SystemD Contributor Harassed Over Optional Age Verification Field, Suggests Installer-Level Disabling
It’s FOSS interviewed a software engineer whose long-running open source contributions include Python code for the Arch Linux installer and maintaining packages for NixOS. But “a recent change he made to systemd has pushed him into the spotlight” after he’d added the optiona … ⌘ Read more

Popular LiteLLM PyPI Package Backdoored To Steal Credentials, Auth Tokens
joshuark shares a report from BleepingComputer: The TeamPCP hacking group continues its supply-chain rampage, now compromising the massively popular “LiteLLM” Python package on PyPI and claiming to have stolen data from hundreds of thousands of devices during the attack. LiteLLM is an open-source Python library that serves as a gat … ⌘ Read more

LLM-Driven Large Code Rewrites With Relicensing Are The Latest AI Concern
The newest open-source concern around AI that is seeing a lot of interest this weekend is when large language models / AI code generators may rewrite large parts of a codebase and then the “developers” claiming an alternative license incompatible with the original source license. This became a real concern this week with a popular Python project experiencing an AI-driven code rewrite and now published under an alternative license that … ⌘ Read more

AMD GAIA 0.16 Introduces C++17 Agent Framework For Building AI PC Agents In Pure C++
AMD’s GAIA open-source framework for building AI agents that run locally on Ryzen AI hardware via the Radeon iGPUs and/or NPUs is up to version 0.16. With this new GAIA release is support for developing AI agents purely in C++ with no longer needing to depend upon Python… ⌘ Read more

Python ‘Chardet’ Package Replaced With LLM-Generated Clone, Re-Licensed
Ancient Slashdot reader ewhac writes: The maintainers of the Python package `chardet`, which attempts to automatically detect the character encoding of a string, announced the release of version 7 this week, claiming a speedup factor of 43x over version 6. In the release notes, the maintainers claim that version 7 is, “a ground … ⌘ Read more

AMD Engineer Leverages AI To Help Make A Pure-Python AMD GPU User-Space Driver
AMD’s VP of AI Software, Anush Elangovan, has used Claude Code to help craft a pure-Python AMD GPU user-space driver. This Python user-space driver is currently being created to help exercise other ROCm code and for debugging in passing through the ROCm/HIP user-space stack… ⌘ Read more

Is AI Impacting Which Programming Language Projects Use?
“In August 2025, TypeScript surpassed both Python and JavaScript to become the most-used language on GitHub for the first time ever…” writes GitHub’s senior developer advocate.

They point to this as proof that “AI isn’t just speeding up coding. It’s reshaping which languages, frameworks, and tools developers choose in the first place.”

Eighty percent of … ⌘ Read more

How Python’s Security Response Team Keeps Python Users Safe
This week the Python Software Foundation explained how they keep Python secure. A new blog post recognizes the volunteers and paid Python Software Foundation staff on the Python Security Response Team (PSRT), who “triage and coordinate vulnerability reports and remediations keeping all Python users safe.”

Just last year the PSRT published 16 vulnerabi … ⌘ Read more

Fake Job Recruiters Hid Malware In Developer Coding Challenges
“A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers with cryptocurrency-related tasks,” reports the Register.

Researchers at software supply-chain security company ReversingLabs say that the threat actor creates fake companies in the blockchain and crypto-trading sectors and publ … ⌘ Read more

Autonomous AI Agent Apparently Tries to Blackmail Maintainer Who Rejected Its Code
“I’ve had an extremely weird few days…” writes commercial space entrepreneur/engineer Scott Shambaugh on LinkedIn. (He’s the volunteer maintainer for the Python visualization library Matplotlib, which he describes as “some of the most widely used software in the world” with 130 million downloads each month.) … ⌘ Read more

OpenIndiana Is Porting Solaris’ IPS Package Management To Rust
OpenIndiana as the open-source project built atop Illumos that is continuing to maintain and advance the former OpenSolaris code is working on a big ambitions of modernizing the Image Packaging System (IPS) package management solution. As part of that they are working to move from a C and Python codebase over to Rust… ⌘ Read more

Just importing data classes takes another 60 ms … This fancy new stuff is really costly.

Omg, Python. Parsing arguments with argparse takes 50 ms on my NUC, because this pulls in all kinds of fancy stuff behind the scenes, colorization and what not. 😮‍💨

AMD Making It Easier To Install vLLM For ROCm
Deploying vLLM for LLM inference and serving on NVIDIA hardware can be as easy as pip3 install vllm. Beautifully simple just as many of the AI/LLM Python libraries can deploy straight-away and typically “just work” on NVIDIA. Running vLLM atop AMD Radeon/Instinct hardware though has traditionally meant either compiling vLLM from source yourself or AMD’s recommended approach of using Docker containers that contain pre-built versions of vLLM. Finally there is now a blessed P … ⌘ Read more

Spent basically the entire day (except for the mandatory walk) fighting with Python’s type hints. But, the result is that my widget toolkit now passes mypy --strict.

I really, really don’t want to write larger pieces of software without static typing anymore. With dynamic typing, you must test every code path in your program to catch even the most basic errors. pylint helps a bit (doesn’t need type hints), but that’s really not enough.

Also, somewhere along the way, I picked up a very bad (Python) programming style. (Actually, I know exactly where I picked that up, but I don’t want to point the finger now.) This style makes heavy use of dicts and tuples instead of proper classes. That works for small scripts, but it very quickly turns into an absolute mess once the program grows. Prime example: jenny. 😩

I have a love-hate relationship with Python’s type hints, because they are meaningless at runtime, so they can be utterly misleading. I’m beginning to like them as an additional safety-net, though.

(But really, if correctness is the goal, you either need to invest a ton of time to get 100% test coverage – or don’t use Python.)

Yikes. https://adamj.eu/tech/2021/05/13/python-type-hints-how-to-fix-circular-imports/

Anthropic Invests $1.5 Million in the Python Software Foundation and Open Source Security
Python Software Foundation: We are thrilled to announce that Anthropic has entered into a two-year partnership with the Python Software Foundation (PSF) to contribute a landmark total of $1.5 million to support the foundation’s work, with an emphasis on Python ecosystem security. This investme … ⌘ Read more

@lyse@lyse.isobeef.org

Pep8 is deprecated, I think

Hmm, I don’t think it is, this still says “Status: Active”: https://peps.python.org/pep-0008/ 🤔

@movq@www.uninformativ.de @prologic@twtxt.net That’s what I like about Go, too. However, every now and then I really dislike the result, e.g. when removing spaces from a column layout. Doesn’t happen often, but when it does, I hate it.

I think I should have a look at Python formatters, too. Pep8 is deprecated, I think, it’s been some time that I looked at it.

Intel Releases Open3D 0.19 With Experimental Cross-Platform GPU Support Using SYCL
Not to be confused with the Open 3D game engine, Intel’s Intelligent Systems Lab Organization released Open3D 0.19 as the latest iteration of this open-source library for 3D data processing in Python and C++… ⌘ Read more

Since I used so much Rust during the holidays, I got totally used to rustfmt. I now use similar tools for Python (black and isort).

What have I been doing all these years?! I never want to format code manually again. 🤣😅

And now the event loop is not a simple loop around curses’ getch() anymore but it can wait for events on any file descriptor. Here’s a simple test program that waits for connections on a TCP socket, accepts it, reads a line, sends back a line:

https://movq.de/v/93fa46a030/vid-1767547942.mp4

And the scrollbar indicators are working now.

I’ll probably implement timer callbacks using timerfd (even though that’s Linux-only). 🤔

@movq@www.uninformativ.de Yeah, I see. Just crudely checked on my computer, with around 0.013 seconds, Python 2.7 seems a tad faster than Python 3.14’s 0.023 seconds in this little program.

The lazy imports sound not too bad, but I just skimmed over them. There are surprisingly many exceptions, but yeah, no way around them. :-)

The baseline here is about 55 ms for nothing, btw. Python ain’t fast to start up.

$ time python -c 'exit(0)'

real    0m0.055s
user    0m0.046s
sys     0m0.007s

@lyse@lyse.isobeef.org

I assume you made the thing load quickly, didn’t you?

That’s the problem with Python. If you have a couple of files to import, it will take time.

I want this to be reasonably fast on my old Intel NUC from 2016 (Celeron N3050 @ 1.60GHz) and I already notice that the program startup takes about 95 ms (or 125 ms when there are no .pyc files yet). That’s still fine, but it shows that I’ll have to be careful and keep this thing very small …

Python 3.14 will bring lazy imports, maybe that can help in some cases.

@prologic@twtxt.net No, that’s Python/curses on Linux. 😅

Well, you girls and guys are making cool things, and I have some progress to show as well. 😅

https://movq.de/v/c0408a80b1/movwin.mp4

Scrolling widgets appears to work now. This is (mostly) Unicode-aware: Note how emojis like “😅” are double-width “characters” and the widget system knows this. It doesn’t try to place a “😅” in a location where there’s only one cell available.

Same goes for that weird “ä” thingie, which is actually “a” followed by U+0308 (a combining diacritic). Python itself thinks of this as two “characters”, but they only occupy one cell on the screen. (Assuming your terminal supports this …)

This library does the heavy Unicode lifting: https://github.com/jquast/wcwidth (Take a look at its implementation to learn how horrible Unicode and human languages are.)

The program itself looks like this, it’s a proper widget hierarchy:

(There is no input handling yet, hence some things are hardwired for the moment.)

@movq@www.uninformativ.de Yeah. I had that in my Python implementation and was really missing that.

@lyse@lyse.isobeef.org I’m toying with the idea of making a widget/window system on top of Python’s ncurses. I’ve never really been happy with the existing ones (like urwid, textual, pytermgui, …). I mean, they’re not horrible, it’s mostly the performance that’s bugging me – I don’t want to wait an entire second for a terminal program to start up.

Not sure if I’ll actually see it through, though. Unicode makes this kind of thing extremely hard. 🫤

What Might Adding Emojis and Pictures To Text Programming Languages Look Like?
theodp writes: We all mix pictures, emojis, and text freely in our communications. So why not in our code? That’s the premise of “Fun With Python and Emoji: What Might Adding Pictures to Text Programming Languages Look Like?” (two-image Bluesky explainer; full slides), which takes a look at what mixing emoji with … ⌘ Read more

I was spared the use of chatmail relay Python thing for Delta Chat, and rightfully enough, my mail server is confused

Gemini AI Yielding Sloppy Code For Ubuntu Development With New Helper Script
A few weeks ago it was mentioned by a Canonical engineer how trying to use AI to modernize the Ubuntu Error Tracker yielded some code that was “plain wrong” and other issues raised by that Microsoft GitHub Copilot code. The same Ubuntu developer shifted to trying Gemini AI to generate a helper script to assist in Ubuntu’s monthly ISO snapshot releases. Google’s Gemini AI also generated some sloppy code for a Python script to assist in tho … ⌘ Read more

@kiwu@twtxt.net Assembly is usually the most low-level programming language that you can get. Typical programming languages like Python or Go are a thick layer of abstraction over what the CPU actually does, but with Assembler you get to see it all and you get full control. (With lots of caveats and footnotes. 😅)

I’m interested in the boot process, i.e. what exactly happens when you turn on your computer. In that area, using Assembler is a must, because you really need that fine-grained control here.

MI6 Chief: We’ll Be as Fluent in Python As We Are in Russian
The new chief of Britain’s Secret Intelligence Service told officers this week that they must become as fluent in programming languages like Python as they are in foreign languages like Russian as the spy agency adapts to what she described as a space between peace and war. Blaise Metreweli, MI6’s first female chief and previously the service’s direc … ⌘ Read more

I finished all 12 days of Advent of Code 2025! #AdventOfCode https://adventofcode.com — did it in my own language, mu (Go/Python-ish, dynamic, int/bool/string, no floats/bitwise). Found a VM bug, fixed it, and the self-hosted mu compiler/VM (written in mu, host in Go) carried me through. 🥳

I just completed “Printing Department” - Day 4 - Advent of Code 2025 #AdventOfCode https://adventofcode.com/2025/day/4 – Again, I’m doing this in mu, a Go(ish) / Python(ish) dynamic langugage that I had to design and build first which has very few builtins and only a handful of types (ints, no flots). 🤣

I just completed “Lobby” - Day 3 - Advent of Code 2025 #AdventOfCode https://adventofcode.com/2025/day/3 – Again, I’m doing this in mu, a Go(ish) / Python(ish) dynamic langugage that I had to design and build first which has very few builtins and only a handful of types (ints, no flots). 🤣

Ahh that’s because I forgot to call main() at the end of the source file. mu is a bit of a dynamic programming language, mix of Go(ish) and Python(ish).

$ ./bin/mu examples/aoc2025/day1.mu 
Execution failed: undefined variable readline

Alright, Advent of Code is over:

https://www.uninformativ.de/blog/postings/2025-12-12/0/POSTING-en.html

It’s been quite the time sink, especially with the DOS games on top, but it was fun. 🥳

In case you’re wondering: All puzzles (except for part 2 of day 10) were doable in Python 1 on SuSE Linux 6.4 and ran in a finite time on the Pentium 133. Puzzle 10/2 might have been doable as well if I had better education. 🤣

FWIW, day 03 and day 04 where solved on SuSE Linux 6.4:

Performance really is an issue. Anything is fast on a modern machine with modern Python. But that old stuff, oof, it takes a while … 😅

Should have used C or Java. 🤪 Well, maybe I do have to fall back on that for later puzzles. We’ll see.

Day 2 was pretty tough on my old hardware. Part 1 originally took 16 minutes, then I got it down to 9 seconds – only to realize later that my solution abused some properties of my particular input. A correct solution will probably take about 30 seconds. 🫤

Part 2 took 29 minutes this morning. I wrote an optimized version but haven’t tested it yet. I hope it’ll be under a minute.

Python 1 feels really slow, even compared to Java 1. And these first puzzles weren’t even computationally intensive. We’ll see how far I’ll make it …

Thinking about doing Advent of Code in my own tiny language mu this year.

mu is:

• Dynamically typed
  
• Lexically scoped with closures
  
• Has a Go-like curly-brace syntax
  
• Built around lists, maps, and first-class functions
  

Key syntax:

• Functions use fn and braces:
  

fn add(a, b) {
    return a + b
}

• Variables use := for declaration and = for assignment:
  

x := 10
x = x + 1

• Control flow includes if / else and while:
  

if x > 5 {
    println("big")
} else {
    println("small")
}

while x < 10 {
    x = x + 1
}

• Lists and maps:
  

nums := [1, 2, 3]
nums[1] = 42

ages := {"alice": 30, "bob": 25}
ages["bob"] = ages["bob"] + 1

Supported types:

• int
  
• bool
  
• string
  
• list
  
• map
  
• fn
  
• nil
  

mu feels like a tiny little Go-ish, Python-ish language — curious to see how far I can get with it for Advent of Code this year. 🎄

Advent of Code 2025 starts tomorrow. 🥳🎄

This year, I’m going to use Python 1 on SuSE Linux 6.4, writing the code on my trusty old Pentium 133 with its 64 MB of RAM. No idea if that old version of Python will be fast enough for later puzzles. We’ll see.

Solus Linux 4.8 Released With Python 2 Finally Removed, Abandons Solus Software Center
In addition to the releases today of updated Endeavour OS and CachyOS, Solus 4.8 is out as the latest version of another desktop Linux distribution popular with enthusiasts… ⌘ Read more

All my newly added test cases failed, that movq thankfully provided in https://git.mills.io/yarnsocial/twtxt.dev/pulls/28#issuecomment-20801 for the draft of the twt hash v2 extension. The first error was easy to see in the diff. The hashes were way too long. You’ve already guessed it, I had cut the hash from the twelfth character towards the end instead of taking the first twelve characters: hash[12:] instead of hash[:12].

After fixing this rookie mistake, the tests still all failed. Hmmm. Did I still cut the wrong twelve characters? :-? I even checked the Go reference implementation in the document itself. But it read basically the same as mine. Strange, what the heck is going on here?

Turns out that my vim replacements to transform the Python code into Go code butchered all the URLs. ;-) The order of operations matters. I first replaced the equals with colons for the subtest struct fields and then wanted to transform the RFC 3339 timestamp strings to time.Date(…) calls. So, I replaced the colons in the time with commas and spaces. Hence, my URLs then also all read https, //example.com/twtxt.txt.

But that was it. All test green. \o/

Python Developers Looking At Introducing The Rust Programming Language In CPython
A proposal has been raised by two CPython core developers to introduce the Rust programming language to CPython. Initially the focus is on allowing Rust to be used for developing optional extension modules for CPython but ultimately their goal is for Rust to become a hard dependency of CPython and used throughout its codebase… ⌘ Read more

@movq@www.uninformativ.de I think I now remember having similar problems back then. I’m pretty sure I typically consulted the Qt C++ documentation and only very rarely looked at the Python one. It was easy enough to translate the C++ code to Python.

Yeah, the GIL can be problematic at times. I’m glad it wasn’t an issue for my application.

FTR, I see one (two) issues with PyQt6, sadly:

1. The PyQt6 docs appear to be mostly auto-generated from the C++ docs. And they contain many errors or broken examples (due to the auto-conversion). I found this relatively unpleasent to work with.
   
2. (Until Python finally gets rid of the Global Interpreter Lock properly, it’s not really suited for GUI programs anyway – in my opinion. You can’t offload anything to a second thread, because the whole program is still single-threaded. This would have made my fractal rendering program impossible, for example.)

Could C# Overtake Java in TIOBE’s Programming Language Popularity Rankings?
It’s been trying to measure the popularity of programming languages since 2000 using metrics like the number of engineers, courses, and third-party vendors. And “The November 2025 TIOBE Index brings another twist below Python’s familiar lead,” writes TechRepublic. “C solidifies its position as runner-up, C++ and Java lose … ⌘ Read more

A Python function I use to build project files from my Ultisnips snippets ⌘ Read more