@diazona@techhub.social avatar

diazona

@diazona@techhub.social

Software engineer, former particle physicist, occasional blogger. I support the principle of cake.

This profile is from a federated server and may be incomplete. Browse more on the original instance.

fohrloop, to til
@fohrloop@fosstodon.org avatar

when creating a python project, and using some==2.2.0 to "pin" your requirements isn't actually pinning them, as the package owner (or anyone with access) may upload version 2.2.0-1, 2.2.0-2, etc. which will match the "==2.2.0".

https://www.youtube.com/watch?v=oGpyupM52IQ

diazona,
@diazona@techhub.social avatar

@fohrloop Huh. I did a quick experiment which suggests otherwise:

>>> from packaging.version import Version
>>> from packaging.specifiers import SpecifierSet
>>> s1 = SpecifierSet("==2.2.0")
>>> Version("2.2.0.post0") in s1
False
>>> Version("2.2.0.post1") in s1
False
>>> Version("2.2.0") in s1
True

(".post0" is the canonical way of writing "-0", and so on)

diazona,
@diazona@techhub.social avatar

@fohrloop Ahh, I see: the "1" is actually a "build tag" as per the wheel naming spec https://packaging.python.org/en/latest/specifications/binary-distribution-format/#binary-distribution-format.

So yeah, this is confusing: you can actually have a version 2.2.0-1, which is equivalent to 2.2.0.post1, and if that were the case, pip would be able to tell the difference. But the 2.2.0-1 mentioned in the video and your original toot is not a version, it's a part of the wheel filename, and it actually means version 2.2.0 with build tag 1, which is something different.

diazona,
@diazona@techhub.social avatar

@hugovk @fohrloop Yeah I think that was mentioned somewhere earlier, but personally I'd rather just use a separate post release to solve that problem. IMO it's too unintuitive that you can install the same version of a package on the same system and get different code.

diazona,
@diazona@techhub.social avatar

@hugovk @fohrloop Agreed, except for pointing people to the /latest/ RTD page; I think it's very reasonable to decide not to do that in general.

Anyway, I would say updating the documentation is a perfect opportunity to make a post release.

diazona,
@diazona@techhub.social avatar

@fohrloop @hugovk For a very small project this can work okay, but only if you change the tag quickly enough that nobody notices. In general, I think a better approach is to use release candidates: when you think you're ready to make a release, prepare it as an rc first and then after you've given yourself and others time to check it for possible issues, then retag the rc as the final version and release that. Then it should be quite rare that you need to change something after making the final release without incrementing the version number. But in the rare instances where you do, then I think having it show up as X.Y.Z.post1 in RTD is fine.

diazona,
@diazona@techhub.social avatar

@fohrloop @hugovk Oh I was assuming that /latest/ points to the documentation of the last commit on your main development branch, while /stable/ points to the documentation of the latest released version (i.e. with a version number). So, people who download the project from /pypi/ will more likely want the /stable/ version.

diazona,
@diazona@techhub.social avatar

@hugovk @fohrloop Well... I acknowledge your point, but given the way things are moving toward reproducibility these days, I think it's really valuable to have a deterministic mapping between (package, version, system) and wheel. That is, given the constraint that I want to install a particular version of a particular package on a particular system, there should be one specific wheel file that will be used for that particular installation. If a wheel file is broken or something, then I think making a new version needs to be the price of fixing that. (If that involves pinging people in some way that's annoying, then I would say it's the notification system that should be fixed.)

moira, to random
@moira@mastodon.murkworks.net avatar

"there's no need for that"

also no point to it, i mean, vampire, aren't you gonna figure it out?

diazona,
@diazona@techhub.social avatar

@moira The cross? I thought crosses work

moira, to random
@moira@mastodon.murkworks.net avatar

vampire trivia: the reason mirrors and film - black and white film traditionally - don't interact is because silver, the old basis of both mirrors and silver-nitrate film, is a pure metal, semi-holy, and refuses to interact with the evil of vampirism.

diazona,
@diazona@techhub.social avatar

@moira ooooh this makes a lot of sense

So I wonder if an aluminum mirror would work?

Or a digital camera?

eb, to security
@eb@social.coop avatar

Unfolding now: https://news.ycombinator.com/item?id=39865810

An incredibly technically complex in xz (potentially also in libarchive and elsewhere) was just discovered. This backdoor has been quietly implemented over years, with the assistance of a wide array of subtly interconnected accounts:

The timeline on this is going to take so long to unravel

diazona,
@diazona@techhub.social avatar

@geofft @glyph @eb I'm certainly not disputing that it's a real problem that that doesn't happen more often, but isn't there some precedent for big tech companies hiring people to work on specific open source projects? So it's not totally unheard of

diazona,
@diazona@techhub.social avatar

@glyph @geofft @eb Oh of course. I guess I just wanted to acknowledge being in a state of "a tiny bit of progress" rather than "zero progress". (I have an optimistic streak that comes out sometimes)

diazona,
@diazona@techhub.social avatar

@dalias @geofft @glyph @luis_in_brief @eb Legally speaking I think it could be set up either way. Although if an OSS project maintainer is employed (not contracted) by a company to maintain the project, it is kind of as if the company is acting as the maintainer, which certainly raises questions about their motivation....

diazona,
@diazona@techhub.social avatar

@eb @glyph Very cool! Any chance you might be willing to share that particular snippet - even just the HTML structure - under a less restrictive license than AGPL? It seems like the kind of thing I would love to use or adapt on my own site, but I don't want to (and probably legally can't) share my site and all the services it uses under that license.

jacob, to random
@jacob@jacobian.org avatar

Every time I write about how I fucked something up with git, I get a good deal "this is your fault”-inflected feedback.

So look: I fuck something up with git about monthly. Have for a decade. You can draw one of two conclusions from this:

  1. I am terribly stupid.

  2. Git is fundamentally an unsafe system, to have been designed in such a way to allow for such repeated ongoing "mistakes”

If you think it's the former… why are you following such an idiot? The unfollow button is right over there!

diazona,
@diazona@techhub.social avatar

@meejah @jacob Yeah for sure. This is actually something I personally really like about Git, that when I mess up I basically always have a route to undo it, and I often don't find that to be true with systems that are simpler and more user-friendly.

elduvelle, to programming
@elduvelle@neuromatch.social avatar

in question:
This should be easy, but I can’t find a straightforward solution anywhere. How can one ask the user to select one **or more ** directories using a graphical interface?

There is “tkFileDialog.askdirectory()” in the Tkinter module but it only allows to select one directory. Any implementations of that function that allow for directory multiselection?
(Yes, I could do a loop and call the same function multiple times but I wouldn’t call that straightforward)

diazona,
@diazona@techhub.social avatar

@elduvelle Somewhat of a nitpick: it might be worth thinking of this more as a <your graphical toolkit> question than a Python question, because it's the toolkit that determines the capabilities of the file chooser, and you might get better suggestions form people who know the toolkit well than from Python developers in general.

diazona,
@diazona@techhub.social avatar

@Pantherina @louis_sch Markdown does resemble what you mean though. Like, that's part of the intent of Markdown (and also part of why it became so popular), that the raw markup is readable and lends itself to being understood in the same way as the formatted version. The markup for emphasis actually looks like emphasis; the markup for a list looks like a list; likewise for a section header, or a table or footnote if you're using a variant that supports those, or so on. So I don't think that particular argument that Markdown is not good for note-taking holds up very well.

diazona,
@diazona@techhub.social avatar

@Pantherina "I mean notes should have bold headers, not hashtags." OK, but that reflects what you want from a notes app, not what everyone wants. And of course that's totally fine, you can get that from a notes app that has WYSIWYG formatting if you find that it works for you. But I would suggest that it doesn't make sense for you to enter a discussion about a Markdown notes app and tell a bunch of people, for many of whom that app probably works pretty well, that they're making a bad choice to use it because it doesn't offer the behavior you want.

For what it's worth, I think a lot of people use Markdown notes apps in a way that you might not be considering. Like, this separation between writing and viewing that you're talking about simply doesn't exist in my note-taking workflow. I usually just read the raw markup, possibly with some minimal formatting added on by whatever app I'm using.

AkaSci, (edited ) to random
@AkaSci@fosstodon.org avatar

The Event Horizon Telescope org. just released this swirling "image" of Sagittarius A*, the supermassive black hole (SMBH) at the center of our galaxy. The spiral lines in the composite image is based on measurements of polarized light emitted by surrounding plasma and highlights the magnetic field around the black hole.

The spiral structure is a result of the strong magnetic field around the black hole, which is caused and shaped by the swirling plasma.

https://eventhorizontelescope.org/blog/astronomers-unveil-strong-magnetic-fields-spiraling-edge-milky-way%E2%80%99s-central-black-hole

1/n

diazona,
@diazona@techhub.social avatar

@AkaSci Was that really 0.031 µas per pixel for NIRCAM or did you mean 0.031 as (31000 µas) per pixel? Maybe I'm just very confused (I am quite tired to be fair) but something sounds off about the numbers.

publicvoit, to NixOS
@publicvoit@graz.social avatar

Had an issue with where I couldn't run a tool that uses pandas. (Nix really doesn't work well with Python.)

Somebody helped me to find the solution by:
nix-shell -p 'python3.withPackages (ps: with ps; [ pandas numpy ])'

Today, another Python project with pandas and this time, even the nix-shell doesn't fix the situation. 😔

Learning: without being a NixOS wizard with deep knowledge about all the things below the surface, you simply can't run Python scripts.

diazona,
@diazona@techhub.social avatar

@publicvoit That's odd and annoying 😛 but thanks for sharing... I have never used NixOS but I'm curious about it

adamchainz, to python
@adamchainz@fosstodon.org avatar

🏎️ Last night, I fixed a segmentation fault bug in my testing library time-machine.

🤷 There were several outstanding issues about segmentation faults with unclear causes, and I didn’t have time to dive into them.

🐛 Then I received a new bug report from Marcin Sulikowski with a minimal reproduction. This research pointed directly at the problem and revealed the other reports as duplicates.

👏 Clear and reproducible bug reports are very valuable contributions!

diazona,
@diazona@techhub.social avatar

@simon @adamchainz This is pretty much the standard method for testing anything that involves a process dying, isn't it? Like, it's used in Googletest and other testing frameworks. Handy to know about for sure, but it's not like it's groundbreaking or anything. (of course it generally doesn't come up in Python testing because Python errors don't kill the whole process unless there's a bug in the interpreter or some native cod involved)

solarbird, to cooking

okay gastrodonians gimmie a hand with this

So I have this skillet.

A small skillet, silver in colour, not non-stick and not black/cast iron. The handle appears to be cast, the skillet itself is smooth.Obviously, it’s a skillet. And it looks like a cheap skillet – real cheap. But I don’t think it is.

The handle is cast iron or steel of some kind, despite being silver. The handle is also magnetic and heavy. The actual pan part, however, is aluminium, with no hint of magnetism, and also quite heavy – heavier than I feel it should be, like it has a slab of copper sandwiched inside layers of aluminium. There are three big thick bolts holding this thing together.

This is an object I feel like had to have been made with a purpose. I don’t know what that purpose was. And despite being a decent baker, I am no chef, and am merely an adequate cook in the sense of “I can follow directions correctly and produce the intended meal.”

So what the hell is this for?

Am I wrong about it having a special purpose? Is it in fact really cheap? Because it looks cheap. But it doesn’t feel cheap, and I think that’s important here.

Is it some sort of esoteric camping kit? Is that it? Feels way too heavy for that but it is nicely small.

What’m I missing here, Gastrodonians? Is this some sort of special implement? Or is it just a weird kind of cheap pan I’ve never seen before.

Do you know? ’cause I sure don’t.

[link]

diazona,
@diazona@techhub.social avatar

@solarbird My curiosity is piqued, I don't think it would have occurred to me that this might be anything more than an ordinary pan (maybe just a particularly sturdy one). I hope you find out!

jonny, to monsterdon
@jonny@neuromatch.social avatar

No way in hell am i watching with ads. importing the tubi version to @monsterdon rn, should be ready in time

diazona,
@diazona@techhub.social avatar

@jonny @monsterdon Oh makes sense, didn't realize it would work on Tubi though

diazona,
@diazona@techhub.social avatar

@jonny Thank you 🙏 🙏 🙏 I have to preserve this one for posterity and I'm hoping your version doesn't have the sound randomly cut out in the middle

diazona,
@diazona@techhub.social avatar

@jonny You mean yt-dlp? I'm quite familiar, I use it on an almost daily basis. I even made it into a personal batch download service for myself 🙂

PeerTube is also sounding increasingly impressive the more I hear about it

diazona,
@diazona@techhub.social avatar

@jonny @RufusJCooter oh that explains why they invited all the people to that very part of town for the presentation

🤦🤦🤦🤦🤦

  • All
  • Subscribed
  • Moderated
  • Favorites
  • megavids
  • cubers
  • magazineikmin
  • GTA5RPClips
  • khanakhh
  • InstantRegret
  • Youngstown
  • mdbf
  • slotface
  • thenastyranch
  • everett
  • osvaldo12
  • kavyap
  • rosin
  • anitta
  • DreamBathrooms
  • Durango
  • modclub
  • ngwrru68w68
  • vwfavf
  • ethstaker
  • tester
  • cisconetworking
  • tacticalgear
  • Leos
  • provamag3
  • normalnudes
  • JUstTest
  • All magazines
    •