FLOSS Project Planets

Python for Beginners: Arithmetic Sequence In Python

Planet Python - Tue, 2022-02-01 09:10

You might have heard about arithmetic sequences and geometric sequences in your mathematics classes. In this article, we will discuss arithmetic sequences. We will also implement programs to perform different operations on an arithmetic sequence in Python.

What is An Arithmetic Sequence?

An arithmetic sequence is a sequence of numbers in which any two consecutive numbers have a fixed difference. This difference is also known as the common difference between the terms in the arithmetic sequence. 

For example, 3,5,7,9,11,13,… is an arithmetic sequence with a common difference of 2 between consecutive terms.

Nth Term In An Arithmetic Sequence

If we are given the first term A1 and the common difference D, we can write the second term as A1+D, the third term as A1+2D, the fourth term as A1+3D, and so on. The Nth term will be written as A1+(N-1)D To find the Nth term of an arithmetic sequence in python, we can simply add the common difference (N-1) times to the first terms A1 using a for loop as follows.

commonDifference = 2 print("Common Difference in the arithmetic sequence is:", commonDifference) firstTerm = 3 print("First term in the arithmetic sequence is:", firstTerm) # calculating 100th term N = 100 nthTerm = firstTerm for i in range(1, N): nthTerm = nthTerm + commonDifference print("100th term in the arithmetic sequence is:", nthTerm)

Output:

Common Difference in the arithmetic sequence is: 2 First term in the arithmetic sequence is: 3 100th term in the arithmetic sequence is: 201

Alternatively, we can directly calculate the Nth term using the formulae as follows.

commonDifference = 2 print("Common Difference in the arithmetic sequence is:", commonDifference) firstTerm = 3 print("First term in the arithmetic sequence is:", firstTerm) # calculating 100th term N = 100 nthTerm = firstTerm + (N - 1) * commonDifference print("100th term in the arithmetic sequence is:", nthTerm)

Output:

Common Difference in the arithmetic sequence is: 2 First term in the arithmetic sequence is: 3 100th term in the arithmetic sequence is: 201 Sum Of N Terms In An Arithmetic Sequence In Python

To find the sum of N terms in an arithmetic expression, we can simply add each term using a for loop. In the for loop, we will first find each term using the formulae discussed above. After that, we will add the each term to calculate the sum of N terms as follows.

commonDifference = 2 print("Common Difference in the arithmetic sequence is:", commonDifference) firstTerm = 3 print("First term in the arithmetic sequence is:", firstTerm) # calculating sum of 50 terms N = 50 sumOfTerms = 0 for i in range(1, N + 1): ithTerm = firstTerm + (i - 1) * commonDifference sumOfTerms = sumOfTerms + ithTerm print("Sum of 50 terms in the arithmetic sequence is:", sumOfTerms)

Output:

Common Difference in the arithmetic sequence is: 2 First term in the arithmetic sequence is: 3 Sum of 50 terms in the arithmetic sequence is: 2600

Alternatively, we can also derive a mathematical expression for calculating the sum of N terms of the arithmetic sequence. 

We know that the sum of N numbers will be equal to  N * (average of all the terms). Here, we can find the average of all the terms very easily. 

For an arithmetic sequence with the first term A1 and the Nth term AN, the average of all the terms is defined as (A1+AN)/2. As A1 and common difference D will be given in the program, we can find AN= A1+ (N-1)*D.

Hence, the average of all the numbers in the arithmetic sequence will become (2A1+ (N-1)*D)/2.

Subsequently, the sum of N terms of the arithmetic sequence will become N*((2A1+ (N-1)*D)/2).

We can calculate the sum of N terms in the arithmetic equation using this formula in python as follows.

commonDifference = 2 print("Common Difference in the arithmetic sequence is:", commonDifference) firstTerm = 3 print("First term in the arithmetic sequence is:", firstTerm) # calculating sum of 50 terms N = 50 sumOfTerms = (N * (2 * firstTerm + (N - 1) * commonDifference)) // 2 print("Sum of 50 terms in the arithmetic sequence is:", sumOfTerms)

Output:

Common Difference in the arithmetic sequence is: 2 First term in the arithmetic sequence is: 3 Sum of 50 terms in the arithmetic sequence is: 2600 Conclusion

In this article, we have discussed the basics and formulas of arithmetic sequences. We have also performed different operations like finding the Nth term and finding the sum of N terms of an arithmetic sequence in python. To learn more about numbers in python, you can read this article on decimal numbers in python. You might also like this article on complex numbers in python.

The post Arithmetic Sequence In Python appeared first on PythonForBeginners.com.

Categories: FLOSS Project Planets

Real Python: Python's len() Function

Planet Python - Tue, 2022-02-01 09:00

In many situations, you’ll need to find the number of items stored in a data structure. Python’s built-in function len() is the tool that will help you with this task.

There are some cases in which the use of len() is straightforward. However, there are other times when you’ll need to understand how this function works in more detail and how to apply it to different data types.

In this course, you’ll learn how to:

  • Find the length of built-in data types using len()
  • Use len() with third-party data types
  • Provide support for len() with user-defined classes

[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]

Categories: FLOSS Project Planets

Russell Coker: First Flounder Meeting

Planet Debian - Tue, 2022-02-01 05:09

Based on a comment from my previous post [1] I have named the new FOSS group for Australia and NZ Flounder. Here is the link to the agenda for the first meeting [2].

I am currently using a DNS name in my own domain for the group, but in the near future I’ll move it to somewhere else under a zone I don’t control. My aim is not to have personal control but to create an organisation for the community. But at the moment I’m just doing things in the fastest way possible, I will setup HTTP redirects when I get a better DNS name.

Related posts:

  1. Recruiting at a LUG Meeting I’m at the main meeting of Linux Users of Victoria...
  2. Pre-Meeting Lightning Talks This evening I arrived at the LUV [1] meeting half...
  3. Debian Lunch Meeting in Melbourne and BSP This afternoon we had a Debian meeting in Melbourne (Australia)...
Categories: FLOSS Project Planets

Web Omelette: PHP 8 attributes: Drupal 9 plugin discovery proof of concept

Planet Drupal - Tue, 2022-02-01 04:06

In this article I am going to show you an example use case of PHP 8 attributes in Drupal: creating a POC for a plugin discovery mechanism that works alongside the existing ones.

Categories: FLOSS Project Planets

Vardot: How to Choose the Best CMS for a Website (Infographic)

Planet Drupal - Tue, 2022-02-01 03:09
Image How to Choose the Best CMS for a Website (Infographic) Image Rashed Azzam Position Tuesday, February 1, 2022 - 19:37 Teaser image How to Choose the Best CMS for a Website Join the conversation + Comments Solutions by need Enterprise CMS Drupal Managed Services Related services Web Development Digital Strategy Digital Marketing Support and Maintenance Drupal Migration and Upgrades Product Varbase Vardoc Uber Publisher Vote up! 0 claps
Categories: FLOSS Project Planets

Django Weblog: Django security releases issued: 4.0.2, 3.2.12, and 2.2.27

Planet Python - Tue, 2022-02-01 02:57

In accordance with our security release policy, the Django team is issuing Django 4.0.2, Django 3.2.12, and Django 2.2.27. These release addresses the security issues detailed below. We encourage all users of Django to upgrade as soon as possible.

CVE-2022-22818: Possible XSS via {% debug %} template tag

The {% debug %} template tag didn't properly encode the current context, posing an XSS attack vector.

In order to avoid this vulnerability, {% debug %} no longer outputs an information when the DEBUG setting is False, and it ensures all context variables are correctly escaped when the DEBUG setting is True.

Thanks Keryn Knight for the report.

This issue has severity "medium" according to the Django security policy.

CVE-2022-23833: Denial-of-service possibility in file uploads

Passing certain inputs to multipart forms could result in an infinite loop when parsing files.

Thanks Alan Ryan for the report.

This issue has severity "medium" according to the Django security policy.

Affected supported versions
  • Django main branch
  • Django 4.0
  • Django 3.2
  • Django 2.2
Resolution

Patches to resolve the issue have been applied to Django's main branch and to the 4.0, 3.2, and 2.2 release branches. The patches may be obtained from the following changesets.

CVE-2022-22818:

CVE-2022-23833:

The following releases have been issued:

The PGP key ID used for this release is Mariusz Felisiak: 2EF56372BA48CD1B.

General notes regarding security reporting

As always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance or the django-developers list. Please see our security policies for further information.

Categories: FLOSS Project Planets

First Blog Post for SoK 2022!

Planet KDE - Tue, 2022-02-01 02:33

About Me

I’m Srirupa Datta, a third year undergraduate studying Electrical Engineering at Jadavpur University, India. This year, I have decided to take part in Season of KDE and will be working on extending the Ellipse Assistant Tool to add support for Perspective Ellipse in Krita.

My Introduction to Qt and Krita

As a painter who also likes software development, I first came across Krita when I was looking for digital painting applications on Windows. Later on, I learned about open source and decided to start contributing as a way to build my development skills while working on something that I myself use. I spent the last few months of 2020 building Krita, first in Windows (a nightmare :P), then in Linux, and started learning Qt since I was already familiar with some basic C++ from school.

Since then, I have fixed some minor bugs in my free time, including Warn when exporting layers with multiple transparency masks into .psd and Convert Colorize Mask to Paint Layer before splitting layers. After becoming somewhat familiar with Krita’s huge codebase, I started looking for something more challenging to implement and came across this Feature request: Circle in a Square Assistant Tool .

Once I learnt about Season of KDE, I decided to apply for it and cooked up a proposal to implement this feature request and Halla was kind enough to agree to mentor me!

Project Details Overview

This project aims to create a tool that is essentially an adjustable four corner mesh that always has an ellipse inside it which touches the sides, in order to draw ellipses in perspective with ease. The attachment below, provided by Hector demonstrates how the tool is supposed to work:

Benefit

Developing this tool would make it easier to draw ellipses in perspective. Currently, to draw a circle in a square with the ellipse tool, one needs to draw the diagonals of the square and correctly align the axis of the ellipse to the square, which is rather complicated since it takes time to set a concentric ellipse with the current ellipse tool. With the circle in a square tool, one just needs to set the four corners of the square. Hector, who created this feature request is also willing to test this feature while it’s being developed!

Categories: FLOSS Project Planets

Tryton News: Newsletter February 2022

Planet Python - Tue, 2022-02-01 02:00

Time goes by and improvements to Tryton continue to be made. Here you can find the latest changes which have been included in the last month.

Changes for the User

The forecasts are now used for all supply calculations instead of only the purchase requests.

In the web client, the list of tabs no longer wraps on large screens but scrolls horizontally and each tab entry takes up the full width on small screens.

We now calculate an early date for the partial quantity if there isn’t one for the full quantity.

It is no longer possible to close (or remove) the type of an account that is already used in account move lines.

The auto-detection of CSV headers now stops on the first error in the web client.

We now support editing Shopify orders.

The accounts can have another type when their balance is a credit. This is the opposite of the existing debit type.

We do not create any more dunning for lines with pending payment.

Production orders with missing early moves are no more proposed for early planning.

We renamed the split lines accounting wizard into reschedule lines to be less confusing.

Changes for the System Administrator

The country module supports pycountry version 22.1.10.

We mirror the geonames zip files and use our mirror by default. This was needed because the original host has frequent downtime.

We removed the entropy check on user password. We found that it was not a good way to enforce good password. We recommend to use the forbidden list instead.

Changes for the Developer

We process sales for Shopify asynchronously as it can be quite slow due to the Shopify rate limit.

The view_id is now set in the context when parsing the view. So it can be used to apply attributes depending on the view in ModelView.view_attributes.

We replaced the deepcopy of the JSON-RPC result in the desktop client by a faster implementation based on the json types.

The country module can now load subdivisions with unknown types. This was needed to support future versions of pycountry.

The ORM uses now the already cached data to instantiate relational target records for which the context depends on other fields. This optimization prevents extra SQL queries for most of the cases.

The stock margin report retrieves the product’s unit from the SQL query instead of using a Function field which was triggering a second execution of the table query.

We replaced the back-off time on Shopify API calls by an automatic retry loop. This allows to make the first calls quickly until it consume the available bucket.

The board action domain is now limited to active_id and active_ids and they are stored in a dedicated _actions dictionary.

We added on ir.ui.view the view_get RPC method which can be used by the board to support inheritance like the other views.

The xpath inheritance of views applies now on all matching elements (instead of only the first) by default.

1 post - 1 participant

Read full topic

Categories: FLOSS Project Planets

Junichi Uekawa: Already February.

Planet Debian - Tue, 2022-02-01 01:59
Already February. Surprising. I've been practicing Rust every day and I am getting more comfortable with Rust the language now.

Categories: FLOSS Project Planets

Specbee: Top Drupal 9 Modules You Absolutely Need For your Drupal Project

Planet Drupal - Tue, 2022-02-01 01:37
Top Drupal 9 Modules You Absolutely Need For your Drupal Project Shefali Shetty 01 Feb, 2022

We get it. You want every single one of the amazing features you’ve heard about with Drupal 9. When you’re talking about features, you’re talking about modules. And picking your modules is the next thing you do after installing Drupal 9 so it’s really one of the first major decisions you’ll have to make.

Of course, it isn’t as simple as it sounds (it never is). Drupal 9 is powered by its ever-growing open-source community who work hard to develop thousands of modules that can enhance and extend the functionality of a Drupal website. Choosing between a googleplex of Drupal 9 modules can be an endeavor. Surely there’s a better way than just guessing which modules will serve your needs…? Well, no, not really. But we do have this handy list of recommended modules and best practices when choosing modules straight from our Specbee developers. 
 
Let’s dive into a short list of top Drupal 9 modules you must have to build great digital experiences. And right after that, we’ll talk about how to pick your Drupal modules.

Admin Toolbar Module

The Drupal Admin Toolbar module is extremely useful for site admin and site builder navigation. It’s not that the default Toolbar isn’t useful, but it’s not as user friendly. This module extends the functionality of the toolbar by offering drop-down menus that allow easy access to various admin pages. It also offers a submodule to extend its functionality called Admin Toolbar Extra Tools. This submodule adds even more helpful links to the admin menu to perform tasks like flush cache, run cron and more.

Paragraphs Module

If you’re hoping to stave off any complaints from your content producers, put power in the hands of content authors and editors by allowing them to create flexible and structured content easily with the Drupal 9 Paragraphs Module. They can now easily add various paragraphs field types like images, text blocks, quotes, slideshows, videos and so much more.

Using the familiar node edit form, they can add/play around with paragraph items and place them wherever they want to. It also offers widgets which will allow drag and drop functionality, duplicating paragraphs and many other features that can elevate user experience while working with the Paragraphs module.

Webform Module

This is one of the most essential and versatile Drupal 9 modules. So much so that it’s always on our recommended-modules-list. Almost every website needs a contact form or a survey form or a feedback form – some way for a visitor to interact. The Drupal 9 Webform Module is a rich form builder that is easily customizable and extendable. It allows you to collect form data, send it to third-party applications or send emails to admins or users. You can also export this data to spreadsheets for further analysis. And, really, we’re just scratching the surface. There’s so much more the Webform module offers that it probably deserves its own post.

Layout Builder

Content editors and site builders can choose from a predefined set of layouts and use them to build pages easily with Layout builder. Note that you’ll need to enable this core module in Drupal 9 to use it. It has a WYSIWYG layout user interface with drag and drop functionality, making it extremely user friendly and customizable, even to novice users. Its real time preview functionality makes it a unique and powerful page building tool. You can even extend Layout builder’s functionalities easily when you integrate it with these modules.

Devel Module

The Drupal Devel module is a very handy tool for developers and site admins. It is widely used for testing purposes because of its ability to generate a lot of content for nodes, comments, users and various content types and entities. It also allows developers to debug any problems with node access. Page footers can be added for all pages with the help of its submodule called Webprofiler. Webprofiler gives the site admins basic analytics about the caching abilities, database queries, resource utilization and much more.

Twig Tweak Module

If you’re a developer working with complex twig templates, the Twig tweak module will be your best friend. This module provides a range of functions and filters that will not only ease, but enhance the development experience. It also helps developers write well-formatted code that’s easy to comprehend. Learn how to install and work with the twig tweak module here.

Drupal GraphQL Module

GraphQL is a modern querying language that replaces old school languages (like REST) to communicate with APIs. It’s faster and only shows the results you are looking for – as opposed to all the unwanted baggage that comes with a REST API call. The Drupal GraphQL module enables your Drupal website to create GraphQL schemas and expose Drupal entities with GraphQL client applications.

Redirect and Pathauto Module

Nobody likes broken links, especially our friends at Google (maybe not friends… more like acquaintances). If you’ve changed your URL structure or have opted not to serve that content anymore, you can avoid making the internet angry with the help of the Redirect module for Drupal 9. This super helpful module makes creating URL redirects easy.

Beyond proper redirects, having well-structured URLs not only improve the user experience, but are also vital for search engine optimization. The Drupal Pathauto module is definitely a must-have module in every Drupal project. It helps in automatically generating those SEO friendly and well-structured URLs. Site admins can also change the pattern system by changing the tokens it uses.

Google Analytics

This is probably the most obvious, but the Drupal Google Analytics module adds Google analytics tracking system to your website. Using this Drupal module, all features of Google analytics can be accessed and integrated with your website. It allows for domain tracking, users tracking, monitoring tracked links, monitoring downloaded files, site search, Adsense support and much more.

Things to Remember while choosing your Drupal 9 modules

The upside/downside to any open source system is the amount of choice you have. Whether it’s personalization modules, social media integration modules, marketing automation modules or any other module, you can always find more than one for each functionality. Here’s what you should keep in mind before choosing which to use:

Compatibility

Before you download a module, you should know if it is going to be compatible with your version of Drupal. To find out what version of the module has been released in, you can go to the module’s project page on Drupal.org and scroll right to the end where you will see the download link and find the release versions specified. If it isn’t specified, go to http://drupal.org/project/Modules/name and filter by Core compatibility.

They’re free but they consume space

One thing to keep in mind is that although the contributed Drupal modules are free of cost, they are not bulk-free. Unused modules can unnecessarily consume a lot of space and resources which can make your Drupal website heavier and slower. So, before you download a module, analyze if you really need it or if any other core module you already use can perform the same functionality for your website. Don’t hesitate to abandon those hardly used and inactive modules to make your website healthier and light.

Actively Maintained Modules

It is very important to choose modules that are actively maintained, updated and published by the developers. Mostly because if you run into any security vulnerabilities or any other issues you’ll likely get a quicker response from the developer/contributor. Also, you’ll have a much better chance that an updated version will be on its way soon.

Popularity

It may seem obvious, but using popular modules usually means you can trust the module to do the job securely and with less issues. In the module’s project page on Drupal.org, you can see the number of downloads and how many websites are currently using that particular module.

Look out for issues

On the right side of the Drupal module’s project page, you can find the number of issues and bugs (open and closed) associated with that module. Clicking on the link will show you a detailed report of all bugs and issues which will help give you a sense if the module will provide the functionality you’re looking for. The ‘Last Updated’ date can also give you an idea of how responsive the developers are in solving issues.

A Drupal website’s functionalities are extended and boosted with the help of the various modules that are contributed by Drupal’s open-source community. Making the right choice of Drupal 9 modules that needs to do exactly what you want is a daunting task. We are a Drupal Development Company with a highly experienced team of Acquia certified developers who can help you make the right choice and enhance the capabilities of your Drupal website. Contact us for more information.

Drupal Planet Drupal 9 Module Drupal Module Subscribe to our Newsletter Now Subscribe Leave this field blank

Leave us a Comment

  Recent Blogs Image Top Drupal 9 Modules You Absolutely Need For your Drupal Project Image Personalizing the Website Experience for Visitors Using the Drupal 9 Smart Content Module Image How to Prepare for a Drupal 9 Migration - A Checklist Want to extract the maximum out of Drupal? TALK TO US Featured Success Stories

A Drupal powered multi-site, multi-lingual platform to enable a unified user experience at SEMI

Great Southern Homes, one of the fastest growing home builders in the United States, sees greater results with Drupal 9

Upgrading and consolidating multiple web properties to offer a coherent digital experience for Physicians Insurance

View all Case Studies
Categories: FLOSS Project Planets

Dirk Eddelbuettel: #35: apt install rstudio quarto

Planet Debian - Mon, 2022-01-31 22:32

Welcome to the 35th post in the ravishingly rabiant R recommendations, or R4. Today’s post is about apt and R tools.

Many of us have been running RStudio off our local machines for as long as binaries have been provided. Which is by now probably a bit over a decade. Time flies.

And as nice it is to have matching binaries, in my case in the .deb format used on Debian or Ubuntu, it is wee bit a painful to manually download a file and then install it. Twice the pain if you are lucky enough to be on a system where you can also run RStudio Server. And now three times as painful as you may need a matching quarto-cli binary for the nice quarto service.

So wouldn’t it be nice to have an apt-getable repo? And to autoMAGICall get updated versions when they are available? Oh yes. And I had been bugging JJ from day one. And JJ would almost listen intendly, nod briefly and firmly, and issue an assured we will look into it. Well, they are still looking…

Luckily, years ago, Carl wrote a helper script for our use in Rocker. I promptly adopted these and kept them in the littler examples directory as a pair of script getRStudioDesktop.r and getRStudioServer.r, later complemented by getQuartoCli.r. And I used these for years, somewhere between weekly and monthly.

But it is still very manual: three script calls, one sudo dpkg -i call. And as our good friends at RStudio don’t seem to be coming forward with a repo, I created one at GitHub thinking I could serve the files via GitHub Pages. Which … of course I cannot as the .deb file for rstudio is well above the 100mb limit. So that seemed to be a bit of a setback. But after a bit of pondering, and recognizing that I am now in the fortunate position to have symmetric broadband access at home, I reckoned that until the bandwidth use gets excessive I will serve this as ‘truly personal package archive’ (or tPPA) from here. Note that this is calibrated for my use so Ubuntu amd64 it is. Nothing else. And that it installs ‘dailies’. Which may cause issues for some people. You have warned. Reading tis paragraphs signifies agreement with the terms and limitations. Just kidding.

A quick screenshot from an update earlier is here. Note that I use the fabulous wajig wrapper by Graham Williams here as my frontend to apt, dpkg and more as I have for even longer than I have use RStudio. Its use is tangential here; sudo apt upgrade would have done the same (and is essentially being called). And it demonstrates the main benefit: we are now automated as the cron scheduler launches an update of the PPA at which ever frequency you chose (currently twice a week for me) and after that it becomes part of the normal apt updates we do anyway (and which I do about daily). So that’s main gist: automated apt upgrades of rstudio, rstudio-server, and quarto-cli.

And you can find the underlying code in the GitHub repo ppa-rstudio which I put together a good week ago. I am currently updating the ‘tPPA’ twice a week from crontab and have had two full upgrades already.

And who knows, maybe with a bid of prodding RStudio may come around. One can always hope.

If you like this or other open-source work I do, you can sponsor me at GitHub.

This post by Dirk Eddelbuettel originated on his Thinking inside the box blog. Please report excessive re-aggregation in third-party for-profit settings.

Categories: FLOSS Project Planets

Wingware: Wing Python IDE Version 8.1.3 - February 1, 2022

Planet Python - Mon, 2022-01-31 20:00

Wing 8.1.3 adds support for using Unreal Engine with Wing, writes a preconfigured wingdbstub.py when creating new projects, expands Run Arguments and other dialog fields, correctly finds printers on Linux, and fixes a number of code analysis problems and other minor issues.

See the change log for details.

Download Wing 8 Now: Wing Pro | Wing Personal | Wing 101 | Compare Products


What's New in Wing 8.1

Support for Containers and Clusters

Wing 8 adds support for developing, testing, and debugging Python code that runs inside containers, such as those provided by Docker and LXC/LXD, and clusters of containers managed by a container orchestration system like Docker Compose. A new Containers tool can be used to start, stop, and monitor container services, and new Docker container environments may be created during project creation.

For details, see Working with Containers and Clusters.

New Package Management Tool

Wing 8 adds a new Packages tool that provides the ability to install, remove, and update packages found in the Python environment used by your project. This supports pipenv, pip, and conda as the underlying package manager. Packages may be selected manually from PyPI or by package specifications found in a requirements.txt or Pipfile.

For details, see Package Manager .

Improved Project Creation

Wing 8 redesigns New Project support so that the host, project directory, Python environment, and project type may all be selected independently. New projects may use either an existing or newly created source directory, optionally cloning code from a revision control repository. An existing or newly created Python environment may be selected, using virtualenv, pipenv, conda, or Docker.

Improved Python Code Analysis and Warnings

Wing 8 expands the capabilities of Wing's static analysis engine, by improving its support for f-strings, named tuples, and other language constructs. Find Uses, Refactoring, and auto-completion now work within f-string expressions, Wing's built-in code warnings work with named tuples, the Source Assistant displays more detailed and complete value type information, and code warning indicators are updated more cleanly during edits.

And More

Wing 8 also adds support for Python 3.10, native executable for Apple Silicon (M1) hardware, a new Nord style display theme, reduced application startup time, support for Unreal Engine, Delete Symbol and Rename Current Module refactoring operations, improved debug stepping and exception handling in async code, and much more.

For a complete list of new features in Wing 8, see What's New in Wing 8.


Try Wing 8 Now!

Wing 8 is an exciting new step for Wingware's Python IDE product line. Find out how Wing 8 can turbocharge your Python development by trying it today.

Downloads: Wing Pro | Wing Personal | Wing 101 | Compare Products

See Upgrading for details on upgrading from Wing 7 and earlier, and Migrating from Older Versions for a list of compatibility notes.

Categories: FLOSS Project Planets

Paul Wise: FLOSS Activities January 2022

Planet Debian - Mon, 2022-01-31 19:23
Focus

This month I didn't have any particular focus. I just worked on issues in my info bubble.

Changes Issues Review Administration
  • Debian BTS: unarchive/reopen/triage bugs for reintroduced packages
  • Debian servers: ping folks about mail forwarding issues
  • Debian wiki: unblock IP addresses, approve accounts
Communication
  • Respond to queries from Debian users and contributors on the mailing lists and IRC
Sponsors

The oci-cli, oci-python-sdk, circuitbreaker, autoconf-archive, libpst, purple-discord, sptag work was sponsored. All other work was done on a volunteer basis.

Categories: FLOSS Project Planets

Python⇒Speed: Finding leaked secrets in your Docker image with a scanner

Planet Python - Mon, 2022-01-31 19:00

If you’re not careful, you can end up with a private SSH key, AWS access token, or password embedded in your Docker image. That means anyone who access the image will be able to get that secret, and potentially use it to gain further access to additional systems.

While you can and should take steps to prevent leaking secrets in the first place, it’s still useful to catch leaks if they do happen. If you can catch the leak before you push the image to a remote registry, no harm done.

That’s where a secrets scanner comes in handy: it can automatically catch secrets, up to a point anyway.

Recap: how secrets get leaked in Docker images

Here’s an example of a Dockerfile that leaks secrets two ways: with build args, and by copying secrets in. You can view the former with docker image history, and the latter is available in the image much in the way old commits are accessible in a Git repository, accessible for example via docker image save. (For more details, and the secure alternative, see my article on Docker build secrets.)

FROM busybox # Copy in SSH private key, then delete it; this is INSECURE, # the secret will still be in the image. COPY id_dsa . RUN rm id_dsa # Accept a secret as build arg. This is INSECURE. ARG mypassword RUN echo $mypassword

I build the image:

$ docker build --build-arg mypassword=XW835S3d20-3432S%K@345 -t bad-secrets .

And now this image has leaked two secrets, a build argument (“XW8…”) and a SSH private key.

Note: Outside any specific best practice being demonstrated, the Dockerfiles in this article are not examples of best practices, since the added complexity would obscure the main point of the article.

Make sure your production software is packaged securely, efficiently, and quickly: Read the pragmatic, thorough, and concise Python on Docker Production Handbook.

Using a secrets scanner

A good secrets scanner with Docker support will be able to find both. There aren’t that many secrets scanners that support Docker, and the ones I’ve tried haven’t been able to find both. The only one I’ve found that does work is GitGuardian.

You can get a free account from the service that gives a pretty decent number of free scans. You’ll need to generate an API token through their dashboard. Then:

$ export GITGUARDIAN_API_KEY=the-token-you-got-from-dashboard $ python3 -m venv /tmp/venv $ /tmp/venv/bin/pip install ggshield $ ggshield scan docker bad-secrets ... >>> Incident 1(Secrets detection): Generic High Entropy Secret (Validity: Cannot Check) (Ignore with SHA: 73c43dc3b30b828a082b5ea3401c69fa07145aec16202fb1babec325db2dad6c) (2 occurrences) 1 | …usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["|1","mypassword=XW8*******-**32S%K@345","/bin/sh","-c","echo $mypassword"],"Image":"sha256:504c3ee7a91b445126658150ed2… ... >>> Incident 1(Secrets detection): OpenSSH Private Key (Validity: Cannot Check) (Ignore with SHA: a0e1f407b0cdbb2d0484a6b5bb6e931135d3972b89bf79dce3ec1b50caed53bf) (1 occurrence)

The scanner spotted both secrets. Success!

ggshield also does the right thing of exiting with a non-zero exit code if it finds a potential vulnerability, so it’s ready to go for CI setups.

The limitations of secret scanners

It’s worth keeping in mind that there are two basic techniques for spotting secrets:

  1. Standard file formats, file names, and the like. An SSH private key, for example, has a very specific format, and was correctly identified based on that.
  2. Things that look like secrets, and specifically that look like good secrets, i.e. with lots of randomness or entropy. That’s how the “XW835S3d20 etc.” string was caught.

The second method is a heuristic. That means it might occasionally have false positives, spotting something that looks like a secret but isn’t. It also might miss secrets that are sufficiently not-random. For example, if I chose the rather worse password “12345” the ggshield scanner won’t catch that.

So as useful as secret scanners are, you should also take steps to prevent leaking secrets in the first place.

Read more...
Categories: FLOSS Project Planets

Vardot: How to Choose the Best WYSIWYG Drupal Content Editor?

Planet Drupal - Mon, 2022-01-31 15:08
Image How to Choose the Best WYSIWYG Drupal Content Editor? Monday, January 31, 2022 - 22:08 Teaser image How to Choose the Best WYSIWYG Drupal Content Editor_ Join the conversation + Comments Solutions by need Enterprise CMS Product Varbase Vote up! 0 claps
Categories: FLOSS Project Planets

Ingo Juergensmann: XMPP and Mail Clients

Planet Debian - Mon, 2022-01-31 15:06

I really like XMPP, but I’m a little unhappy about the current general situation of XMPP. I think XMPP could do better if there were some benefits of having an XMPP address. For me one of those benefits is to have the option to have just one address I need to communicate to others. If everything is in place and well-configured, a user can be reached by mail, XMPP and SIP (voice/video calls) by just one address.

To address this I would like to see XMPP support in mail clients (MUAs). So when you reply to a mail or write a new one, the client will do a lookup in your addressbook if the address has an XMPP field associated with it and (if not) do a DNS lookup for _xmpp-server._tcp.example.com (or the matching domain part of recipients address). If there is an XMPP address listed in mail header, that JID will be used. When the lookup is successful and an xmpp: protocol handler is configured in the system, the MUA offers an option to begin a chat with the recipient and/or displays the presence status of the recipients (depending on available web-presence or presence subscription).

Basically a good candidate could be Thunderbird, because it already has XMPP support built in, albeit not a good implementation and lacking many modern features like OMEMO. But for basic functions (like presence status and such) it should be sufficient for a start.

Other candidates could be Evolution, Kmail (as KDE MUA and Kaidan as a native KDE XMPP client) or even Apple Mail.app, because Apples addressbook supports XMPP fields for each contact.

Basically the same could be done for SIP contacts: if a SIP SRV record for that domain does exist, the MUA could offer an option to call the recipient.

I would be willing to give some money via Bountysource or similar platforms. Is anyone aware of such a project or willing to write some addons? Maybe within the GSoC?

PS: there is RFC7259 about Jabber/XMPP JID in mail headers and there is also a page in the XMPP.org wiki.

Categories: FLOSS Project Planets

Test and Code: 178: The Five Factors of Automated Software Testing

Planet Python - Mon, 2022-01-31 15:00

"There are five practical reasons that we write tests. Whether we realize it or not, our personal testing philosophy is based on how we judge the relative importance of these reasons." - Sarah Mei

This episode discusses the factors.

Sarah's order:

  1. Verify the code is working correctly
  2. Prevent future regressions
  3. Document the code’s behavior
  4. Provide design guidance
  5. Support refactoring

Brian's order:

  1. Verify the code is working correctly
  2. Prevent future regressions
  3. Support refactoring
  4. Provide design guidance
  5. Document the code’s behavior

The episode includes reasons why I've re-ordered them.

Sponsored By:

Support Test & Code in Python

Links:

<p>&quot;There are five practical reasons that we write tests. Whether we realize it or not, our personal testing philosophy is based on how we judge the relative importance of these reasons.&quot; - Sarah Mei</p> <p>This episode discusses the factors.</p> <p>Sarah&#39;s order:</p> <ol> <li>Verify the code is working correctly</li> <li>Prevent future regressions</li> <li>Document the code’s behavior</li> <li>Provide design guidance</li> <li>Support refactoring</li> </ol> <p>Brian&#39;s order:</p> <ol> <li>Verify the code is working correctly</li> <li>Prevent future regressions</li> <li>Support refactoring</li> <li>Provide design guidance</li> <li>Document the code’s behavior</li> </ol> <p>The episode includes reasons why I&#39;ve re-ordered them.</p><p>Sponsored By:</p><ul><li><a href="https://saucelabs.com/testbetter" rel="nofollow">Sauce Labs</a>: <a href="https://saucelabs.com/testbetter" rel="nofollow">Visit saucelabs.com/testbetter for more information and a free trial. Sauce Labs. Test Continuously. Test Smarter. Develop with confidence.</a></li><li><a href="https://testandcode.com/pycharm" rel="nofollow">PyCharm Professional</a>: <a href="https://testandcode.com/pycharm" rel="nofollow">Try PyCharm Pro for 4 months and learn how PyCharm will save you time.</a> Promo Code: TESTANDCODE22</li></ul><p><a href="https://www.patreon.com/testpodcast" rel="payment">Support Test & Code in Python</a></p><p>Links:</p><ul><li><a href="https://madeintandem.com/blog/five-factor-testing/" title="Five Factor Testing - Sarah Mei" rel="nofollow">Five Factor Testing - Sarah Mei</a></li></ul>
Categories: FLOSS Project Planets

hello @ Savannah: hello-2.12 released [stable]

GNU Planet! - Mon, 2022-01-31 14:03

I’m happy to announce a minor update to 2.11. There are no code changes.

  • Noteworthy changes in release 2.12 (2022-01-31) [stable]

Fix a minor documentation typo.

Make tests introduced in 2.11 more portable.

Categories: FLOSS Project Planets

Talking Drupal: Talking Drupal #332 - Permissions Management

Planet Drupal - Mon, 2022-01-31 14:00

Today we are talking about Permission Management with Benji Fisher.

www.talkingDrupal.com/332

Topics
  • John - Squid Games – Midcamp hat
  • Abby - Turkish Market and lentil soup
  • Benji - Fruition dedicating more time for open source
  • Nic - Config for Drupal 9.3
  • Overview of Permissions
  • Familiar examples
  • Biggest problem
    • UX nightmare
    • Phantom permissions
  • 9.3 significant improvements
  • Passion project
  • Process to get this in
  • Reviewer role
  • Next phases
  • How to help
  • Drupal puzzles
Resources Guests

Benji Fisher - @benji17fisher

Hosts

Nic Laflin - www.nLighteneddevelopment.com @nicxvan John Picozzi - www.epam.com @johnpicozzi Abby Bowman - www.linkedin.com/in/arbowman @abowmanr

MOTW

Flood Control Flood Control provides an interface for hidden flood control variables (e.g. login attempt limiters) and makes it possible for site administrators to remove IP addresses and user ID’s from the flood table.

Categories: FLOSS Project Planets

Pages