Popular:
Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Python Cracks the 'Phantom Dependency' Nut: PEP 770 and SBOMs Triumph

2025-08-11
Python Cracks the 'Phantom Dependency' Nut: PEP 770 and SBOMs Triumph

Seth Larson, Python Software Foundation's Security Developer-in-Residence, in collaboration with Alpha-Omega, released a white paper detailing the solution to the 'phantom dependency' problem. This solution, leveraging PEP 770 and Software Bills of Materials (SBOMs), enhances the measurability of Python packages. This allows automated systems like vulnerability scanners to provide accurate results even in complex dependency graphs common in scientific computing, high-performance computing, and AI. Key projects like NumPy, cryptography, and pip are already evaluating PEP 770 adoption.

Read more
(pyfound.blogspot.com)
Development

Python Core Devs Summit: JITs, Virtual Threads, and the Future

2025-06-15
Python Core Devs Summit: JITs, Virtual Threads, and the Future

The annual Python core developers' summit showcased exciting discussions. Meta engineers explored pluggable JIT compilers, aiming to simplify development via new APIs. Insights from Java spurred discussions on virtual threads for Python, boosting concurrency. The summit also featured debates on null-coalescing operators, AI-assisted coding tools, and the 'worse is better' philosophy. Finally, developers called for memory benchmark focus and delved into the future evolution of T-strings' type system.

Read more
(pyfound.blogspot.com)
Development