Mastodawn

[파이썬 공급망 보안을 위한 심층 방어(Defense in Depth) 구현 가이드

파이썬 공급망 보안을 위한 심층 방어 전략을 제시하는 가이드. Ruff의 Bandit 규칙을 활용한 정적 취약점 차단, 암호학적 해시 기반 의존성 고정, CI 환경에서의 pip-audit 및 SBOM 생성, OIDC 기반 Trusted Publishing, 신규 패키지 지연 도입(Delayed Ingestion) 등을 권장한다.

https://news.hada.io/topic?id=27441

#python #supplychain #security #ruff #bandit

파이썬 공급망 보안을 위한 심층 방어(Defense in Depth) 구현 가이드

<p><strong>핵심 요약</strong><br /> 파이썬 패키지 생태계를 겨냥한 공급망 공격에 대응하기 위해 단일 통제에 의존하지 않는 다계층 방어 전략...

GeekNews

AlinaHagen 🌊🎨📸Mar 5

#PalacesAndGardens #FashionThroughTime This woman was weaving lace at a Renaissance festival, and I was so taken with her clothes, hat and work. #EastCoastKin #RenaissanceClothing #Lace #Ruff

Timo Frühwirth Mar 5

Great thing about being new to a job is there's always something new. 🤷‍♂️
Yesterday, it was #tqdm and #Ruff.

#python #rse #dh

Python Bytes Feb 25

🎙️ Python Bytes 470: A Jolting Episode
with @mkennedy and @brianokken
https://pythonbytes.fm/470
#Python #Jolt #Ruff #Testing #GitHubActions

A Jolting Episode

News and announcements from the Python community for the week of Feb 23rd, 2026

Timothée Mazzucotelli

Feb 20

When installing dependencies, formatting code, linting it, type-checking it, and building docs with #Poetry or #PDM, #Black, #Flake8, #Mypy and #MkDocs would previously take from 2min to several more, it now takes less than 15 seconds for the whole thing, thanks to #uv, #Ruff, #ty and #Zensical.

This is for 5 #Python versions (3.10 to 3.15).

The DX got much better 🥰

Ellie Feb 14

Everything https://astral.sh/ makes is so flippin' fast. And has fantastic UX. Utterly bonkers.

#uv #ruff #ty #python

Astral: High-performance Python tooling

Astral builds high-performance developer tools for the Python ecosystem: Ruff, ty, and uv, an extremely fast Python package manager, written in Rust.

Stu Bacon Feb 13

A Ruff bathing at Pensthorpe, August 2025.

#Bird #Birding #Nature #Wildlife #Photography #BirdPhotography #NaturePhotography #WildlifePhotography #Darktable #UKWildlife #BirdScrolling #BirdsOfMastodon #UK #Norfolk #Pensthorpe #Aviary #Ruff

Show thread

frague59 ⏚Feb 12

@caten #Linux comes with #CPython - #Rust is not a requirement to use #python at all - Just Rust-programmed tools provide some candy for #python developpers, aka. #uv, #ruff...

Habr Feb 5

Статанализ — must-have для проектов с Codex/ClaudeCode

На днях у Кирилла Мокевнина вышел пост про то, как он разлюбил динамическую типизацию. Мысль понятная: на больших кодовых базах отсутствие типов начинает дорого стоить. Хочу дополнить аргументом, который в 2026 году уже стал прям must-have: статанализ и типы — это лучший self-check для AI-агента . Современные агенты для разработки (Claude Code на Opus 4.5 и ChatGPT Codex 5.2 High) хорошо пишут код. Ошибок уровня «переменная не объявлена», «импорт забыл», «опечатка в имени метода» по сути уже почти нет. Основные промахи чаще про другое:

https://habr.com/ru/articles/993004/

#статистический_анализ #статический_анализ_кода #ruff #phpstan #phpcsfixer #php #python #go #codex #claude_code