A couple of weeks ago at the amazing-beyond-belief PyCon 2013,
David Stanek and I presented a half-day tutorial.
We used a deliberately-vulnerable web application to walk our students through
the OWASP Top 10, giving them hands-on experience exploiting these
problems and offering advice on how to mitigate them.
While we had concerns about the amount of material and the time available, not
to mention the size of the class--we had about 80 people show up!--it seemed to
go well, and we got a lot of positive feedback both during the tutorial itself
and throughout the rest of the conference. One attendee even told us that
thanks to our class, he'd fixed a security problem over lunch immediately after
the tutorial! It was immensely satisfying to hear that we'd been able to
catalyze some actual improvement in the world.
If the official feedback is good enough, we may look to run this again in the
future, whether at smaller venues like PyOhio or next spring at PyCon 2014.
You can clone down the tutorial app if you'd like to follow along with
the slides.
I had the honor of working with Mike Crute and David Stanek
to produce and deliver an all-day tutorial session at CodeMash 2013,
where we got folks up to speed on Python and then ran them through a series of
iterative exercises as we built a small Django site together.
We promised slides, and though we took a bit of a break to celebrate and then
enjoy the conference, I wanted to make sure we didn't wait too long before
making them available. Hopefully they will be a useful reference in spite of
their lack of the interactivity inherent in a live tutorial session.
I think it's safe to say we had a great time presenting at and attending
CodeMash and are looking forward to continuing to make sure Python is
represented there.
Five years after creating a logo for it, I finally managed to attend
PyOhio, an awesome and free community conference in
Columbus, Ohio. It was a treat to catch up with friends from PyCon as well as
meet lots of new people, and I'm really excited to see how PyOhio has grown over
the years--it's now almost as big as PyCon was when I first started attending
it. From great talks to a fun hallway track, sprinting, and socializing, it's
clear that there's something great going on here, and I'm really excited to
return.
While Twittering in jest over the frequency of
Requests' releases,
Jeff Forcierinspired me
to wonder if you could do the software equivalent of the photography
365 projects
that seem to be all the rage this year. I started probing around at the edges
of the idea, and it seemed like it could actually be an interesting challenge.
The closest thing I could find (which Jeff pointed me to) is
Calendar About Nothing, which tracks your
public GitHub commits and gives you a lovely red X for each day you push up
something that's available to the public. That's really cool, but it's also
pretty easy to just be a weasel and rack up an epic streak by twiddling one's
dotfiles back and forth every day. You could script it.
So what would a "code 365" look like? Extrapolating from photography, I would
say that it's basically:
Write something unique every day -- as humble or as wild and involved as
you like, but something new every day. You wouldn't just publish small
tweaks to a photo to get extra days of a photography 365, so once your daily
code is released, it's done. And while you might be inspired to emulate
great photographers or programmers who came before you--and that's
okay--it's not okay to just grab somebody else's FOSS and claim it as your
own. The challenge is for you to produce something new. (I'm willing to
make an exception for "Hello World" entries, especially if they're on day 1,
because it's the sort of thing I would do.)
Any language you want -- just as a photographic 365 invites you to try
different tools, techniques, and subjects, if you're brave enough to do a
code 365, why not experiment with different languages, programming
paradigms, and platforms? We often talk a good, smug game about the value
of polyglot programmers, but why not prove it to yourself?
Release it -- push it up to GitHub or whatever your preferred platform is;
get it out there where we can see it and admire your foolhardy audacity.
I guess the next question is... Who would be crazy enough to do one of these?
People like Corey Haines or
Gary Bernhardt come to mind.
I bet Kenneth Reitz could do it, but then we'd miss
out on updates to the ten million other things of his that are increasingly hard
to do without.
I'd be tempted to do it--what's good for the goose is good for the gander,
right?--but I'm definitely not willing to consider in 2012. I think one 365
project is more than enough!
What do you think? Is this silly? Or could this Be A Thing?
I promised I'd post the slides from my CodeMash talk, "A
Few of My Favorite (Python) Things", and lo and behold, I have!
I seem to like a lot of dead things--web frameworks like Pylons and apparently
the entire genre of Python podcasts (only one of the cited ones is apparently
still alive... I should do something about that).
On Friday I ran across this modest
proposal
to make the output of Python's unittest2 more closely resemble the emotional
state of the tester when there are a lot of failing unit tests. Once my
coworkers were done asking if I was all right, or if they should be worried
about the cackling and giggles coming from my cube, I resolved to make this
dream a reality.
My workplace has settled on the
nose testing framework. Like
other frameworks, nose offers a plugin architecture to allow all kinds of
additional customization and tweaks, and since I had never written one before,
it seemed like this might be a good opportunity to give it a try. I found the
plugin development docs
to be a little too terse and not terribly n00b-friendly, but over the course of
a couple of hours I was able to cobble something together. (I mostly ended up
cheating off of Kumar McMillan's
nose-nicedots, which got me over
the hurdle of realizing I needed my own flavor of TestResult to make sure I got
the usual stack trace output while still emitting the F's and U's correctly.)
It basically goes like this:
$ nosetests --with-f7u12
.......FFFFFFFFUUUUUUUUUUUUUUUU..U..U..U..U..U..U.
======================================================================
FAIL: test_f7u12.TestGeneratesLotsOfFailures.test_generates_failures(7,)
----------------------------------------------------------------------
Traceback (most recent call last):
File
"/Users/mpirnat/Documents/code/python/nose-f7u12/lib/python2.7/site-packages/nose-1.1.2-py2.7.egg/nose/case.py",
line 197, in runTest
self.test(*self.arg)
File
"/Users/mpirnat/Documents/code/python/nose-f7u12/src/examples/test_f7u12.py",
line 15, in _make_a_test
assert False
AssertionError
< lots more test failure output; use your imagination... >
Ran 50 tests in 0.021s
FAILED (errors=30)
After some wrangling with PyPI (which could also
be a lot friendlier to a packaging n00b--big thanks to Michael Foord for helping
set me straight), it should be
easy_install-able, or you can
grab the source from Github (patches
welcome!). And if you prefer pytest over nose,
it looks like they've got a plugin too.
It's a tremendously silly thing, but it brought me some joy; I hope it can
brighten your day too, or at least bring some comfort and commiseration to your
test failure rage.
I had meant to write this when Steve Jobs announced his departure from
day-to-day operations at Apple, but life, as it tends to, intervened, and I
never quite found the time. Now that he's gone, I'm compelled to get this out
while it's still fresh in my mind.
I learned about Steve's passing on my iPhone.
Music is an integral part of my life, for years before and after my time as a
radio DJ, and it's a large part of how I process the emotional ebb and flow of
my life. After I put my phone down, I picked up my iPad, fired up the Remote
app, and in seconds I had Lisa Gerrard and Patrick Cassidy's Immortal Memory
going on the AppleTV, while a smart album of my favorite photos--of my wife, of
my daughter, of vacations and adventures--scrolled by.
I felt the urgent need to type, reached into my backpack, and drew forth my
trusty unibody MacBook, felt the familiar keys under my fingertips, activated
the Python virtualenv that houses my writing, fired up vim.
It's worth a moment of pause to realize that in a matter of minutes, I've had a
personal interaction with four devices that wouldn't have been without Steve's
vision of personal computing. Reflecting on these magical, science-fictional
devices--I still maintain that the iPhone plus Wikipedia is the Hitchhiker's
Guide to the Galaxy made real--I am dumbstruck with the realization that I
don't just owe Steve my thanks for my favorite shiny toys.
I literally owe him everything.
Once upon a time, my parents bought an Apple II+. Must have been about 1981.
That wonderful machine, connected first to a fairly awful '70s TV, was my
introduction to computing. We played games on it at first; my parents and I
took turns reading aloud from the text output of Zork and all the other great
Infocom games, to which I credit my precociously early literacy, my goofy
vocabulary, and my love of puns and puzzles. Then I discovered BASIC, and the
die was cast. I loved typing in programs from magazine code listings, seeing
what they did and how they worked, and even more fell in love with writing my
own programs. From that moment, the die was cast--while I excelled in many
subjects in school, I was always happiest when tinkering with computers.
Over the years, the Apple II+ gave way to the IIe, and eventually to a long
series of Macintoshes. I got into BBSes, and that eventually got me into a
(ahem) borrowed VAX account at the local college, where the natural outlet for
my text adventuring was playing MUDs, which I turned into class credit by
landing an independent study project on writing code for MUDs. When it was time
to pick a college, I knew that I was looking for a computer science program. A
long-distance friend that I kept in touch with via VargonMUD got me introduced
to Case Western.
Case got me to leave southwest Colorado, arguably the most beautiful place on
earth, for Cleveland, Ohio. Not only did I survive the grueling computer
engineering curriculum, but I came out on the other side with a job at IBM and a
fiancée.
The IBM travel schedule and its impact on my personal life drove me into the
arms of American Greetings and its spunky internet startup, AG.com, just as the
first bubble was beginning to burst. We had some rough years on the road to
profitability, but I hunkered down, got stuff done, and thankfully held onto my
job, where I became increasingly enamored with our primary language, Python.
Python's "it fits your brain" feels a lot to me like Apple's "it Just Works",
and I see easy parallels between Apple's design aesthetics and Python's Zen. Is
it any wonder that the number of Macs at PyCon has exploded over the past five
or six years? Working with Python led me to helping David Stanek start up a
local user group, and then to attending PyCon, which in turn brought me to
speaking and volunteering at PyCon, which have been some of the most satisfying
experiences of my life thus far. Moreover, PyCon is responsible for getting me
serious about quality and craftsmanship, and has rewarded my risk-taking with
friendships, self-confidence, and composure under pressure.
Thanks in part to this earnest desire to grow in my craft, the growth from my
speaking experiences, and that Infocom-kindled love for tinkering with a puzzle
until solved, I've come to a pretty awesome place in my career--basically I go
where I'm needed most, to get hard things done, to shake things up, to band
people together, to transform, to raise the bar. On good days, it feels
like being Doctor Who in a Kurosawa movie, all flashing swords and sonic
screwdrivers and the triumph of intellect and romance over brute force and
cynicism. It definitely never gets boring--I'm coming up on twelve years at
AG, and in some ways I feel like I'm just getting started.
And on the home front? Things have been good; house, cars, cats, good food,
great travel adventures, some of the best friends I could ever ask for.
Liz and I have been married for almost eleven years.
Our daughter is four and already enchanted by computers and iPads.
Her entire concept of what a telephone is will be rooted not in rotary
dials and POTS but in a kind of mobile computing that was science fiction
when I was a kid. She may not remember it, but I used to read
Learning Python to her as a baby, and I've got the photos on my AppleTV
to prove it to her. But that's not what's really amazing about her--it's
that she's been so instrumental in overcoming the depression that plagued my
20s; she blew into my life like a fresh breeze and swept away so much garbage.
Sure, parenting hasn't been easy, but when I stop to take a breath, I'm struck
by how much better I've become for the experience.
Education, career, friends, family, community--literally my entire world--all
because of that Apple II and Steve's vision. Surely in some alternate,
Steveless universe, similar patterns might have emerged, but this one,
these friends, this path, this wife, this child, I can trace
very clearly to his influence.
Words seem useless to express my gratitude for the profound effect Steve has had
on my life. My sadness that this titan is gone. My regret that we'll never
know what other transformations he would have brought to the world.
So, how then to cope with this sudden absence, the sinking of the rock that has
so rippled the waters of my life? My inner child will hold to the illusion that
Steve's gone to the same tropical island paradise as Jim Henson, Isaac Asimov,
Richard Feynman, and Carl Sagan. My outer adult will try, even if it's only
in small ways, to make the world a better place, to touch the lives of those
around me, to encourage them to grow, to become, and to help them in turn shape
the lives of others. And hopefully that will be all right.
About two weeks ago, Jesse Noller was soliciting favorite
PyCon memories. I started jotting down a
few, then suddenly realized I had written quite a bit more than I'd expected,
so I'm turning it into that rarest of creatures in my online life, a
full-blown blog post! In more or less chronological order (I make no
guarantees about wibbley-wobbly, timey-wimeyness that may occur), here are
just a sampling of my favorite memories of PyCon.
PyCon 2005 was the first time in my career that I'd been able to
attend a developer conference, and it was on the flight back that I
realized that Python might in fact be my programming language soul
mate. I'm pretty sure Alex Martelli's epic two-part talk grew my brain
by a size or two.
A convention of vacuum salesmen loudly occupied the main convention
space while I sprinted with the TurboGears folks in 2006. I still
kind of wish we'd crashed the "Vacuum Assassination" breakout session
to see what it was.
I had a fun evening of dinner and drinks that year with a gaggle of
Python folks: Mark Ramm, Kevin Dangoor, Dave Stanek, Bill Zingler, Ian Bicking,
Jacob Kaplan-Moss... We all got a good laugh at the guy who parked his
BMW underneath a veritable rainstorm of incontinent birds. Alas, we
never did carry out our plans to streak at a Ruby conference.
I had breakfast with Ned Batchelder outside the main hall the morning
of my Dateutil talk(2007?).
He was so very gracious and welcoming that I was able to put aside my
anxiety about my upcoming talk; the experience has really inspired me
to be more social at PyCon and to make a point of meeting the people
that I regularly read and admire on the Planet Python
feed.
I brought my DSLR to PyCon 2008 and shot a lot of
photos,
a number of which ended up being incorporated into the banner montage on
the PyCon website. I think about six or seven of the images on the PyCon blog
banner (before the recent redesign) were mine, and it made me smile every time
I saw them there. (I was actually in the banner for a couple of years, which
felt kind of awesome.) It's nice to know that even if you aren't hacking on the
standard library, or working on other well-known Python packages, you can still
make meaningful contributions to the Python community in a host of other ways.
Tarek Ziade gave me a one-on-one tour of his
Atomisator over lunch at
PyCon in 2009, and then we talked about life and family and French wine...
I felt very fortunate to have been given an hour of his time. His
generosity and openness were truly inspiring.
Speaking at the TiP BoF in 2010... I didn't have my laptop with, so I
didn't have any slides to add Testing Goat pictures to (long story).
I invited Gary Bernhardt to portray a goat, and to my amazement, and to the
significant amusement of all present, he did. I love the good-natured sense of
humor that pervades the community.
At the 2011 TiP BoF, I showed off an extremely evil use of
Mock to
work around horrible legacy code, and it earned me a personal
reprimand from Titus Brown (another of my Python heroes). I'm not
sure if the ire was sincere or just extremely droll, but either
way--achievement unlocked: scolded by someone whose work I admire!
Formally launching my hobby site How Old Is My Kid
at the 2011 lightning talks--in front of an appreciative crowd of over a
thousand Pythonistas--was definitely one of the top thrills of my life.
I've given three formal talks at PyCon (2006, 2007, 2011), and each of
them has been an increasingly wonderful experience, but the stand-out
has to be my 2011 talk. I'd been stressing about it for months, and,
more worried than I'd ever been about any of my previous talks,
tinkered on the presentation right down to the last minutes before I
went on stage. Everything clicked, the audience got it--laughing and
wincing at all the right places!--and the only thing more amazing than
the love and appreciation from the crowd was the bizarre sensation of
my phone, set on vibrate so that it wouldn't accidentally make any noises
to distract me, and placed in my pants pocket, going crazy with Twitter
notifications while I spoke, and for hours thereafter. Keeping my composure
while my pocket was vibrating uncontrollably was harder than giving my talk!
Taping down power strips before the 2011 tutorials led to meeting new
friends, catching up with others, a delightful dinner and conversation
with Guido and the inner cadre of PyCon organizers... but most
importantly to a feeling of pride throughout the conference--PyCon was
part mine in a real and tangible way.
The best thing about PyCon is the feeling, upon arrival, of being
home, of being with one's own kind. Forgotten memories come flooding back,
friendships are instantly renewed, new ones are quickly forged, and the whole
thing just feels right. At PyCon, we are all the "cool kids". And if we
put our minds to it, we can do anything.
After our May photowalk, I found that my
GPS tagger had missed a bunch of data points (probably due to all the buildings
and trees), so I got a copy of Dave Snyder's GPX track to use as an additional
reference. At first I was excited to see a really solid track, rich with data,
but was disappointed to see that it still wasn't helping--none of my photos were
lining up with where I knew they should be.
Then I looked at the times on the GPX track. That started four hours before
we'd started the walk.
It turns out that RunKeeper on Dave's Android phone emits timestamps that
claim to be UTC, but populates them with unconverted local times. In other
words--it lies.
I wrote a very quick and very, very dirty Python script to fix up all the
timestamps, and that did all right for the immediate job, but it seemed like it
might be useful for someone else out there, so I took some time this morning to
tidy it up and make it usable as a general utility.
Using it is pretty simple; this will adjust a GPX file by +4 hours and dump it
to stdout:
fix_gpx.py 4 bad_timestamps.gpx
Or perhaps we need to fix a bunch of files and want to overwrite them instead of
doing the stdout donce:
It can do negative offsets as well (in case our data points are east of UTC):
fix_gpx.py -o -- -1 east_but_still_bad.gpx
The code is up on github and I welcome
pull requests for improvements or things that I'm lazy about (I am profoundly
bored by packaging, so it's not PyPI-able yet).
Earlier today, David Stanek was grousing about
Convore and wondering why he needed "another place to look
for communications". I promised him an answer that couldn't fit into 140
characters, and this is it.
I was initially a skeptic as well and had more or less the same reaction. I've
got IRC and Jabber for chat rooms; I've got email lists and message boards for
slower-speed, more permanent discussions; and I've got Twitter for a real-time
firehose. Why do I need one more thing?
The answer, at least to me, is that Convore is a little bit of all of these
things, and it ends up being greater than the sum of its parts. After giving
Convore an open-minded try at PyCon, I found that it
was a really comfortable and natural fit as a back-channel for the event.
It's topical: Twitter is great at being a firehose of information, but it's
lousy for being able to subdivide that firehose into easily sippable streams.
At PyCon, Convore users created a topic for every talk within moments of it
starting, allowing commentary and discussion to stay relevant and focused.
It's persistent: Unlike IRC (which only persists in logs) and Twitter (which
only persists in the Library of Congress), the Convore discussions will stick
around and are easily discoverable (though admittedly some better search would
help here). A couple of the benefits--and I'm sure there are others--come
readily to mind:
As a conference speaker, I could go into the Convore discussion after my
talk and not only see what the back-channel had to say about it, I could answer
questions and interact with people who were interested in what I had to say.
I can come back to it much, much later. We're starting to show PyCon
videos at work during lunch, and we can use the Convore data
to help decide which talks were the most interesting or that are worth
prioritizing.
People who weren't able to attend can review the discussion and participate
after the fact. Maybe it means finding an interesting new project, or maybe it
means networking with other developers--it's there and it's available.
It's low-friction: I can log in via Twitter (so I don't have to create yet
another identity). I don't need a client to make it tolerable (even "New
Twitter" hasn't figured this out yet). It works great on my laptop, as well as
on the iPad (and presumably other tablets as well).
It's civil: If I were to star in a Ballmeresque dance
video about Convore,
the riff would be "civility, civility, civility, civility." At least in what I
saw at PyCon, the Convore discussions never got nasty or crossed too far over
any lines; even when the speaker from DropBox went way,
way over time on his keynote address, the back-channel didn't get nasty--and in
fact it eventually turned sympathetic (after all, how many times have you
delivered a keynote speech in front of 1400 people?). This was a very stark
contrast to the year that Ian Bicking put the #pycon
IRC channel up on the big screen and things got somewhat ugly.
I don't think that Convore replaces email lists. Those seem well-suited to
lengthy, back-and-forth discussion among the communities they represent. I
don't use it for trying to organize our
podcast (although there's an argument to be
made that it's an impossible task no matter what medium we use), and I wouldn't
use it for organizing a user group or conference.
I don't think that Convore replaces IRC or Jabber; sometimes I just want to
shoot the breeze or have a more ephemeral conversation.
I don't think that Convore replaces Twitter; Twitter's great at being a big,
asychronous party with all my favorite people in it. Sometimes I want to be
distracted by all the shiny toys that people find.
But as a conference back-channel, it was stellar, and I'm looking forward to
using it more in that context. Your mileage, of course, may vary.
