List of videos

[EuroPython 2024 — Terrace 2A on 2024-07-11] Caching for Jupyter Notebooks by Lauris Jullien https://ep2024.europython.eu/session/caching-for-jupyter-notebooks Caching data and calculation results in jupyter notebooks is a great way to speed up development by making expensive cells easier to re-run. Data scientists and developers using notebooks on a daily basis, can improve their notebook workflow with low-effort changes in the notebook code, cut the time spent waiting and reduce context switches. This talk targets developers and data scientist of all experience levels and will cover: Why caching in notebooks? Setting up the context in which developers and data scientists use notebooks for exploratory work and how caching is relevant in it. What is caching Quick definition of caching, introducing the different types of persistence (in-memory, on disk, database, object storage …), cache invalidation strategies (parameters, code changes, ttl, …), with some cautionary comments about data security when caching protected data. Caching Techniques Going through readily available options from the python standard library, and how to use them in notebooks. Introducing a few off-the-shelves options like ipython % magics, and cachetools. Showcasing how one would build their own mini-caching framework, that fits for their specific use case, using pandas and spark for the example Explaining when to stop trying to cache, and keeping the caching framework mini, what are the signs that caching went overboard. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2A on 2024-07-11] Creating Your Own Extensions for JupyterLab by Daniel Goldfarb https://ep2024.europython.eu/session/creating-your-own-extensions-for-jupyterlab Have you ever wished for a feature in Jupyter Notebooks or JupyterLab that wasn't already there? Or perhaps you've found yourself doing complex or repetitive tasks and realized that you, and others, could benefit from integrating those tasks into JupyterLab? This is your chance to learn how to add that feature, or integrate that task, yourself. JupyterLab enables you to work with Jupyter notebooks, text editors, terminals, and custom components in a flexible, integrated, and extensible manner. This talk presents a practical tutorial about how to extend JupyterLab. We focus on understanding the underlying extension support infrastructure, as we walk through a step-by-step example of creating an app in JupyterLab. We will learn, among other things, how to launch that app from different places within JupyterLab, how to style our app, and how to pass parameters to our app to modify its behavior. Prerequisites: - Attendees should have some familiarity with Jupyter Notebooks and/or JupyterLab. - Attendees must have solid experience with _any_ typical object-oriented programming language (i.e. a good understanding of classes, objects, and inheritance). --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] When and how to start coding with kids by Anna-Lena Popkes https://ep2024.europython.eu/session/when-and-how-to-start-coding-with-kids Our world is driven by technology and there are many reasons to teach our kids how to code. For example, coding allows them to develop logical reasoning skills and teaches attention to detail. Allowing children to discover how much fun coding can be supports them in their development and opens many doors for their future. But when and how should we start coding with kids? This talk will approach the question from a scientific perspective, looking into how children's brains develop, how children learn and how to best teach them coding abilities. It will answer important questions like "At what age can a child start coding?" or "What are the benefits of learning to code?". It will also present possible starting points, like learning platforms or tutorials. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] Best practices for securely consuming open source in Python by Ciara Carey https://ep2024.europython.eu/session/best-practices-for-securely-consuming-open-source-in-python The Python development landscape thrives on the extensive use of open-source libraries and frameworks. However, the growing prevalence of attacks targeting OSS underscores the need for robust security measures to consume open source. In this talk, we'll examine how the Secure Supply Chain Consumption Framework (S2C2F) can guide organizations in securely consuming Python OSS, utilizing tools such as pip, artifact managment, sboms and Dependabot. The S2C2F Framework was developed by Microsoft and later donated to the Open Source Security Foundation (OpenSSF). It provides a structured approach to enhancing the security of OSS consumption. We'll provide an overview of its core principles and maturity levels and discuss practical strategies for implementing S2C2F principles within Python projects, including dependency management with pip, artifact management, sboms, signatures, deny rules, forking policies and automated security updates with Dependabot. The S2C2F is a pragmatic approach to securing how you consume OSS. It emphasizes the fundamental principles of knowing your OSS, preventing the introduction of vulnerable packages, and maintaining robust patch management. You will come away from this talk with practical tips and best practices on how to securely consume open source in python. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] Counting down for CRA - updates and expectations by Cheuk Ting Ho, Deb Nicholson https://ep2024.europython.eu/session/counting-down-for-cra-updates-and-expectations The EU Commission is likely to vote on the Cyber Resilience Act (CRA) later this year. The CRA is an ambitious step towards protecting consumers from software security issues by creating a new list of responsibilities for software developers and providers. The Act also creates a new category of actor known as an “Open Source Steward” which we think makes important allowances for public open source repositories like CPython and Python Package Index (PyPI.) Once the dust settles, everyone who makes software will need to consider the CRA’s mandates in their security roadmaps. In this talk we will look at the timeline for the new legislation, any critical discussions happening around implementation and most importantly, the new responsibilities outlined by the CRA. We’ll also discuss what the PSF is doing for CPython and for PyPI and what each of us in the Python ecosystem might want to do to get ready for a new era of increased certainty – and liability – around security. ## Target audience Developers and maintainers whose project or product may be affected by the CRA. European legislation won’t just affect the European market, it will affect the software industry and the open source community globally as it is very hard to segregate one project or product from the EU market. So, this is for everyone in the Python community who shares their code with the world. ## Goal To educate the general public about CRA - how it can affect us and how to get ready for it. We also want to provide more information for the Python community about what has been done by the PSF regarding the CRA to reassure them that the Python community is aware and getting prepared for the CRA. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] logger.info(f"Don't Give all your {secrets} away") by Tamar Galer https://ep2024.europython.eu/session/logger-info-f-don-t-give-all-your-secrets-away In my seven years as a software developer, I've primarily worked in teams composed solely of developers. However, my recent transition to a team of security researchers has opened my eyes to a crucial aspect that often goes unnoticed: log safety in applications. My exposure to the application security ecosystem and real-life security breach analysis has opened my eyes to recognize code security issues, including the prevalence of sensitive information, tokens, passwords, and payment details, in plaintext logs. This may lead to severe data breaches, financial losses, and all kinds of catastrophes. This talk will dive into the fatal mistakes developers often make that can result in the disclosure of sensitive information in logs. We'll explore the types of sensitive data in logs. I'll share my personal experiences as a developer on a security research team and shed light on the often-overlooked consequences of insecure logging practices. We'll discuss practical patterns to safeguard sensitive information in Python applications, including identifying and redacting sensitive data before it reaches log files, and implementing secure logging practices. By the end of this talk, developers will be equipped with the knowledge and tools to protect sensitive data from accidental disclosure and safeguard their applications from the perils of sensitive data exposure. Embrace the journey towards log safety and ensure your code remains secure and confidential. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] Multimedia processing with FFMpeg and Python by Michał Rokita https://ep2024.europython.eu/session/multimedia-processing-with-ffmpeg-and-python Multimedia processing can be very complex, especially if you want to handle most of the available codecs and formats. Fortunately, we have FFMpeg - a "complete, cross-platform solution to record, convert and stream audio and video". It is a great tool, but its CLI is quite complex and challenging to master unless you use it on a daily basis. During this talk, I will tell you what FFmpeg is and how to use it in Python without hurting yourself. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] Behind the Scenes of an Ads Prediction System by Bunmi Akinremi https://ep2024.europython.eu/session/behind-the-scenes-of-an-ads-prediction-system In this era of rapid technological advancement and AI, Ad prediction systems stand at the forefront of shaping online advertising, significantly impacting how content reaches its intended audience. In this session, I'll introduce the Ads prediction system from a user and algorithm view. We'll then walk through key concepts like targeting, bidding, ad ranking, click-through rate (CTR), and conversion rate. We'll deeply dive into connecting the dots, designing an ad prediction system, some ethical considerations, models, offline and online metrics, scaling and deployment decisions that enable handling high volumes of data and requests efficiently, and some case studies. At the end of this session, attendees will comprehensively understand the end-to-end process of developing an ads prediction system. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/

[EuroPython 2024 — Terrace 2B on 2024-07-11] Pydantic Logfire — Uncomplicated Observability by Samuel Colvin https://ep2024.europython.eu/session/pydantic-logfire-uncomplicated-observability Pydantic Logfire — Uncomplicated Observability From the team behind Pydantic, Logfire is a new type of observability platform built on the same belief as our open source library — that the most powerful tools can be easy to use. In this talk we'll introduce Logfire, then demonstrate how it can make understanding and fixing your app faster and more enjoyable with a live demo. We'll touch on some of the most useful integrations including: FastAPI, Postgres and OpenAI. --- This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License: https://creativecommons.org/licenses/by-nc-sa/4.0/