• LLM Catcher


• On PyPI Quarantine process


• RESPX


• Unpacking kwargs with custom objects


• Extras


• Joke

About the show

Sponsored by us! Support our work through:

• Our courses at Talk Python Training


• The Complete pytest Course


• Patreon Supporters

Connect with the hosts

• Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)


• Brian: @brianokken@fosstodon.org / @brianokken.bsky.social


• Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)

Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.

Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Michael #1: LLM Catcher

• via Pat Decker


• Large language model diagnostics for python applications and FastAPI applications .


• Features
  
  
  
  • Exception diagnosis using LLMs (Ollama or OpenAI)
  
  
  • Support for local LLMs through Ollama
  
  
  • OpenAI integration for cloud-based models
  
  
  • Multiple error handling approaches:
    
    
    
    • Function decorators for automatic diagnosis
    
    
    • Try/except blocks for manual control
    
    
    • Global exception handler for unhandled errors from imported modules
    
    
  
  
  • Both synchronous and asynchronous APIs
  
  
  • Flexible configuration through environment variables or config file
  
  

Brian #2: On PyPI Quarantine process

• Mike Fiedler


• Project Lifecycle Status - Quarantine in his "Safety & Security Engineer: First Year in Review post”


• Some more info now in Project Quarantine


• Reports of malware in a project kick things off


• Admins can now place a project in quarantine, allowing it to be unavailable for install, but still around for analysis.


• New process allows for packages to go back to normal if the report is false.


• However
  
  
  
  • Since August, the Quarantine feature has been in use, with PyPI Admins marking ~140 reported projects as Quarantined.
  
  
  • Of these, only a single project has exited Quarantine, others have been removed.
  
  

Michael #3: RESPX

• Mock HTTPX with awesome request patterns and response side effects


• A simple, yet powerful, utility for mocking out the HTTPX, and HTTP Core, libraries.


• Start by patching HTTPX, using respx.mock, then add request routes to mock responses.


• For a neater pytest experience, RESPX includes a respx_mock fixture

Brian #4: Unpacking kwargs with custom objects

• Rodrigo


• A class needs to have
  
  
  
  • a keys() method that returns an iterable.
  
  
  • a __getitem__() method for lookup
  
  


• Then double splat ** works on objects of that type.

Extras

Brian:

• A surprising thing about PyPI's BigQuery data - Hugovk
  
  
  
  • Top PyPI Packages (and therefore also Top pytest Plugins) uses a BigQuery dataset
  
  
  • Has grabbed 30-day data of 4,000, then 5,000, then 8,000 packages.
  
  
  • Turns out 531,022 packages (amount returned when limit set to a million) is the same cost.
  
  
  • So…. hoping future updates to these “Top …” pages will have way more data.
  
  


• Also, was planning on recording a Test & Code episode on pytest-cov today, but haven’t yet. Hopefully at least a couple of new episodes this week.


• Finally updated pythontest.com with BlueSky links on home page and contact page.

Michael:

• Follow up from Owen (uv-secure):
  
  
  
  • Thanks for the multiple shout outs! uv-secure just uses the PyPi json API at present to query package vulnerabilities (same as default source for pip audit). I do smash it asynchronously for all dependencies at once... but it still takes a few seconds.
  
  

Joke: Bugs hide from the light!