Python
123 posts
Decoding Library Updates: Understanding Semantic Versioning (SemVer)
Guide to Semantic Versioning (SemVer) for Python library authors. Understand MAJOR.MINOR.PATCH rules to communicate changes and manage dependencies.
Dependency Security: Managing Vulnerabilities with pip-audit
Your library relies on packages. Learn how to use pip-audit to scan your dependencies for known security vulnerabilities and keep your users safe.
The Center of Your Python Project: Understanding pyproject.toml
From setup.py chaos to pyproject.toml clarity. Learn why it exists, how it standardizes Python packaging/tool config via PEPs (518, 517, 621), and its anatomy.
Bandit Security Rules: Finding Common Python Security Issues
Learn how to use Ruff's Bandit integration to automatically scan your Python code for common security pitfalls through static analysis.
Don't Forget the Fine Print: Licensing Your Python Library
Choosing an open-source license is crucial. Understand common options (MIT, Apache, GPL), why compatibility matters, and how to comply with obligations.
Building and Engaging a Community Around Your Open Source Library
Attract users, encourage contributions, and build a welcoming environment for your open source library. Learn practical steps for community engagement.
The Library Author's Dilemma: Managing Python Dependencies
Python library dependency management balances features vs user pain. Explore best practices for choosing, versioning (~= compatible release), and maintenance.
Avoiding Common Pitfalls: Injection Flaws in Python Libraries
Injection flaws aren't just for web apps. See how SQL & command injection affect Python libraries via input handling, and learn crucial prevention techniques.
The Art of Saying No: Defining Your Python Library's Scope
Why keeping your Python library focused is harder than it looks, and how saying 'no' can be your most powerful design tool.
From Weekend Hack to Core Tool: The category_encoders Journey
Explore category_encoders' journey from a weekend Python experiment to a widely used data science library, now part of scikit-learn-contrib.