Development
38 posts
Dependency Security: Managing Vulnerabilities with pip-audit
Your library relies on packages. Learn how to use pip-audit to scan your dependencies for known security vulnerabilities and keep your users safe.
The Center of Your Python Project: Understanding pyproject.toml
From setup.py chaos to pyproject.toml clarity. Learn why it exists, how it standardizes Python packaging/tool config via PEPs (518, 517, 621), and its anatomy.
Bandit Security Rules: Finding Common Python Security Issues
Learn how to use Ruff's Bandit integration to automatically scan your Python code for common security pitfalls through static analysis.
Don't Forget the Fine Print: Licensing Your Python Library
Choosing an open-source license is crucial. Understand common options (MIT, Apache, GPL), why compatibility matters, and how to comply with obligations.
Building and Engaging a Community Around Your Open Source Library
Attract users, encourage contributions, and build a welcoming environment for your open source library. Learn practical steps for community engagement.
The Library Author's Dilemma: Managing Python Dependencies
Python library dependency management balances features vs user pain. Explore best practices for choosing, versioning (~= compatible release), and maintenance.
Avoiding Common Pitfalls: Injection Flaws in Python Libraries
Injection flaws aren't just for web apps. See how SQL & command injection affect Python libraries via input handling, and learn crucial prevention techniques.
The Art of Saying No: Defining Your Python Library's Scope
Why keeping your Python library focused is harder than it looks, and how saying 'no' can be your most powerful design tool.