Flask-Mail 0.10 released, after a 10 year hiatus! Thanks to @wlach for picking it up at the #PyConUS sprint. This is part of my Pallets-Eco initiative to get old popular extensions maintained again. It's been unarchived and refreshed. I went through and closed out a lot of the issue backlog. We'll have to figure out what a 1.0 release will look like. https://github.com/pallets-eco/flask-mail/releases/tag/0.10.0#Python#Flask
@tonybaloney showing off a Flask app running in Hypercorn by @pgjones with workers in subinterpreters that themselves each have the GIL disabled. Running parallel requests that themselves can have parallel processing. This talk has so much insight into web app and parallel performance. #PyConUS#Flask#Python
Apparently the convention center is using a product, Voltus, built on Flask and APIFlask to manage its energy use and respond to demand. So cool! ☀️😎 #PyConUS#FlaskCon#Python#Flask
Finally got all three years of FlaskCon Online (2020, 2021, 2023) up on https://pyvideo.org FlaskCon 2024 videos should be up soon after we have some time to edit and upload. #FlaskCon#Python#Flask
FlaskCon is Friday inside PyCon! Room 317, my opening "State of Pallets" talk starts at 11am, after the opening PyCon keynote. Then we have four talks, then office hours, as well as sprints starting Monday. Please come by to watch the talks and to talk with us about your projects and our projects! https://flaskcon.com#PyConUS#Flask
Just released Werkzeug 3.0.3 with a security fix for a high vulnerability. If an attacker can get you to interact with their domain, and can guess a route in your app that raises an exception, and you're running the debbuger, they can use the fact that public DNS can point to 127.0.0.1 to execute code through the debugger running on localhost. https://github.com/pallets/werkzeug/security/advisories/GHSA-2g68-c3qc-8985#Python#Flask#Werkzeug
I'll be presenting a new talk, "Magical (or not) GraphQL", at North Bay Python 2024! Introducing a new open source library I wrote for work, how I wrote it, cool things to do with GraphQL, and what I've discovered I want instead of GraphQL. Hopefully the barn cats will be interested too 😻 #Python#nbpy#GraphQL#Flask
Last call for signing up to give lightning talks at FlaskCon @ PyCon US 2024.
If you use Flask, Click, Jinja or other parts of Pallets project, this is your opportunity to share your experience with the community.
I'm looking forward to FlaskCon inside PyCon this year, but it needs talk proposals from the community to be successful. If you work with Flask or our other libraries, or alongside other web technologies, you have something to share and we want to hear it! Please submit a 5-15 minute talk proposal: https://flaskcon.com/2024/#PyCon#PyConUS#Flask
MarkupSafe speedup saga continues: my coworker contributed a PR to implement them in Rust now. It uses some pretty clever speedups based on other serialization libraries they surveyed. If anyone is comfortable with Rust, we would appreciate reviews and feedback: https://github.com/pallets/markupsafe/pull/438#Python#RustLang#PyO3#Flask#MarkupSafe
New to PyCon US is FlaskCon, one of the Hatchery programs we accepted this year. This is your opportunity to meet the maintainers of Flask and learn how you can become a contributor.
If you use Flask, this is also a great time to share your experiences with the rest of the community.
SIgn up to give a lightning talk now:
Update on my "remove MarkupSafe's C speedups" post: @tonybaloney swooped in and found a simple change that make the speedups ~40% faster in the cases where they had become slower. Turns out, if plain strings are the most probable thing you'll be escaping, you should check for that first, not last. So the speedups remain in place. https://github.com/pallets/markupsafe/pull/434#Python#MarkupSafe#Flask
Submit your talk proposal for FlaskCon, inside PyCon US May 17! Are you a developer, contributor, maintainer, designer, admin, or anyone else else who uses Flask, Click, Jinja, their extensions, WSGI, ASGI, HTMX, Tailwind, asyncio, etc? We want to hear you! A talk can be 5-15 minutes, in person. CFP closes April 30, notified May 3. Submit your proposal today: https://flaskcon.com/2024/ Please boost and tell your friends! #PyCon#PyConUS#Python#Flask
Python has seen significant performance improvements in the last few releases. MarkupSafe has a C extension to speed up operations, but it's now slower in many cases than the plain Python implementation. Having a C extension increases the difficulty of maintenance, builds, releases, and installs. I'm wondering if it's time to drop the speedups. https://github.com/pallets/markupsafe/issues/433#Python#MarkupSafe#Flask
I'm starting to think of sdists as an intermediate build between repo and wheel, rather than a partial representation of the repo. Sdists should only contain the code and metadata needed to create the wheel, not docs, dev requirements, examples, tests, and other tool config. All that extra stuff can be run by checking out the tag and using our standard contributor instructions. Removing that from sdists would probably save PyPI a good amount of bandwidth. #Python#Flask
Apparently, in python web ecosystem, /foo/bar and /foo%2Fbar are interpreted the same (but not /foo?bar and /foo%3Fbar at least) 🤦 #Python#FastAPI#flask#django