#319: Typosquatting and Supply Chains Vulnerabilities
Talk Python To Me6 Kesä 2021

#319: Typosquatting and Supply Chains Vulnerabilities

One of the true superpowers of Python is the libraries over at the Python Package Index. They are all just a "pip install" away. Yet, like all code that you run on your system, it is done with some degree of trust. How do we know that all of those useful packages are trustworthy? That's the topic of this episode. Bentz Tozer and John Speed Meyers are here to share their research into typosquatting on PyPI and other sneaky deeds. But we also discuss some potential solutions and fixes.

Jaksot(542)

#527: MCP Servers for Python Devs

#527: MCP Servers for Python Devs

Today we’re digging into the Model Context Protocol, or MCP. Think LSP for AI: build a small Python service once and your tools and data show up across editors and agents like VS Code, Claude Code, an...

10 Marras 20251h 6min

#526: Building Data Science with Foundation LLM Models

#526: Building Data Science with Foundation LLM Models

Today, we’re talking about building real AI products with foundation models. Not toy demos, not vibes. We’ll get into the boring dashboards that save launches, evals that change your mind, and the shi...

1 Marras 20251h 7min

#525: NiceGUI Goes 3.0

#525: NiceGUI Goes 3.0

Building a UI in Python usually means choosing between "quick and limited" or "powerful and painful." What if you could write modern, component-based web apps in pure Python and still keep full contro...

27 Loka 20251h 17min

#524: 38 things Python developers should learn in 2025

#524: 38 things Python developers should learn in 2025

Python in 2025 is different. Threads really are about to run in parallel, installs finish before your coffee cools, and containers are the default. In this episode, we count down 38 things to learn th...

20 Loka 20251h 9min

#523: Pyrefly: Fast, IDE-friendly typing for Python

#523: Pyrefly: Fast, IDE-friendly typing for Python

Python typing got fast enough to feel invisible. Pyrefly is a new, open source type checker and IDE language server from Meta, written in Rust, with a focus on instant feedback and real-world DX. Toda...

13 Loka 20251h 7min

#522: Data Sci Tips and Tricks from CodeCut.ai

#522: Data Sci Tips and Tricks from CodeCut.ai

Today we’re turning tiny tips into big wins. Khuyen Tran, creator of CodeCut.ai, has shipped hundreds of bite-size Python and data science snippets across four years. We dig into open-source tools you...

6 Loka 20251h 9min

#521: Red Teaming LLMs and GenAI with PyRIT

#521: Red Teaming LLMs and GenAI with PyRIT

English is now an API. Our apps read untrusted text; they follow instructions hidden in plain sight, and sometimes they turn that text into action. If you connect a model to tools or let it read docum...

29 Syys 20251h 2min

#520: pyx - the other side of the uv coin (announcing pyx)

#520: pyx - the other side of the uv coin (announcing pyx)

A couple years ago, Charlie Marsh lit a fire under Python tooling with Ruff and then uv. Today he’s back with something on the other side of that coin: pyx. Pyx isn’t a PyPI replacement. Think server...

23 Syys 20251h