Library
25 posts
Will It Blend? Testing Across Environments with Tox
Works on your machine? Great, but what about Python 3.9 or 3.12? Tox ensures library compatibility across different Python versions and dependency sets easily.
Are Your Tests Enough? Measuring Coverage with Coverage.py
Writing tests is step one. Step two is knowing what parts of your library code those tests actually exercise. Enter Coverage.py.
Why Your Library Needs Pytest (And How to Get Started)
Testing is vital for Python libraries. Explore why it''s crucial and how Pytest simplifies writing powerful tests with less boilerplate and better assertions.
Secure Coding Practices for Python Library Developers
Beyond tools, what principles guide secure Python library development? Explore essential practices: input validation, least privilege, error handling, and more.
Guide: Developing High-Quality Python Libraries
A comprehensive guide covering the essential aspects of creating robust, maintainable, and user-friendly Python libraries.
Handling Sensitive Data Securely Within Your Python Library
Handle sensitive data in Python libraries securely. Learn best practices for managing API keys, passwords, PII, and other secrets without exposing them in code.
Decoding Library Updates: Understanding Semantic Versioning (SemVer)
Guide to Semantic Versioning (SemVer) for Python library authors. Understand MAJOR.MINOR.PATCH rules to communicate changes and manage dependencies.
Dependency Security: Managing Vulnerabilities with pip-audit
Your library relies on packages. Learn how to use pip-audit to scan your dependencies for known security vulnerabilities and keep your users safe.
The Center of Your Python Project: Understanding pyproject.toml
From setup.py chaos to pyproject.toml clarity. Learn why it exists, how it standardizes Python packaging/tool config via PEPs (518, 517, 621), and its anatomy.
Bandit Security Rules: Finding Common Python Security Issues
Learn how to use Ruff's Bandit integration to automatically scan your Python code for common security pitfalls through static analysis.