Feeds
Django Weblog: Django security releases issued: 5.0.7 and 4.2.14
In accordance with our security release policy, the Django team is issuing releases for Django 5.0.7 and Django 4.2.14. These releases address the security issues detailed below. We encourage all users of Django to upgrade as soon as possible.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()urlize() and urlizetrunc() were subject to a potential denial-of-service attack via certain inputs with a very large number of brackets.
Thanks to Elias Myllymäki for the report.
This issue has severity "moderate" according to the Django security policy.
CVE-2024-39329: Username enumeration through timing difference for users with unusable passwordsThe django.contrib.auth.backends.ModelBackend.authenticate() method allowed remote attackers to enumerate users via a timing attack involving login requests for users with unusable passwords.
This issue has severity "low" according to the Django security policy.
CVE-2024-39330: Potential directory-traversal in django.core.files.storage.Storage.save()Derived classes of the django.core.files.storage.Storage base class which override generate_filename() without replicating the file path validations existing in the parent class, allowed for potential directory-traversal via certain inputs when calling save().
Built-in Storage sub-classes were not affected by this vulnerability.
Thanks to Josh Schneier for the report.
This issue has severity "low" according to the Django security policy.
CVE-2024-39614: Potential denial-of-service in django.utils.translation.get_supported_language_variant()get_supported_language_variant() was subject to a potential denial-of-service attack when used with very long strings containing specific characters.
To mitigate this vulnerability, the language code provided to get_supported_language_variant() is now parsed up to a maximum length of 500 characters.
Thanks to MProgrammer for the report.
This issue has severity "moderate" according to the Django security policy.
Affected supported versions- Django main branch
- Django 5.1 (currently at beta status)
- Django 5.0
- Django 4.2
Patches to resolve the issue have been applied to Django's main, 5.1, 5.0, and 4.2 branches. The patches may be obtained from the following changesets.
CVE-2024-38875: Potential denial-of-service in django.utils.html.urlize()- On the main branch
- On the 5.1 branch
- On the 5.0 branch
- On the 4.2 branch
- On the main branch
- On the 5.1 branch
- On the 5.0 branch
- On the 4.2 branch
- On the main branch
- On the 5.1 branch
- On the 5.0 branch
- On the 4.2 branch
- On the main branch
- On the 5.1 branch
- On the 5.0 branch
- On the 4.2 branch
- Django 5.0.7 (download Django 5.0.7 | 5.0.7 checksums)
- Django 4.2.14 (download Django 4.2.14 | 4.2.14 checksums)
The PGP key ID used for this release is Natalia Bidart: 2EE82A8D9470983E
General notes regarding security reportingAs always, we ask that potential security issues be reported via private email to security@djangoproject.com, and not via Django's Trac instance, nor via the Django Forum, nor via the django-developers list. Please see our security policies for further information.
drunomics: Custom Elements UI: quicker changes to your decoupled Drupal site
The Custom Elements module is an essential building block in the technology stack that drunomics uses to build headless Drupal solutions, facilitating output of pages in either 'custom elements' or JSON format as the front end requires it.
The newest version of the module features a user interface to modify any entity that is part of the output: any property can be included/excluded, and output format can be changed, without the need to write Drupal/PHP code. This allows a developer to more easily change both the backend API output and the decoupled frontend consuming the output at the same time, making for faster turnaround times in changes to your website.
Our talk at Drupal Developer Days BurgasRoderik Muit and Alexandru Ieremia chaired an informal (Birds of a Feather) session at Drupal Developer Days in Burgas in June 2024, to prevent the new changes to any interested parties. They also prepared some information about the larger Lupus Decoupled stack for any interested attendees who would not be familiar with it yet.
After the presentation, an animated discussion followed. Some people were curious how the Custom Elements UI worked, what the code behind it looks like and how to write own 'formatters'.
Another person said that Lupus Decoupled seems to exactly satisfy their need to address the resource heavy JSON:API queries in his current main website. He was encouraged to try out a demo and ask any questions in our issue queue or on #lupus-decoupled on Drupal Slack. Users were assured that Lupus Decoupled is ready to use (for experienced developers) and completely open source.
The new Custom Elements version with UI to alter output, is currently available as a development version; we are working to finalize a beta release as soon as possible.
Real Python: Quiz: Split Your Dataset With scikit-learn's train_test_split()
In this quiz, you’ll test your understanding of how to use train_test_split() from the sklearn library.
By working through this quiz, you’ll revisit why you need to split your dataset in supervised machine learning, which subsets of the dataset you need for an unbiased evaluation of your model, how to use train_test_split() to split your data, and how to combine train_test_split() with prediction methods.
[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]
Drupal Association blog: Celebrating Success: DrupalCon Portland 2024 Event Impact Recap
Welcome to the Event Impact Recap of DrupalCon Portland 2024, a benchmark event in North America, that not only marked a significant milestone in the Drupal community, but also holds a special place in my journey. Having served as a contractor for DrupalCon Portland and now stepping into the role of the new Community Programs Director with the Drupal Association, I am thrilled to share the highlights and successes of this remarkable gathering. My goal is to have an Impact Report shared with the community after each DrupalCon that depicts the data and feedback on the event. Please view the slides.
Key Highlights from DrupalCon Portland 2024:
- Attendance and Engagement:
- With 1,368 registered attendees and an impressive 97.8% check-in rate, DrupalCon Portland 2024 brought together a vibrant community of Drupal enthusiasts and professionals.
- Of the 1,368 registered attendees, 438 (about one third) received comped registrations for volunteering, speaking, or other roles at the conference.
- The event saw 3,249 hotel rooms booked in Portland, OR, highlighting its impact on the local economy and hospitality sector AND, it’s worth to note, these were just the rooms through our block, many rooms were booked outside the block making an even bigger impact on the local business community.
- A post event survey showed the rank of overall experience at DrupalCon Portland 2024 at 4.21/5
- 32% of attendees said this was their 1st DrupalCon
- 8 Scholarship grants were given out to the community
- 95% of attendees said they would attend a future DrupalCon
- Global Representation:
- Attendees from 6 continents, 35 countries, and 46 states joined us, demonstrating Drupal's global reach and community diversity.
- Specialized Summits:
- Five Summits (Government, Higher Ed, Nonprofit, Healthcare, and Community) attracted 476 attendees, facilitating deep dives into crucial Drupal topics and fostering collaboration.
- DriesNote and Starshot:
- A highlight of the event was the DriesNote, attended by 950 people in person, eager to hear about Starshot, an exciting new initiative. (View the recording on the Drupal Association Youtube page). This session not only informed but also inspired attendees about the future of Drupal.
- Two BOFs were hosted, providing platforms for continued discussions and community engagement beyond the main sessions.
- Sponsorship:
- DrupalCon Portland 2024 was made possible thanks to the generous support of our sponsors
- Presenting Sponsors: 2
- Champion Sponsors: 6
- Advocate Sponsors: 11
- Exhibitors: 28
- Total Sponsors: 47
- The conference wouldn't have been possible without the dedication and partnership of these organizations. Their support underscores their commitment to the Drupal community and its ongoing success.
- DrupalCon Portland 2024 was made possible thanks to the generous support of our sponsors
- Volunteer Contributions:
- The success of DrupalCon Portland 2024 was further bolstered by 28 dedicated volunteers, including local ambassadors, logistics contributors, and translation assistants, who collectively contributed 221.5 hours onsite.
I am deeply honored to now step into the role of the new Community Programs Director with the Drupal Association. With over 18 years of experience in event planning, field marketing, nonprofit management, and community engagement, I am excited to leverage my skills to enhance community programs and initiatives within the Drupal ecosystem. My goal is to foster even stronger connections, facilitate meaningful collaborations, and support the growth and inclusivity of the Drupal community.
As we reflect on the achievements and connections fostered at DrupalCon Portland 2024, I am filled with optimism about the future of Drupal and the potential for continued growth and innovation within our community, and am excited to be a part of DrupalCon Barcelona, DrupalCon Singapore, DrupalCon Atlanta and many more for years to come!
DrupalCon Portland 2024 was not just an event but a celebration of collaboration, knowledge sharing, and community spirit. I extend my heartfelt gratitude to everyone who contributed to its success, from attendees and volunteers to sponsors and organizers. Let's carry this momentum forward as we embark on the next chapter of Drupal's journey together.
- Meghan Harrell
Community Programs Director
Drupal Association
Specbee: Simplifying content duplication with Quick Node Clone module in Drupal
Python Bytes: #391 A weak episode
Russ Allbery: Review: Raising Steam
Review: Raising Steam, by Terry Pratchett
Series: Discworld #40 Publisher: Anchor Books Copyright: 2013 Printing: October 2014 ISBN: 0-8041-6920-9 Format: Trade paperback Pages: 365Raising Steam is the 40th Discworld novel and the third Moist von Lipwig novel, following Making Money. This is not a good place to start reading the series.
Dick Simnel is a tinkerer from a line of tinkerers. He has been obsessed with mastering the power of steam since the age of ten, when his father died in a steam accident. That pursuit took him deeper into mathematics and precision, calculations and experiments, until he built Iron Girder: Discworld's first steam-powered locomotive. His early funding came from some convenient family pirate treasure, but turning his prototype into something more will require significantly more resources. That is how he ends up in the office of Harry King, Ankh-Morpork's sanitation magnate.
Simnel's steam locomotive has the potential to solve some obvious logistical problems, such as getting fish from the docks of Quirm to the streets of Ankh-Morpork before it stops being vaguely edible. That's not what makes railways catch fire, however. As soon as Iron Girder is huffing and puffing its way around King's compound, it becomes the most popular attraction in the city. People stand in line for hours to ride it over and over again for reasons that they cannot entirely explain. There is something wild and uncontrollable going on.
Vetinari is not sure he likes wild and uncontrollable, but he knows the lap into which such problems can be dumped: Moist von Lipwig, who is already getting bored with being a figurehead for the city's banking system.
The setup for Raising Steam reminds me more of Moving Pictures than the other Moist von Lipwig novels. Simnel himself is a relentlessly practical engineer, but the trains themselves have tapped some sort of primal magic. Unlike Moving Pictures, Pratchett doesn't provide an explicit fantasy explanation involving intruding powers from another world. It might have been a more interesting book if he had. Instead, this book expects the reader to believe there is something inherently appealing and fascinating about trains, without providing much logic or underlying justification. I think some readers will be willing to go along with this, and others (myself included) will be left wishing the story had more world-building and fewer exclamation points.
That's not the real problem with this book, though. Sadly, its true downfall is that Pratchett's writing ability had almost completely collapsed by the time he wrote it.
As mentioned in my review of Snuff, we're now well into the period where Pratchett was suffering the effects of early-onset Alzheimer's. In that book, his health issues mostly affected the dialogue near the end of the novel. In this book, published two years later, it's pervasive and much worse. Here's a typical passage from early in the book:
It is said that a soft answer turneth away wrath, but this assertion has a lot to do with hope and was now turning out to be patently inaccurate, since even a well-spoken and thoughtful soft answer could actually drive the wrong kind of person into a state of fury if wrath was what they had in mind, and that was the state the elderly dwarf was now enjoying.
One of the best things about Discworld is Pratchett's ability to drop unexpected bits of wisdom in a sentence or two, or twist a verbal knife in an unexpected and surprising direction. Raising Steam still shows flashes of that ability, but it's buried in run-on sentences, drowned in cliches and repetition, and often left behind as the containing sentence meanders off into the weeds and sputters to a confused halt. The idea is still there; the delivery, sadly, is not.
This is the first Discworld novel that I found mentally taxing to read. Sentences are often so overpacked that they require real effort to untangle, and the untangled meaning rarely feels worth the effort. The individual voice of the characters is almost gone. Vetinari's monologues, rather than being a rare event with dangerous layers, are frequent, rambling, and indecisive, often sounding like an entirely different character than the Vetinari we know. The constant repetition of the name any given character is speaking to was impossible for me to ignore. And the momentum of the story feels wrong; rather than constructing the events of the story in a way that sweeps the reader along, it felt like Pratchett was constantly pushing, trying to convince the reader that trains were the most exciting thing to ever happen to Discworld.
The bones of a good story are here, including further development of dwarf politics from The Fifth Elephant and Thud! and the further fallout of the events of Snuff. There are also glimmers of Pratchett's typically sharp observations and turns of phrase that could have been unearthed and polished. But at the very least this book needed way more editing and a lot of rewriting. I suspect it could have dropped thirty pages just by tightening the dialogue and removing some of the repetition.
I'm afraid I did not enjoy this. I am a bit of a hard sell for the magic fascination of trains — I love trains, but my model railroad days are behind me and I'm now more interested in them as part of urban transportation policy. Previous Discworld books on technology and social systems did more of the work of drawing the reader in, providing character hooks and additional complexity, and building a firmer foundation than "trains are awesome." The main problem, though, was the quality of the writing, particularly when compared to the previous novels with the same characters.
I dragged myself through this book out of a sense of completionism and obligation, and was relieved when I finished it.
This is the first Discworld novel that I don't recommend. I think the only reason to read it is if you want to have read all of Discworld. Otherwise, consider stopping with Snuff and letting it be the send-off for the Ankh-Morpork characters.
Followed by The Shepherd's Crown, a Tiffany Aching story and the last Discworld novel.
Rating: 3 out of 10
Kdenlive 24.05.2 released
The second maintenance release of the 24.05 series is out,
Full changelog
- Fix guides categories not correctly saved in document. Commit. Fixes bug #489079.
- Fix adding record track adds a normal audio track. Commit. Fixes bug #489080.
- Fix rendering with aspect ratio change always renders with proxies. Commit.
- Fix compilation on Windows with KF 6.3.0. Commit.
- Fix timeline duration not correctly updated, resulting in audio/video freeze in timeline after 5 min. Commit.
- Fix Windows build without DBUS. Commit.
- Fix crash on spacer tool with subtitles. Commit.
The post Kdenlive 24.05.2 released appeared first on Kdenlive.
Thorsten Alteholz: My Debian Activities in June 2024
This month I accepted 270 and rejected 23 packages. The overall number of packages that got accepted was 279.
This was my hundred-twentieth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.
During my allocated time I uploaded or worked on:
- [DLA 3826-1] cups security update for one CVE to prevent arbitrary chmod of files
- [#1073519] bullseye-pu: cups/2.3.3op2-3+deb11u7 to fix one CVE
- [#1073518] bookworm-pu: cups/2.4.2-3+deb12u6 to fix one CVE
- [#1073519] bullseye-pu: cups/2.3.3op2-3+deb11u7 package upload
- [#1073518] bookworm-pu: cups/2.4.2-3+deb12u6 package upload
- [#1074438] bullseye-pu: cups/2.3.3op2-3+deb11u8 to fix an upstream regression of the last upload
- [#1074439] bookworm-pu: cups/2.4.2-3+deb12u7 to fix an upstream regression of the last upload
- [#1074438] bullseye-pu: cups/2.3.3op2-3+deb11u8 package upload
- [#1074439] bookworm-pu: cups/2.4.2-3+deb12u7 package upload
- [#1055802] bookworm-pu: package qtbase-opensource-src/5.15.8+dfsg-11+deb12u1 package upload
This month handling of the CVE of cups was a bit messy. After lifting the embargo of the CVE, a published patch did not work with all possible combinations of the configuration. In other words, in cases of having only one local domain socket configured, the cupsd did not start and failed with a strange error. Anyway, upstream published a new set of patches, which made cups work again. Unfortunately this happended just before the latest point release for Bullseye and Bookworm, so that the new packages did not make it into the release, but stopped in the corresponding p-u-queues: stable-p-u and old-p-u.
I also continued to work on tiff and last but not least did a week of FD and attended the monthly LTS/ELTS meeting.
Debian ELTSThis month was the seventy-first ELTS month. During my allocated time I tried to upload a new version of cups for Jessie and Stretch. Unfortunately this was stopped due to an autopkgtest error, which I could not reproduce yet.
I also wanted to finally upload a fixed version of exim4. Unfortunately this was stopped due to lots of CI-jobs for Buster. Updates for Buster are now also availble from ELTS, so some stuff had to prepared before the actual switch end of June. Additionally everything was delayed due to a crash of the CI worker. All in all this month was rather ill-fated. At least the exim4 upload will happen/already happened in July.
I also continued to work on an update for libvirt, did a week of FD and attended the LTS/ELTS meeting.
Debian PrintingThis month I uploaded new upstream or bugfix versions of:
- … cups
This work is generously funded by Freexian!
Debian AstroThis month I uploaded a new upstream or bugfix version of:
All of those uploads are somehow related to /usr-move. Debian IoTThis month I uploaded new upstream or bugfix versions of:
- … pyicloud
The following packages have been prepared by the GSoC student Nathan:
miscThis month I uploaded new upstream or bugfix versions of:
Here as well all uploads are somehow related to /usr-move
Talking Drupal: Talking Drupal #458 - Drupal & Next.js
Today we are talking about Next.js, what it is, and how to integrate it with Drupal with guest John Albin Wilkins. We’ll also cover Next.js Webform as our module of the week.
For show notes visit: www.talkingDrupal.com/458
Topics- What is Next.js
- What kind of server do you need
- How is it used on the web
- Does it only work on react based systems
- Why would someone want to integrate with Drupal
- When changes are made in the content how do you update the app
- On the module page there are a lot of references to Preview, is this something Next does well
- What is server side rendering
- How does Next work with menus and views
- Any preference on the api for json api vs graphql
- Performance
- Editorial experience
- Responsive images
- Will Drupal ever ship with a headless front end
- Winner of the TPOTM
- Next.js
- Next.js Wikipedia
- Next.js Webform Tutorial
- Example Next.js template to render an arbitrary webform
- Decoupled Menus Initiative
- FormDazzle
- Trival Patch of the Month
- https://www.drupal.org/project/drupal/issues/258089
- Flexinode
John Albin Wilkins - john.albin.net JohnAlbin
HostsNic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Baddý Sonja Breidert - 1xINTERNET baddysonja
MOTW CorrespondentMartin Anderson-Clutz - mandclu.com mandclu
- Brief description:
- Have you ever wanted to build a webform in Drupal and have the corresponding Next.js template automatically created for you? There’s a Next.js library for that.
- Module name/project name:
- Brief history
- How old: created in Aug 2022 by Lauri Timmanee (lauriii), who listeners may know as the Drupal Core Product Manager, and one of the people leading the Starshot initiative
- Versions available: 1.1.1
- Maintainership
- Test coverage
- Documentation - Lengthy README and a tutorial on the Acquia Dev Portal
- Number of open issues: 17 open issues, 3 of which are bugs
- Usage stats:
- 2,246 weekly downloads according to npmjs.com
- Module features and usage
- Using this library does require some setup on the Drupal side, including installing the Webform and Webform REST modules. There’s also an extra patch to install if you want to use any autocomplete fields, and some configuration needed for both the REST resources that will be used to exchange data, and the permissions for the account that will be used to retrieve and submit data
- Out of the box, the library supports over 40 webform components, but you can also provide custom elements if you need something additional. The library also supports conditional logic, so fields can show or hide in the Next.js front end based on conditions defined in your Drupal backend
- The library also provides front-end validation for email confirmation, date list, and datetime fields, but back end validation is also processed for every submission
- There is a crowded field of headless CMS competitors, but I thought this library is a good example of the extra power and flexibility you get by using a robust, open source CMS like Drupal as the back end in your headless architecture
The Drop Times: Using Drupal Migrations to Modify Content Within a Site
The Drop Times: The Power of Community: Innovation, Collaboration, and Events
Let's talk about something truly amazing—the Drupal community. This isn't just a group of tech enthusiasts; it's a global network of developers, designers, content creators, and business professionals all working together to make Drupal better every day.
What's incredible about the Drupal community is how it constantly drives innovation. Members brainstorm and share ideas, create new modules, improve security, and make Drupal more user-friendly. Their contributions ensure that Drupal stays ahead of the curve in web development.
Think about this: there are thousands of active contributors from all over the world. This community isn't limited by geography. Their work impacts millions of websites globally, from coding and developing modules to offering support and writing documentation. It's a testament to how dedicated and skilled these individuals are.
Now, you might wonder what makes the Drupal community stand out from others. It's their culture of collaboration and respect. Everyone's input is valued here, whether you're a newbie or a seasoned expert. This inclusive approach creates a supportive environment where everyone can learn and grow.
And let’s not forget about the events. Drupal meetups, camps, and conferences are where the magic happens. These events are opportunities to learn, share, and connect. They bring the community together, fostering relationships and sparking new ideas.
Let's now focus on what The Drop Times has covered from last week,
Kazima Abbas, sub-editor at The Drop Times, interviewed Lauri Timmanee on transforming Drupal site building, Experience Builder, and the Starshot Initiative.
The study published in The Drop Times by Veniz Maja Guzman, SEO Expert & Content Strategist at Promet Source, uncovers the growing trend of Drupal adoption in government websites, correlating with entity size.
Explore how AI is revolutionizing Drupal development in Jay Callicott's latest article, "The AI-Driven Developer: From Assistance to Autonomy in Drupal Development."
A comprehensive analysis by Arjun Biju and Alka Elizabeth, sub-editor at The Drop Times, examines CMS usage across 8,134 non-profit and charity organizations in the United States.
The Drupal Trivandrum Meetup on June 29, 2024, at Cafe Coffee Day, Thiruvananthapuram, featured Drupal enthusiasts discussing Drupal's impact and networking.
Drupal Meetup Haneda will be held online on July 25.
Dipak Yadav's report on the Drupal Pune Meetup held on June 22, 2024, highlights engaging sessions on managing multisite platforms, digital lead acquisition, and socially-driven projects.
Developers and agencies are invited to submit their best Drupal projects launched in 2023 or 2024 for a chance to be featured at DrupalCon Barcelona 2024. The submission deadline is September 8, 2024.
DrupalCamp Colorado will host a keynote by Lynn Winter, a digital strategist with expertise in information architecture, UX, and content strategy.
AmyJune Hineline from The Linux Foundation will lead a session on inclusive image practices at Drupal Camp Asheville 2024.
The Drupal Association introduces Ripple Makers, a revamped Individual Membership program designed to enhance community engagement and communication.
DrupalCamp Pune 2024 seeks talented designers for banners, IDs, standees, and goodie bags. Registration for DrupalGovCon 2024 is now open—secure your free tickets for the event.
DrupalGovCon 2024 registration is now open, offering a highly anticipated opportunity for organizers, volunteers, sponsors, and attendees to secure their tickets for the event.
Drupal Camp Asheville 2024 is set for July 12-14, featuring various events, including a Saturday After-Party and a Drupal Coffee Exchange.
DrupalCon Singapore 2024 invites speakers to submit session proposals by July 8, 2024.
We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now.
To get timely updates, follow us on LinkedIn, Twitter and Facebook. Also, join us on Drupal Slack at #thedroptimes.
Thank you,
Sincerely,
Kazima Abbas
Sub-editor, The Drop Times
Real Python: Python News Roundup: July 2024
Summer isn’t all holidays and lazy days at the beach. Over the last month, two important players in the data science ecosystem released new major versions. NumPy published version 2.0, which comes with several improvements but also some breaking changes. At the same time, Polars reached its version 1.0 milestone and is now considered production-ready.
PyCon US was hosted in Pittsburgh, Pennsylvania in May. The conference is an important meeting spot for the community and sparked some new ideas and discussions. You can read about some of these in PSF’s coverage of the Python Language Summit, and watch some of the videos posted from the conference.
Dive in to learn more about the most important Python news from the last month.
NumPy Version 2.0NumPy is a foundational package in the data science space. The library provides in-memory N-dimensional arrays and many functions for fast operations on those arrays.
Many libraries in the ecosystem use NumPy under the hood, including pandas, SciPy, and scikit-learn. The NumPy package has been around for close to twenty years and has played an important role in the rising popularity of Python among data scientists.
The new version 2.0 of NumPy is an important milestone, which adds an improved string type, cleans up the library, and improves performance. However, it comes with some changes that may affect your code.
The biggest breaking changes happen in the C-API of NumPy. Typically, this won’t affect you directly, but it can affect other libraries that you rely on. The community has rallied strongly and most of the bigger packages already support NumPy 2.0. You can check NumPy’s table of ecosystem support for details.
One of the main reasons for using NumPy is that the library can do fast and convenient array operations. For a simple example, the following code calculates square numbers:
Python >>> numbers = range(10) >>> [number**2 for number in numbers] [0, 1, 4, 9, 16, 25, 36, 49, 64, 81] >>> import numpy as np >>> numbers = np.arange(10) >>> numbers**2 array([ 0, 1, 4, 9, 16, 25, 36, 49, 64, 81]) Copied!First, you use range() and a list comprehension to calculate the first ten square numbers in pure Python. Then, you repeat the calculation with NumPy. Note that you don’t need to explicitly spell out the loop. NumPy handles that for you under the hood.
Furthermore, the NumPy version will be considerably faster, especially for bigger arrays of numbers. One of the secrets to this speed is that NumPy arrays are limited to having one data type, while a Python list can be heterogeneous. One list can contain elements as different as integers, floats, strings, and even nested lists. That’s not possible in a NumPy array.
Improved String HandlingBy enforcing all elements to be of the same type that take up the same number of bytes in memory, NumPy can quickly find and work with individual elements. One downside to this has been that strings can be awkward to work with:
Python >>> words = np.array(["numpy", "python"]) >>> words array(['numpy', 'python'], dtype='<U6') >>> words[1] = "monty python" >>> words array(['numpy', 'monty '], dtype='<U6') Copied!You first create an array consisting of two strings. Note that NumPy automatically detects that the longest string is six characters long, so it sets aside space for each string to be six characters long. The 6 in the data type string, <U6, indicates this.
Next, you try to replace the second string with a longer string. Unfortunately, only the first six characters are stored since that’s how much space NumPy has set aside for each string in this array. There are ways to work around these limitations, but in NumPy 2.0, you can take advantage of variable length strings instead:
Read the full article at https://realpython.com/python-news-july-2024/ »[ Improve Your Python With 🐍 Python Tricks 💌 – Get a short & sweet Python Trick delivered to your inbox every couple of days. >> Click here to learn more and see examples ]
Salsa Digital: CivicTheme establishes a formal steering committee to guide its rapid growth
roose.digital: How to prefill a webform field based on the node/URL being viewed in Drupal 10
drunomics: Stop making your own life difficult. Integrate your CI/CD Pipeline with these monitoring tools
Anwesha Das: Euro Python 2024
It is July, and it is time for Euro Python, and 2024 is my first Euro Python. Some busy days are on the way. Like every other conference, I have my diary, and the conference days are full of various activities.
Day 0 of the main conferenceAfter a long time, I will give a legal talk. We are going to dig into some basics of Intellectual Property. What is it? Why do we need it? What are the different kinds of intellectual property? It is a legal talk designed for developers. So, anyone and everyone from the community with previous knowledge can understand the content and use it to understand their fundamental rights and duties as developers.Intellectual Property 101, the talk is scheduled at 11:35 hrs.
Day 1 of the main conferenceDay 1 is PyLadies Day, a day dedicated to PyLadies. We have crafted the day with several different kinds of events. The day opens with a self-defense workshop at 10:30 hrs. PyLadies, throughout the world, aims to provide and foster a safe space for women and friends in the Python Community. This workshop is an extension of that goal. We will learn how to deal with challenging, inappropriate behavior.
In the community, at work, or in any social space. We will have a trained Psychologist as a session guide to help us. This workshop is so important, especially today as it was yesterday and may be in the future (at least until the enforcement of CoC is clear). I am so looking forward to the workshop. Thank you, Mia, Lias and all the PyLadies for organizing this and giving shape to my long-cherished dream.
Then we have my favorite part of the conference, PyLadies Lunch. I crafted the afternoon with a little introduction session, shout-out session, food, fun, laughter, and friends.
After the PyLadies Lunch, I have my only non-PyLadies session, which is a panel discussion on Open Source Sustainability. We will discuss the different aspects of sustainability in the open source space and community.
Again, it is PyLady&aposs time. Here, we have two sessions.
[IAmRemarkable](https://ep2024.europython.eu/pyladies-events#iamremarkable), to help you learn to empower you by celebrating your achievements and to fight your impostor syndrome. The workshop will help you celebrate your accomplishments and improve your self-promotion skills.
The second session is a 1:1 mentoring event, Meet & Greet with PyLadies. Here, the willing PyLadies will be able to mentor and be mentored. They can be coached in different subjects, starting with programming, learning, things related to job and/or career, etc.
Birds of feather session on Release Management of Open Source projectsIt is an open discussion related to the release Management of the Open Source ecosystem.
The discussion includes everything from a community-led project to projects maintained/initiated by a big enterprise, a project maintained by one contributor to a project with several hundreds of contributor bases. What are the different methods we follow regarding versioning, release cadence, and the process itself? Do most of us follow manual processes or depend on automated ones? What works and what does not, and how can we improve our lives? What are the significant points that make the difference? We will discuss and cover the following topics: release management of open source projects, security, automation, CI usage, and documentation. In the discussion, I will share my release automation journey with Ansible. We will follow Chatham House Rules during the discussion to provide the space for open, frank, and collaborative conversation.
So, here comes the days of code, collaboration, and community. See you all there.
PS: I miss my little Py-Lady volunteering at the booth.
joshics.in: Mastering Multi-Site Configurations in Drupal: A Comprehensive Guide
In the constantly evolving digital world, the ability to efficiently manage multiple websites has become a necessity for businesses of all sizes.
Thankfully, Drupal, an open-source content management system, has made this simpler with its multi-site configuration feature.
This functionality makes it easier to handle numerous websites from a single Drupal installation, saving time, effort, and resources. But how do we configure this feature in Drupal?
This blog post explores the ways to achieve multi-site configurations in Drupal in thorough detail.
Understanding Drupal Multi-Site ConfigurationsBefore we go deeper, let's understand what Drupal multi-site configuration means. Simply put, it allows you to run multiple websites from one codebase. Each website can have its own content, settings, enabled modules, and themes, while sharing the core code, contributed modules, and themes. This arrangement benefits website managers who manage multiple sites, as they can apply updates to all at once.
How to Set Up Multi-Site Configurations- Creating Sub-Directories
The first step is to create sub-directories for each site in the 'sites' directory. This is where individual settings for each site reside. The directory name would typically be your site's URL. For instance, if your site's URL is 'example.com', the directory name would be 'sites/example.com'. - Setting Up the Database
Each site requires its own database. During Drupal installation, you need to set up a new database for each site. Remember to collate each database in 'utf8mb4_general_ci' to avoid any characters failing to write to the database. - Configuring Settings.php
For each site, you will need a settings.php file. This file contains critical information about your site such as base URL, database credentials, and more. You can find a default.settings.php file in the 'default' directory. Copy this file into your new site directory and rename it to 'settings.php'. Update the necessary details like the database name, username, and password. - Configuring the Web Server
Next, you need to configure your web server to point to the correct site directory. For Apache servers, you would use the .htaccess file, while nginx servers use the nginx.conf file. - Installing Drupal
Finally, install Drupal for each site by navigating to your site's URL in a web browser. Follow the installation prompts, and in no time, your website will be up and running.
With multi-site configurations, you can centralise your web management tasks, reducing the need for redundant tasks. You can apply core updates, security patches, and other changes across all your sites with a single stroke. This translates into reduced effort, time, and risk of errors.
Further, this simplifies your hosting environment as you're using a single codebase, making it easier to manage your server resources and optimise for performance.
Pitfalls to AvoidDespite its numerous benefits, multi-site configurations are not without their challenges. Remember, changes made are site-wide; an update beneficial to one site might disrupt another. Thus, always carry out extensive testing before deploying changes. Additionally, ensure to maintain regular backups to quickly restore any problematic updates.
ConclusionMastering Drupal's multi-site configurations can become an asset in your digital arsenal. It not only optimises resources but also streamlines your web management process. However, it requires strategic planning and careful execution to exploit its full potential.
Drupal Multi-site Drupal Planetmark.ie: Want to contribute to LocalGov Drupal, but don't know where to start?
Contributing to LocalGov Drupal is a great way to get used to how the platform works, and, in turn, makes the platform better for everyone. Here's some thoughts on how to get started.