for that last step, there’s dlt (a.k.a. data load tool), an open source Python library that takes the hassle out of shepherding data from one place to another. The library features out of the box integrations for dozens of verified data sources and destinations, making it easy to fetch data from places like Facebook Ads, Pandas dataframes, or even Chess.com and then load data into destinations ranging from Databricks and Snowflake to Postgres and DuckDB. dltHub, the company behind the popular dlt library, is based in Berlin and New York City. “Today it is easier to pip install dlt and write a custom source in Python than to setup and configure a traditional ETL platform,” said CEO and co-founder Matthaus Krzykowski. The startup is backed by Dig Ventures and technical founders from companies like Huggingface, Miro, Matillion, and others.

Exaloop

What gets called “big” data is constantly shifting. Not too long ago, anything over a handful of gigabytes was pretty big. Now, working datasets can be several orders of magnitude larger, which presents a challenge for data scientists and developers who just want to write Python. Enter Exaloop. The MIT spinout company’s platform enables data scientists and engineers to write and run Python workflows that execute extremely fast (10x-100x faster than vanilla Python), even when dealing with truly massive data. The secret sauce: Codon, a high-performance Python compiler that uses LLVM. Codon has garnered a fair bit of attention from the developer community, racking up nearly 14,000 stars on Github. The company is planning to release a new entirely cloud-based platform, enabling users to leverage Exaloop’s tech and performance benefits conveniently within a browser window.

Pandas AI

Data analysis packages like Pandas are, to most users, pretty intuitive. Someone with a bit of Python knowledge can get the hang of these tools pretty quickly. But not everyone knows Python, and many others find the prospect of writing code intimidating. For those who prefer to ask questions rather than write complex queries, there’s PandasAI. PandasAI allows users to connect to a database or import a CSV, making data interaction conversational. “We want to make it easy for anyone, in any company, to be able to derive valuable insights from data. That shouldn’t be limited to a small team of engineers and analysts,” said PandasAI founder and CEO Gabriele Venturi. Users can write queries in natural language (e.g. “In my database of ecommerce transactions, which customer Id appears most often?”) and even command PandasAI to plot out the data they’re analyzing. The library is compatible with several LLM providers and model variants, reducing the risk of model lock-in. PandasAI is open source and has over 11,000 stars on Github. The company participated in Y Combinator’s Winter 2024 batch.

Pixee

When it comes to application security, many developers wish for the equivalent of magical fairy dust they can sprinkle on their codebase to fix bugs and vulnerabilities. Pixee is about as close as developers can get to that magical fairy dust. The D.C. metro area-based security startup is the maker of Pixeebot, a virtual security engineer that automatically triages and fixes potential security issues before they can be exploited in production. The bot is built on Codemodder, an open source framework created and maintained by Pixee, that can find and fix issues in Python and Java. Pixee intends to extend language support to JavaScript, and Node.js in the near future'

Trellis

There’s nothing better than clean, well-structured data. It’s easy to query, easy to work with, and easy to add value to any enterprise or personal use case. The problem is that data rarely comes so neatly packaged. Trellis helps developers ingest and extract insights from unstructured data sources like sales calls, regulatory filings, business contracts, large-scale web scrapes, and more. Trellis users can define their data schema in natural language, which is transformed into a structured SQL format that can integrate with hundreds of data sources and LLM-augmented workflows. The company is based in San Francisco and participated in Y Combinator’s Winter 2024 accelerator batch.

A Quick Look Back at 2023’s Startup Row Alumni

Startup founders make no small plans. Startups are inherently risky and not all are destined for greatness, but the 2023 batch of Startup Row companies seems to be on the path to success.

• 🦄 Imbue, a generative AI company developing agentic models that can reason and code, raised $200M+ in Series B funding at a $1B+ valuation. Investors in that deal include NVIDIA, Astera Institute, Notion co-founder Simon Last, and former Cruise CEO Kyle Vogt, among others. The company was formerly known as Generally Intelligent.
• Neptyne continued expanding its Python-included spreadsheet tools and launched a Google Sheets extension that brings real, live Python to Google’s spreadsheet software. Neptyne also launched API integrations, giving its users credits to call OpenAI, Bing web search, web page rendering through PhantomJsCloud, Google’s geocoder, and financial information within their spreadsheet environments.
• Nixtla released TimeGPT (ArXiv). Considering the company’s whole raison d'être is building time series data modeling and projection tools, this seems like a great use of transformer models’ next-token prediction capabilities. Nixtla’s open source tools continue to gain popularity.
• ❄️ Ponder Data, maker and maintainer of Modin, was acquired by Snowflake to expand the Python capabilities of its data cloud platform. Modin is used by hundreds of thousands of users and serves as a drop-in replacement for the ever popular Pandas library.
• Predibase. A month or so after PyCon 2023, the company announced that it had raised another $12.2 million from Felicis Ventures to bring total Series A funding up to $28M. In November the company released its LoRA Exchange (LoRAX) framework to the open source community under an Apache 2.0 license. According to Predibase’s announcement, “[the framework] makes it possible to serve hundreds of fine-tuned LLMs at the cost of one GPU with minimal degradation in throughput and latency.” In February the company launched LoRA Land, an LLM playground featuring 25 fine-tuned open source LLMs that “rival or outperform GPT-4” on specific tasks.
• Reflex is the new name of the company formerly known as Pynecone, and its open-source web application framework is garnering more attention than ever. Back in August the YC alumni company announced that it raised $5M in seed funding led by Lux Capital to continue building out its platform and develop and launch a revenue-generating hosting service for Reflex apps. The company’s open source framework has over 17,000 stars on Github.
• Wherobots, a geospatial data platform founded by the creators of Apache Sedona, announced $5.5 million in seed funding to build out its enterprise platform. Apache Sedona has been downloaded over 20 million times and is among the top one percent of most-downloaded packages on PyPI.

Needless to say, we’re pleased to be at least a small part of these companies’ ongoing success.

Thank You’s & AcknowledgementsStartup Row is made possible by the trust, logistical support, and tireless efforts of countless folks.
A heartfelt thanks goes out to the organizers and volunteers who work diligently to ensure PyCon US is a positive and engaging event, both in-person and virtually.
We also extend our gratitude to the many entrepreneurs who, despite their undoubtedly busy schedules, applied to Startup Row. Your time and attention are valuable, and we appreciate the thought you put into your applications.
A special thanks goes to the selection committee. Scoring such a competitive applicant pool is a significant commitment, and their time and expertise is greatly appreciated.
Lastly, our deepest thanks to the 7 companies that traveled to Pittsburgh to share their innovations with over 2,700 PyCon US attendees. Thank you all once again.

This is a brief overview of the project that I will be doing this summer as part of Google Summer of Code. As the title of this post says, I will create Python bindings for KDE Frameworks. There are more than 70 libraries, so the aim is to add support for three of them: KWidgetsAddons, KCoreAddons and KI18n. As predicting how much time we’ll need for each one is a little bit complex, I might end adding support to other libraries if the time allows.