Feeds
EuroPython: EuroPython 2024: Ticket sales now open! đ
Hey hey, everyone,
We are thrilled to announce that EuroPython is back and better than ever! ✨
EuroPython 2024 will be held 8-14 July at the Prague Congress Centre (PCC), Czech Republic. Details of how to participate remotely will be published soon.
The conference will follow the same structure as the previous editions:
- Two Workshop/Tutorial Days (8-9 July, Mon-Tue)
- Three Conference Days (10-12 July, Wed-Fri)
- Sprint Weekend (13-14 July, Sat-Sun)
Secure your spot at EuroPython 2024 by purchasing your tickets today. For more information and to grab your tickets, visit https://ep2024.europython.eu/tickets before they sell out!
Get your tickets fast before the late-bird prices kick in. 🏃
Looking forward to welcoming you to EuroPython 2024 in Prague! 🇨🇿
Cheers,
The EuroPython 2024 Organisers
Qt 6.7 Released!
Qt 6.7 is out with lots of large and small improvements for all of us who like to have fun when building modern applications and user experiences.
Specbee: How to Write Your First Test Case Using PHPUnit & Kernel in Drupal
Python Bytes: #377 A Dramatic Episode
Python Software Foundation: New Open Initiative for Cybersecurity Standards
The Python Software Foundation is pleased to announce our participation in co-starting a new Open Initiative for Cybersecurity Standards collaboration with the Apache Software Foundation, the Eclipse Foundation, other code-hosting open source foundations, SMEs, industry players, and researchers. This collaboration is focused on meeting the real challenges of cybersecurity in the open source ecosystem, and demonstrating full cooperation with and supporting the implementation of the European Unionâs Cyber Resilience Act (CRA). With our combined efforts, we are optimistic that we will reach our goal of establishing common specifications for secure open source development based on existing open source best practices.
New regulations, such as those in the CRA, highlight the need for secure by design and strong supply chain security standards. The CRA will lead to standard requests from the Commission to the European Standards Organisations and we foresee requirements from the United States and other regions in the future. As open source foundations, we want to respond to these requests proactively by establishing common specifications for secure software development and meet the expectations of the newly defined term Open Source Steward.
Open source communities and foundations, including the Python community, have long been practicing and documenting secure software development processes. The starting points for creating common specifications around security are already there, thanks to millions of contributions to hundreds of open source projects. In the true spirit of open source, we plan to learn from, adapt, and build upon what already exists for the collective betterment of our greater software ecosystem.
The PSFâs Executive Director Deb Nicholson will attend and participate in the initial Open Initiative for Cybersecurity Standards meetings. Later on, various PSF staff members will join in relevant parts of the conversation to help guide the initiative alongside their peers. The PSF looks forward to more investment in cybersecurity best practices by Python and the industry overall.
This community-driven initiative will have a lasting impact on the future of cybersecurity and our shared open source communities. We welcome you to join this collaborative effort to develop secure open source development specifications. Participate by sharing your knowledge, input, and raising up existing community contributions. Sign up for the Open Initiative for Process Specifications mailing list to get involved and stay updated on this initiative. Check out the press release's from the Eclipse Foundationâs and the Apache Software Foundation for more information.
SoK 2024 - Implementing package management features from RKWard into Cantor via a GUI First Blog
Hi! Iâm Krish, an undergraduate student at the University of Rochester studying Computer Science and this KDE Season of Code Iâm working on implementing package management features from RKWard into Cantor via a GUI. Iâm being mentored by Alexander Semke.
In an effort to improve usability and functionality, this project seeks to strengthen Cantor's capabilities as a scientific computing platform by incorporating package management tools modeled after those found in RKWard and RStudio. The goal is to create an intuitive graphical interface within Cantor for managing packages in R, Octave, Julia, and other languages.
Set up development environment for Cantor- Used virt-manager to setup an âKubuntuâ virtual machine
- Installed dependencies for Cantor
- Open a terminal emulator and in your favorite shell:
RKWard, an open-source, cross-platform integrated development environment for the R programming language, implements package management using R's built-in package management system and provides a GUI to simplify package installation, updating, and removal. This writeup will discuss the technical aspects of package management in RKWard.
Broadly, RKWard leverages R's built-in package management functions, such as install.packages(), update.packages(), and remove.packages(), to handle package management tasks. These functions interact with R's package repository (CRAN by default) and local package libraries to perform package-related operations.
RKWard's package management GUI is built on top of these R functions, allowing users to perform package management tasks without directly interacting with the command-line interface. The GUI provides a more user-friendly experience and enables users to manage packages with just a few clicks.
When a user requests to install or update a package, RKWard performs the following technical steps:
- Dependency resolution: RKWard checks for dependencies required by the package and resolves them using R's available.packages() and installed.packages() functions. If dependencies are not satisfied, RKWard prompts the user to install them automatically.
- CMake Configuration: The FindR.cmake script is used during the compilation of RKWard to locate the R installation and its components, including the R library directory. This information is necessary for RKWard to interface with R and manage packages.
- Package download and installation: RKWard downloads package source code or binary files from CRAN or other repositories using R's download.file() function. The packages are then installed using install.packages() with appropriate options, such as specifying the library directory and installing dependencies.
- Package library management: RKWard installs packages in the R library directory, which is typically located in the user's home folder. The library directory can be configured in RKWard's settings. RKWard ensures that packages are installed in the correct library directory, depending on the user's R version and operating system.
- Integration with R Console: RKWard includes an embedded R console, which allows users to see the output of package management commands and interact with them directly if needed. Error Handling: RKWard provides error messages and troubleshooting advice if package installation or loading fails. This can include issues like missing dependencies, compilation errors, or permissions problems.
- Package loading: After installation, RKWard loads the package into the current R session using R's library() or require() functions, making its functions and datasets available for use.
- RKWard supports package management on various platforms, including Windows, macOS, and Linux. On Windows and macOS, RKWard typically installs packages as pre-compiled binaries for improved performance and ease of installation. On Linux, RKWard installs packages from source, which may require additional development libraries or tools to be installed on the user's system.
RKWard also supports installing packages from local files, Git repositories, and other sources by providing options to specify custom package repositories or URLs. This flexibility allows users to manage their R packages according to their specific needs.
In summary, RKWard implements package management using R's built-in package management functions and provides a user-friendly GUI to simplify package installation, updating, and removal. By leveraging R's package management system, RKWard enables users to manage their R packages efficiently and effectively, regardless of their operating system or R version.
Next Steps- Begin implementing package management features in Cantor.
- Focus on creating a consistent and user-friendly interface for package management.
Hynek Schlawack: Python Project-Local Virtualenv Management Redux
One of my first TIL entries was about how you can imitate Nodeâs node_modules semantics in Python on UNIX-like operating systems. A lot has happened since then (to the better!) and itâs time for an update. direnv still rocks, though.
Open Source AI Definition â Weekly update April 2
- We are now in the process of reviewing legal documents to check the compatibility with the version 0.0.6 definition of open-source AI, specifically for Pythia and OpenCV.
- Click here to see the past activities of the four working groups
- To get involved, respond on the forum or message Mer here.
- Central question: What criteria define “sufficiently detailed information”?
- There is a wish to change the term âSufficiently detailed informationâ to âSufficiently detailed to allow someone to replicate the entire datasetâ to avoid vagueness and solidify reproducibility as openness
- Stefano points out that âreproducibilityâ in itself might not be a sustainable term due to its loaded connotations.
- There’s a proposal to modify the Open Source AI Definition requirement to specify providing detailed information to replicate the entire dataset.
- However, concerns arise about how this would apply to various machine learning methods where dataset replication might not be feasible.
- Contribution concerned with the usage of the wording âdeployâ under âOut of Scope Issuesâ in relation to code alone.
- OSI has replied asking for clarification on the question, as âdeployâ refers to the whole AI system, not just the code.
- Contribution concerned with the wording of âlearning, using, sharing and improving software systemsâ under âWhy We Need Open Source Artificial Intelligenceâ. Specifically, when relating to AI as opposed to âtraditionalâ software, there is a growing concern that these values might be broad compared to the impact, in terms of safety and ethics, AI can have.
- OSI replied that while the ethics of AI will continue to be discussed, these discussions are out of the scope of this definition. This will be elaborated on in an upcoming FAQ.
The Drop Times: Drupal Page BuildersâPart 3: Other Alternative Solutions
The Drop Times: DrupalCamp Ouagadougou Concludes Successfully
Talking Drupal: Talking Drupal #444 - Design to Development Workflow Optimization
Today we are talking about design to development hand off, common complications, and ways to optimize your process with guest Crispin Bailey. Weâll also cover Office Hours as our module of the week.
For show notes visit: www.talkingDrupal.com/444
Topics- Primary activities of the team
- Where does handoff start
- Handoff artifact
- Tools for collaboration
- Figma
- Evaluating new tools
- Challenges of developers and designers working together
- How can we optimize handoff
- What steps can the dev team take to facilitate smooth handoff
- Framework recommendation
- Final quality
- AI
Crispin Bailey - kalamuna.com crispinbailey
HostsNic Laflin - nLighteneddevelopment.com nicxvan John Picozzi - epam.com johnpicozzi Anna Mykhailova - kalamuna.com amykhailova
MOTW CorrespondentMartin Anderson-Clutz - mandclu
- Brief description:
- Have you ever wanted to manage and display the hours of operation for a business on your Drupal site? Thereâs a module for that
- Module name/project name:
- Brief history
- How old: created in Jan 2008 by Ozeuss, though recent releases are by John Voskuilen of the Netherlands
- Versions available: 7.x-1.11 and 8.x-1.17
- Maintainership
- Actively maintained, latest release was 3 weeks ago
- Security coverage
- Test coverage
- Documentation: no user guide, but a pretty extensive README
- Number of open issues: 15 open issues, only 1 of which are bugs against the current branch, though itâs postponed for more info
- Usage stats:
- Almost 20,000 sites
- Module features and usage
- Previously covered in episode 113, more than 8 years ago, in the âDrupal 6 end of lifeâ episode
- The module provides a specialized widget to set the hours for each weekday, with the option to have more than one time slot per day
- You can define exceptions, for example on stat holidays
- You can also define seasons, with a start and end date, during which the hours are different
- The module also offers a variety of options for formatting the output:
- You can show days as ranges, for example Monday to Friday, 9am to 5pm, 12-hour or 24-hour clocks, and so on
- Obviously it will show any exceptions or upcoming seasonal hours too
- It can also show an âopen nowâ or âclosed nowâ indicator
- It can create schema.org-compliant markup for openingHours, and has integration with the Schema.org Metatag module
- Office Hours does all this with a new field type, so you could add it to Stores in a Drupal Commerce site, a Locations content type in a site for a bricks-and-mortar chain, or if you just need a single set of hours for the site, you should be able to use it with something like the Config Pages module
- The README file also includes some suggestions on how to use Office Hours with Views, which can give you a lot of flexibility on where and how to show the information
The Drop Times: The Power of Embracing New Challenges and Technologies
âThe greater the obstacle, the more glory in overcoming it.â â MoliĂšre
Dear Readers,
Stepping out of our comfort zones is undoubtedly a daunting task. Yet, it's precisely this leap into the unknown that often leads to remarkable growth and self-discovery. Embracing new challenges and learning from scratch can feel overwhelming at first, but through these experiences, we truly push our limits and uncover our hidden capabilities.
In our journey of embracing the unfamiliar, we expand our skill sets and gain a deeper understanding of ourselves and the paths we never thought possible. Each new challenge becomes an opportunity to stretch beyond what we thought we were capable of, illuminating uncharted territories of potential and opportunity.
Embrace the technological diversity surrounding us, as it serves as a rich tapestry of tools and methodologies that can enhance our creativity, efficiency, and impact in ways we've only begun to explore. Like the inspiring journey of Tanay Sai, a seasoned builder, engineering leader, and AI/ML practitioner who recently embarked on a transformative adventure beyond the familiar horizons of Drupal. Tanay's story is a testament to the idea that stepping out of one's comfort zone can lead to groundbreaking achievements and a deeper understanding of the multifaceted digital ecosystem.
The importance of continuous learning and the willingness to embrace new challenges is profound. It encourages us to look beyond the familiar, to experiment with emerging technologies, and to remain adaptable in our pursuit of delivering exceptional digital experiences.
Now, Let's take a moment to revisit the highlights from last week's coverage at The Drop Times.
Last month, we celebrated the Women in Drupal community and released the second part of "Inspiring Inclusion: Celebrating the Women in Drupal | #2" penned by Alka Elizabeth. Part 3 of this series will be coming soon.
Explore the dynamic evolution of Drupal's page-building features in Part 2 of André Angelantoni's latest series on The Drop Times. Each module discussed extends Layout Builder and can be integrated individually. Part 3 might already be released by the time this newsletter comes your way. Access the second part here.
DrupalCon Portland 2024, scheduled from May 6 to 9, will feature an empowering Women in Drupal Lunch event. This gathering aims to uplift female attendees and inspire and support women within the Drupal community. Learn more here.
Save the dates for DrupalCamp Spain 2024 in Benidorm! The event is scheduled for October 25 and 26, with the venue to be announced soon. Additionally, mark your calendars for October 24, designated as Business Day.
DrupalCamp Belgium has unveiled the keynote speakers for its highly anticipated 2024 edition in Ghent. For more information and to discover the lineup of keynote speakers, be sure to check out the details here. A complete list of events for the week is available here. Additionally, Gander Documentation is now available on Drupal.org, as announced by Janez Urevc, Tag1 Consulting's Strategic Growth and Innovation Manager, on March 25, 2024.
Also, read about Tanay Sai, an accomplished builder, engineering leader, and AI/ML practitioner who shares insights into his transformative journey beyond Drupal. After a decade immersed in the Drupal realm, Tanay candidly expresses his pivotal decision to venture beyond its confines. Learn more here.
Monika Branicka of Droptica conducts a comprehensive analysis of content management systems (CMS) employed by 314 higher education institutions in Poland. This study aims to unveil the prevalent CMS preferences among both public and non-public universities, providing insights into the educational sector's technological landscape. The report comes amidst a growing call for resources to track Drupal usage across industry sectors, coinciding with similar studies conducted by The DropTimes and Grzegorz Pietrzak.
DevBranch has announced the launch of a Drupal BootCamp tailored for aspiring web developers. This initiative aims to equip individuals with the necessary skills and knowledge to excel in web development using Drupal. For further details, click here.
The development of Drupal 11 has reached a critical phase, marked by ongoing updates to its system requirements within the development branch. GĂĄbor Hojtsy has provided valuable insights on preparing core developers and informing the community about these changes. Stay updated on the latest developments as Drupal 11 evolves to meet the needs of its users and developers.
We acknowledge that there are more stories to share. However, due to selection constraints, we must pause further exploration for now.
To get timely updates, follow us on LinkedIn, Twitter and Facebook. Also, join us on Drupal Slack at #thedroptimes.
Thank you,
Sincerely
Elma John
Sub-editor, TheDropTimes.
Luke Plant: Enforcing conventions in Django projects with introspection
Naming conventions can make a big difference to the maintenance issues in software projects. This post is about how we can use the great introspection capabilities in Python to help enforce naming conventions in Django projects.
Contents
Letâs start with an example problem and the naming convention weâre going to use to solve it. There are many other applications of the techniques here, but it helps to have something concrete.
The problem: DateTime and DateTimeField confusionOver several projects Iâve found that inconsistent or bad naming of DateField and DateTimeField fields can cause various problems.
First, poor naming means that you can confuse them for each other, and this can easily trip you up. In Python, datetime is a subclass of date, so if you use a field called created_date assuming it holds a date when it actually holds a datetime, it might be not obvious initially that you are mishandling the value, but youâll often have subtle problems down the line.
Second, sometimes you have a field named like expired which is actually the timestamp of when the record expired, but it could easily be confused for a boolean field.
Third, not having a strong convention, or having multiple conventions, leads to unnecessary time wasted on decisions that could have been made once.
Finally, inconsistency in naming is just confusing and ugly for developers, and often for users further down the line, because names tend to leak.
Even if you do have an established convention, itâs possible for people not to know. Itâs also very easy for people to change a fieldâs type between date and datetime without also changing the name. So merely having the convention is not enough, it needs to be enforced.
Note
If you want to change the name and type of a field (or any other atribute), and want the data to preserve data as much as possible, you usually need to do it in two stages or more depending on your needs, and always check the migrations created â otherwise Djangoâs migration framework will just see one field removed and a completely different one added, and generate migrations that will destroy your data.
For this specific example, the convention I quite like is:
field names should end with _at for timestamp fields that use DateTimeField, like expires_at or deleted_at.
field names should end with _on or _date for fields that use DateField, like issued_on or birth_date.
This is based on the English grammar rule that we use âonâ for dates but âatâ for times â âon the 25th Marchâ, but âat 7:00 pmâ â and conveniently it also needs very few letters and tends to read well in code. The _date suffix is also helpful in various contexts where _on seems very unnatural. You might want different conventions, of course.
To get our convention to be enforced with automated checks we need a few tools.
The tools IntrospectionIntrospection means the ability to use code to inspect code, and typically weâre talking about doing this when our code is already running, from within the same program and using the same programming language.
In Python, this starts from simple things like isintance() and type() to check the type of an object, to things like hasattr() to check for the presence of attributes and many other more advanced techniques, including the inspect module and many of the metaprogramming dunder methods.
Django app and model introspectionDjango is just Python, so you can use all normal Python introspection techniques. In addition, there is a formally documented and supported set of functions and methods for introspecting Django apps and models, such as the apps module and the Model _meta API.
Django checks frameworkThe third main tool weâre going to use in this solution is Djangoâs system checks framework, which allows us to run certain kinds of checks, at both âwarningâ and âerrorâ level. This is the least important tool, and we could in fact switch it out for something else like a unit test.
The solutionItâs easiest to present the code, and then discuss it:
from django.apps import apps from django.conf import settings from django.core.checks import Tags, Warning, register @register() def check_date_fields(app_configs, **kwargs): exceptions = [ # This field is provided by Django's AbstractBaseUser, we don't control it # and weâll break things if we change it: "accounts.User.last_login", ] from django.db.models import DateField, DateTimeField errors = [] for field in get_first_party_fields(): field_name = field.name model = field.model if f"{model._meta.app_label}.{model.__name__}.{field_name}" in exceptions: continue # Order of checks here is important, because DateTimeField inherits from DateField if isinstance(field, DateTimeField): if not field_name.endswith("_at"): errors.append( Warning( f"{model.__name__}.{field_name} field expected to end with `_at`, " + "or be added to the exceptions in this check.", obj=field, id="conventions.E001", ) ) elif isinstance(field, DateField): if not (field_name.endswith("_date") or field_name.endswith("_on")): errors.append( Warning( f"{model.__name__}.{field_name} field expected to end with `_date` or `_on`, " + "or be added to the exceptions in this check.", obj=field, id="conventions.E002", ) ) return errors def get_first_party_fields(): for app_config in get_first_party_apps(): for model in app_config.get_models(): yield from model._meta.get_fields() def get_first_party_apps() -> list[AppConfig]: return [app_config for app_config in apps.get_app_configs() if is_first_party_app(app_config)] def is_first_party_app(app_config: AppConfig) -> bool: if app_config.module.__name__ in settings.FIRST_PARTY_APPS: return True app_config_class = app_config.__class__ if f"{app_config_class.__module__}.{app_config_class.__name__}" in settings.FIRST_PARTY_APPS: return True return FalseWe start here with some imports and registration, as documented in the âSystem checksâ docs. Youâll need to place this code somewhere that will be loaded when your application is loaded.
Our checking function defines some allowed exceptions, because there are some things out of our control, or there might be other reasons. It also mentioned the exceptions mechanism in the warning message. You might want a different mechanism for exceptions here, but I think having some mechanism like this, and advertising its existence in the warnings, is often pretty important. Otherwise, you can end up with worse consequences when people just slavishly follow rules. Notice how in the exception list above Iâve given a comment detailing why the exception is there though â this helps to establish a precedent that exceptions should be justified, and the justification should be there in the code.
We then loop through all âfirst partyâ model fields, looking for DateTimeField and DateField instances. This is done using our get_first_party_fields() utility, which is defined in terms of get_first_party_apps(), which in turn depends on:
a custom setting FIRST_PARTY_APPS which Iâve created in my settings.py like this:
FIRST_PARTY_APPS = ["myapp", "myotherapp"] INSTALLED_APPS = [ "django.contrib.auth", "django.contrib.sessions", ] + FIRSTY_PARTY_APPS + [ ... ]You may have a different way of recognising your own apps.
The id values passed to Warning here are examples â you should change according to your needs. You might also choose to use Error instead of Warning.
OutputWhen you run manage.py check, youâll then get output like:
System check identified some issues: WARNINGS: myapp.MyModel.created: (conventions.E001) MyModel.created field expected to end with `_at`, or be added to the exceptions in this check. System check identified 1 issue (0 silenced).As mentioned, you might instead want to run this kind of check as a unit test.
ConclusionThere are many variations on this technique that can be used to great effect in Django or other Python projects. Very often you will be able to play around with a REPL to do the introspection you need.
Where it is possible, I find doing this far more effective than attempting to document things and relying on people reading and remembering those docs. Every time Iâm tripped up by bad names, or when good names or a strong convention could have helped me, I try to think about how I could push people towards a good convention automatically â while also giving a thought to unintended bad consequences of doing that prematurely or too forcefully.
Marknote 1.1.0
Marknote 1.1.0 is out! Marknote is the new WYSIWYG note-taking application from KDE. Despite the latest release being just a few days ago, we have been hard at work and added a few new features and, more importantly, fixed some bugs.
Marknote now boasts broader Markdown support, and can now display images and task lists in the editor. And once you are done editing your notes, you can export them to various formats, including PDF, HTML and ODT.
Marknote’s interface now seamlessly integrates the colors assigned to your notebooks, enhancing its visual coherence and making it easier to distinguish one notebook from another. Additionally, your notebooks remember the last opened note, automatically reopening it upon selection.
We’ve also introduced a convenient command bar similar to the one in Merkuro. This provides quick access to essential actions within Marknote. Currently it only creates a new notebook and note, but we plan to make more actions available in the future. Finally we have reworked all the dialogs in Markdown to use the newly introduced FormCardDialog from KirigamiAddons.
We have created a small feature roadmap with features we would like to add in the future. Contributions are welcome!
Packager sectionYou can find the package on download.kde.org and it has been signed with my GPG key.
Note that this release introduce a new recommanded dependencies: md4c and require the latest Kirigami Addons release (published a few hours ago).
Kirigami Addons 1.1.0
It’s again time for a new Kirigami Addons release. Kirigami Addons is a collection of helpful components for your QML and Kirigami applications.
FormCardI added a new FormCard delegate: FormColorDelegate which allow to select a color and a new delegate container: FormCardDialog which is a new type of dialog.
FormCardDialog containing a FormColorDelegate in Marknote
Aside from these new components, Joshua fixed a newline bug in the AboutKDE component and I updated the code examples in the API documentation.
TableViewThis new component is intended to provide a powerful table view on top of the barebone one provided by QtQuick and similar to the one we have in our QtWidgets application.
This was contributed by Evgeny Chesnokov. Thanks!
TableView with resizable and sortable columns
Other componentsThe default size of MessageDialog was decreased and is now more appropriate.
MessageDialog new default size
James Graham fixed the autoplay of the video delegate for the maximized album component.
Packager sectionYou can find the package on download.kde.org and it has been signed with my GPG key.
The interpersonal side of the xz-utils compromise
While everyone is busy analyzing the highly complex technical details of the recently discovered xz-utils compromise that is currently rocking the internet, it is worth looking at the underlying non-technical problems that make such a compromise possible. A very good write-up can be found on the blog of Rob Mensching...
Ben Hutchings: FOSS activity in March 2024
- I updated the Linux (4.19) package for buster to upstream version 4.19.311, but I did not make an upload this month.
- I triaged recent CVE IDs assigned for kernel security issues, and queried some duplicate and trivial issues, which have now been rejected.
- I reviewed and applied a fix for klibcâs inet_pton() function. I then added some test cases for it, and made further fixes.
Ben Hutchings: FOSS activity in March 2024
- I updated the Linux (4.19) package for buster to upstream version 4.19.311, but I did not make an upload this month.
- I triaged recent CVE IDs assigned for kernel security issues, and queried some duplicate and trivial issues, which have now been rejected.
- I reviewed and applied a fix for klibcâs inet_pton() function. I then added some test cases for it, and made further fixes.