如何安全运行用户上传代码?

原文: PyCoder's Weekly - Issue #433

pycoder

  • 200812 Zoom.Quiet(大妈) 用时 42 分钟 完成快译
  • 200812 Zoom.Quiet(大妈) 用时 37 分钟 完成格式转抄.

In this tutorial, you’ll learn what Python wheels are and why you should care as both a developer and end user of Python packages. You’ll see how the wheel format has gained momentum over the last decade and how it has made the package installation process faster and more stable.

(是也乎:

从 egg 到 Wheel ...

Wheel

)

ShopRunner’s data science team decided to rename their open-source libraries after their namesake’s creator made comments that didn’t align with the group’s values. This article makes a great case study on how to rename projects while minimizing developer impact.

(是也乎:

硬分叉后的必须手尾.

)

Many developers view Django’s “database agnosticism” as one of the framework’s strengths. Daniele Varrazzo, on the other hand, believes this approach potentially handcuffs the developer from taking advantage of database-specific features. Read Daniele’s detailed opinion and follow the discussion on Hacker News.

In this tutorial, you’ll explore the concept of passing by reference and learn how it relates to Python’s own system for handling function arguments. You’ll look at several use cases for passing by reference and learn some best practices for implementing pass-by-reference constructs in Python.

(是也乎:

Pass

其实, 用最无聊的形式来最好.

)

There are a number of reasons websites want to collect data about how users use their website. But how this works is often a controversial topic. Learn how tracking works by building a privacy-focused tracking system from scratch.

(是也乎:

pixel.gif 技巧总是可用的...

)

Thinking about hosting a virtual Python conference or meetup? The PSF compiled a list of tools and resources to help you be successful! Oh, and they’ll be re-launching their grant program soon!

(是也乎:

关键在网络活动的免费平台, 国外有很多, 国内呵呵...

)

Do you know someone who deserves to be a PSF fellow? Why not nominate them?

讨论

Discussions

The short answer: it depends. The long answer? Reddit’s got you covered!

(是也乎:

不过, 有一点可以肯定, 高手和低手的 Python 2.* 代码看起来差不多, 但是, 到了 Py3 就能也感觉出来了.

)

Consistency is hard sometimes. What do you do to get through the ruts?

文章,教程和嗯哼

Articles, Tutorials and Talks

Views are one of the core components of a Django application. Django offers two kinds of views: function-based views and class-based views. Which one should you use? Fortunately, there’s an opinionated guide to help you sort things out!

(是也乎:

反正当年各种 MV* 模型非常多, 总之, 嫑折腾框架设计好的模式就好.

)

Learn to transcribe speech in recordings like MP3s into text with Python and AssemblyAI’s API.

(是也乎:

当然的, English only, 中文这方面有天然壁垒...

)

There’s a lot of ways to package your Python code. Find out which one is right for you.

(是也乎:

打包不是发布,距离发行早. 但是, 在工程中, 却又是必须的...

Docker

没想到这篇是 Docker 的软文...

)

Learn advanced testing techniques for Twilio IVR systems using Python and pytest

Do you want to learn the how and when of implementing K-means clustering in Python? Would you like to practice your pandas skills with a real-world project? This week on the show, David Amos is back with another batch of PyCoder’s Weekly articles and projects.

(是也乎:

Podcast

)

TensorFlow’s data loader is built around sequential access. This introduces some potentially important pitfalls for data engineering projects. Learn what these issues are and when to avoid them.

Facebook has just open-sourced a static analysis tool for detecting security issues in Python code.

(是也乎:

Fb 出手了, 当年 珢神在 Google 作的就是类似工具, 没想到10年后, 这方面依然没彻底解决...

)

好物

Interesting Projects, Tools and Libraries, Projects & Code

(是也乎:

类似检查器就是自动优化的基础工具, 这方面 Fb 在 PHP 上积累了丰富的经验.

)

(是也乎:

基于 Rust 对 Python 运行时的智能包装. 不知道现在可用否.

今年线上 PyCon 爆出来的仙品.

)

(是也乎:

最古早的 windows only 打包工具, 竟然还活着.

)

(是也乎:

Zipapps 哗...叕一个隐藏大生态.

)

(是也乎:

Google 出品, 基于 Bazel 叕一个上古神器的现代再造.

)

(是也乎:

关注, 这可能是解决 Python 最后一个大问题的方向.

无依赖的快速发布一个 Python 应用到主要平台.

tox 则是隐藏在一切背后的基础工具.

)

(是也乎:

等等 SQL Server ? 这货还活着? 有人用?

)

(是也乎:

和 ggroups 类似, iTunes 也是默默成为最大 Podcast 总入口了?

)

📆🐍 活动/大会

Events, MeetUp 真的是全球线下活动组织中心

DAMA

❤️ Happy Pythonic ;-(大妈私人无责任播报)

101camp11py 报名将结束

报名

课程规划:

    报名截止 2020.08.23
    正式开课 2020.08.30
    课程结束 2020.10.11

详情 => 蟒营™ Python 入门班第11

PS:


好文笔,感叹号年度配额: 1/3

投稿/反馈邮箱:

askdama@googlegroups.com

(邮件列表地址, 当成正常邮件发送邮件就好, 不用注册, 不用翻越...)


ZoomQuiet/大妈

就是四处 是也乎,( ̄▽ ̄) 的那个大妈:

私自嗯哼: ZoomQuiet (订阅号: ZoomQuiet42)
公开课程: 蟒营 (订阅号: Mainium)
历史吐糟: Chaos42 (订阅号 PythoniCamp)

as 创始组织者:
    PyChina (订阅号: PyChinaOrg)
    本地社区: 
        GDG珠海 (订阅号: GDG-ZhuHai)
        TFUG珠海 (订阅号: ZH_TFUG)

NN 4103

RPP


Comments



蟒营®编程思维提高班 Python版/第13期 正在报名

精品小班/ 永久答疑

扫描报名: 101camp13py

蟒营®式 原创课程

伴你重享学习乐趣

官网: py.101.camp

Reactivate Joy by Self-teching with You


任何问题可先进入知识星球(免费)咨询:
FAQ

关注公众号, 持续获得相关各种咨询:
mainium


追问

任何问题, 随时邮件提问可也:
askdama@googlegroups.com