A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Real Python에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Real Python 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
The Real Python Podcast와 비슷한 콘텐츠
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
It takes more than great code to be a great engineer. Soft Skills Engineering is a weekly advice podcast for software developers about the non-technical stuff that goes into being a great software developer.
…
continue reading
1
The Ticket: Discover the Future of Customer Service, Support, and Experience, with Intercom
Intercom
1k
474
On The Ticket, you'll hear Intercom's Customer Support team in conversation with the customer service leaders, renowned customer experience thinkers, and influential authors who are shaping the field of customer support. Follow The Ticket to get the weekly episodes and sign up for our twice-monthly newsletter bursting with all the insights, trends, tips, and assets your team needs to embrace the future of customer service. https://www.intercom.com/blog/newsletter 🏠 www.intercom.com
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: [email protected]
…
continue reading
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
))
Welcoming PyPI's Safety & Security Engineer Mike Fiedler
Manage episode 381080928 series 2637014
Real Python에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Real Python 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
You may remember a recent Python Package Index (PyPI) announcement about hiring a full-time security engineer. We’ve also mentioned several current security initiatives from PyPI. This week on the show, we talk with Mike Fiedler about accepting this new role and securing accounts on PyPI.
Mike talks about how he started as a contributor to PyPI and eventually became a maintainer. We dig into why he fits this new role well and what his responsibilities are.
We discuss the initiative to secure accounts using two-factor authentication (2FA) methods. Mike also explains how package maintainers can adopt a new, more secure publishing method called trusted publishing that doesn’t require long-lived passwords.
We also discuss Mike’s recent talk called “How to Give Back to Open Source Without Losing Your Mind.” Mike shares advice and resources for finding your own contribution entry points.
Course Spotlight: Publishing Python Packages to PyPI
In this video course, you’ll learn how to create a Python package for your project and how to publish it to PyPI, the Python Package Index. Quickly get up to speed on everything from naming your package to configuring it using setup.cfg.
Topics:
- 00:00:00 – Introduction
- 00:02:11 – PyPI Safety and Security Engineer
- 00:05:21 – Why did you initially become a PyPI contributor?
- 00:11:26 – What are you most excited about in your new role?
- 00:12:02 – Current security concerns
- 00:15:07 – Focus on malicious package reporting
- 00:16:30 – 2FA enforcement and building trust
- 00:26:51 – Managing credentials and password managers
- 00:29:24 – Forms of 2FA
- 00:31:48 – Trusted publishers
- 00:38:08 – Video Course Spotlight
- 00:39:28 – Updating an older project
- 00:41:44 – Evolution of security
- 00:43:06 – Typosquatting and evolving security
- 00:49:13 – How To Give Back to Open Source Without Losing Your Mind
- 00:52:48 – What are you excited about in the world of Python?
- 00:54:45 – What do you want to learn next?
- 00:57:06 – How can people follow your work online?
- 00:57:37 – Thanks and goodbye
Show Links:
- PyPI hires a Safety & Security Engineer - The Python Package Index
- Inbound Malware Volume Report - The Python Package Index
- 2FA Enforcement for New User Registrations - The Python Package Index
- PyPI 2FA Security Key Giveaway - PyPI
- Software Bill Of Materials - National Telecommunications and Information Administration
- Introducing ‘Trusted Publishers’ - The Python Package Index
- Trusted Publishers - Getting Started - PyPI Docs
- How To Give Back to Open Source Without Losing Your Mind – vBrownBag
- Good First Issues - OpenSauced
- Good First Issues
- Participation - Hacktoberfest 2023
- Python Release Python 3.12.0 - Python.org
- htmx - high power tools for html
- The web framework for perfectionists with deadlines - Django
- The Python Package Index - Blog
- Mike Fiedler, Code Gardener (@[email protected]) - Fosstodon
- Mike Fiedler, Code Gardener (@mikefiedler) / X
- Mike Fiedler’s personal website
Level up your Python skills with our expert-led courses:
266 에피소드
공유
Manage episode 381080928 series 2637014
Real Python에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Real Python 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
You may remember a recent Python Package Index (PyPI) announcement about hiring a full-time security engineer. We’ve also mentioned several current security initiatives from PyPI. This week on the show, we talk with Mike Fiedler about accepting this new role and securing accounts on PyPI.
Mike talks about how he started as a contributor to PyPI and eventually became a maintainer. We dig into why he fits this new role well and what his responsibilities are.
We discuss the initiative to secure accounts using two-factor authentication (2FA) methods. Mike also explains how package maintainers can adopt a new, more secure publishing method called trusted publishing that doesn’t require long-lived passwords.
We also discuss Mike’s recent talk called “How to Give Back to Open Source Without Losing Your Mind.” Mike shares advice and resources for finding your own contribution entry points.
Course Spotlight: Publishing Python Packages to PyPI
In this video course, you’ll learn how to create a Python package for your project and how to publish it to PyPI, the Python Package Index. Quickly get up to speed on everything from naming your package to configuring it using setup.cfg.
Topics:
- 00:00:00 – Introduction
- 00:02:11 – PyPI Safety and Security Engineer
- 00:05:21 – Why did you initially become a PyPI contributor?
- 00:11:26 – What are you most excited about in your new role?
- 00:12:02 – Current security concerns
- 00:15:07 – Focus on malicious package reporting
- 00:16:30 – 2FA enforcement and building trust
- 00:26:51 – Managing credentials and password managers
- 00:29:24 – Forms of 2FA
- 00:31:48 – Trusted publishers
- 00:38:08 – Video Course Spotlight
- 00:39:28 – Updating an older project
- 00:41:44 – Evolution of security
- 00:43:06 – Typosquatting and evolving security
- 00:49:13 – How To Give Back to Open Source Without Losing Your Mind
- 00:52:48 – What are you excited about in the world of Python?
- 00:54:45 – What do you want to learn next?
- 00:57:06 – How can people follow your work online?
- 00:57:37 – Thanks and goodbye
Show Links:
- PyPI hires a Safety & Security Engineer - The Python Package Index
- Inbound Malware Volume Report - The Python Package Index
- 2FA Enforcement for New User Registrations - The Python Package Index
- PyPI 2FA Security Key Giveaway - PyPI
- Software Bill Of Materials - National Telecommunications and Information Administration
- Introducing ‘Trusted Publishers’ - The Python Package Index
- Trusted Publishers - Getting Started - PyPI Docs
- How To Give Back to Open Source Without Losing Your Mind – vBrownBag
- Good First Issues - OpenSauced
- Good First Issues
- Participation - Hacktoberfest 2023
- Python Release Python 3.12.0 - Python.org
- htmx - high power tools for html
- The web framework for perfectionists with deadlines - Django
- The Python Package Index - Blog
- Mike Fiedler, Code Gardener (@[email protected]) - Fosstodon
- Mike Fiedler, Code Gardener (@mikefiedler) / X
- Mike Fiedler’s personal website
Level up your Python skills with our expert-led courses:
266 에피소드
모든 에피소드
×
플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.
The Real Python Podcast와 비슷한 콘텐츠
A podcast for developers interested in building great software products. Every episode, Adam Wathan is joined by a guest to talk about everything from product design and user experience to unit testing and system administration.
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
It takes more than great code to be a great engineer. Soft Skills Engineering is a weekly advice podcast for software developers about the non-technical stuff that goes into being a great software developer.
…
continue reading
1
The Ticket: Discover the Future of Customer Service, Support, and Experience, with Intercom
Intercom
1k474
On The Ticket, you'll hear Intercom's Customer Support team in conversation with the customer service leaders, renowned customer experience thinkers, and influential authors who are shaping the field of customer support. Follow The Ticket to get the weekly episodes and sign up for our twice-monthly newsletter bursting with all the insights, trends, tips, and assets your team needs to embrace the future of customer service. https://www.intercom.com/blog/newsletter 🏠 www.intercom.com
…
continue reading
Stay current on JavaScript, Node, and Front-End development. Learn from experts in programming, careers, and technology every week. Become a supporter of this podcast: https://www.spreaker.com/podcast/javascript-jabber--6102064/support.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: [email protected]
…
continue reading
Thanks for visiting The Cell Phone Junkie! I will be taking the time each week to discuss my favorite topic, cell phones. Any feedback is appreciated and welcome. You can email me at: questions (AT) thecellphonejunkie (DOT) com or call: 206-203-3734 Thanks and welcome!
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
