Exploring DuckDB & Comparing Python Expressions vs Statements
The Real Python Podcast
Examining Security Vulnerabilities in Model Context Protocol
This chapter explores the security vulnerabilities linked to the Model Context Protocol (MCP), including risks like command injection and tool poisoning as highlighted in a Medium article. It emphasizes the need for developers and users to adopt recommended security measures to safeguard MCP implementations.
Are you looking for a fast database that can handle large datasets in Python? What’s the difference between a Python expression and a statement? Christopher Trudeau is back on the show this week, bringing another batch of PyCoder’s Weekly articles and projects.
We cover a Real Python article that explores DuckDB and discuss creating a database by reading data from multiple file formats. When building queries, DuckDB uses standard SQL syntax, or for an object-oriented approach, you can chain methods together using the Python API. We also explore the advantages of lazy evaluation using DuckDB relations.
Christopher digs into another Real Python tutorial that covers the differences between expressions and statements in Python. The piece goes beyond definitions to answer questions about where and when to use them in your code.
We also share several other articles and projects from the Python community, including a news roundup, an investigation into the lack of security in MCP, a discussion on the differences between staff engineer and engineering manager roles, guidance on creating and modifying Word documents with Python, and a project to go beyond print for debugging your code.
Check out realpython.com/workshops to join the upcoming cohort of the Intermediate Python Deep Dive course.
Course Spotlight: Creating a Python Dice Roll Application
In this step-by-step video course, you’ll build a dice-rolling simulator app with a minimal text-based user interface using Python. The app will simulate the rolling of up to six dice. Each individual die will have six sides.
Topics:
- 00:00:00 – Introduction
- 00:02:24 – Python 3.14.0a7, 3.13.3, 3.12.10, 3.11.12, 3.10.17 and 3.9.22 are now available
- 00:02:47 – PEP 768: Safe External Debugger Interface for CPython (Accepted)
- 00:03:16 – PEP 781: Make TYPE_CHECKING a Built-in Constant
- 00:03:43 – PEP 750: Template Strings (Accepted)
- 00:04:15 – PEP 751: A file format to record Python dependencies for installation reproducibility (Accepted)
- 00:05:20 – EuroPython July 14th-20th Prague, Tickets Available
- 00:05:42 – Django 5.2 Released
- 00:05:59 – Django security releases issued: 5.1.8 and 5.0.14
- 00:06:19 – Introducing DuckDB
- 00:12:19 – Expression vs Statement in Python: What’s the Difference?
- 00:17:11 – Video Course Spotlight
- 00:18:33 – The “S” in MCP Stands for Security
- 00:28:08 – Real Python Workshops
- 00:30:26 – Staff Engineer vs Engineering Manager
- 00:44:48 – python-docx: Create and modify Word documents with Python
- 00:47:28 – peek: like print, but easy
- 00:50:32 – Thanks and goodbye
News:
- Python 3.14.0a7, 3.13.3, 3.12.10, 3.11.12, 3.10.17 and 3.9.22 are now available
- PEP 768: Safe External Debugger Interface for CPython (Accepted)
- PEP 781: Make TYPE_CHECKING a Built-in Constant – This PEP proposes adding a new built-in variable, TYPE_CHECKING, which is True when the code is being analyzed by a static type checker, and False during normal runtime.
- PEP 750: Template Strings (Accepted) – This PEP introduces template strings for custom string processing.
- PEP 751: A file format to record Python dependencies for installation reproducibility (Accepted)
- EuroPython July 14th-20th Prague, Tickets Available
- Django 5.2 Released
- Django security releases issued: 5.1.8 and 5.0.14
Topics:
- Introducing DuckDB – In this showcase tutorial, you’ll be introduced to a library that allows you to use a database in your code. DuckDB provides an efficient relational database that supports many features you may already be familiar with from more traditional relational database systems.
- Expression vs Statement in Python: What’s the Difference? – In this tutorial, you’ll explore the differences between an expression and a statement in Python. You’ll learn how expressions evaluate to values, while statements can cause side effects. You’ll also explore the gray areas between them, which will enhance your Python programming skills.
- The “S” in MCP Stands for Security - Elena Cross – Model Context Protocol is a new standard behind how Large Language Models integrate with tools and data. Unfortunately, MCP is not secure by default.
- Staff Engineer vs Engineering Manager - Alex Ewerlöf Notes – When do you need a Staff Engineers? What’s the difference between Staff Engineer and Engineering Manager? This article covers these questions and more.
Projects:
Additional Links:
- Intermediate Python Deep Dive Course – Real Python
- Episode #227: New PEPs: Template Strings & External Wheel Hosting
- DuckDB – An in-process SQL OLAP database management system
- Online analytical processing - Wikipedia
- Model Context Protocol has prompt injection security problems
- Model Context Protocol - Documentation
- modelcontextprotocol/python-sdk: The official Python SDK for Model Context Protocol servers and clients
- “Biggest commitment to a 3 second joke I’ve ever seen” — Bluesky
Level up your Python skills with our expert-led courses:
The AI-powered Podcast Player
