#430 Or you go to jail
Python Bytes
Intro
This chapter covers the release of pip version 25.1, emphasizing new features like dependency groups that help streamline project installs. The hosts also encourage listener engagement through social media and promote a newsletter with additional insights.
- pip 25.1 has dependency groups, pylock.toml, plus more
- aiohttp goes free threaded
- uv 0.6.15 supports pylock.toml
- Whenever
- Extras
- Joke
About the show
Sponsored by Porkbun! Use our link pythonbytes.fm/porkbun and get a .app or .dev domain for $5.99 at Porkbun.
Connect with the hosts
- Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)
- Brian: @brianokken@fosstodon.org / @brianokken.bsky.social
- Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky)
Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 10am PT. Older video versions available there too.
Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.
Brian #1: pip 25.1 has dependency groups, pylock.toml, plus more
- post What's new in pip 25.1 - Dependency groups!
- Richard Si
- Discovered this through Hugo van Kemenade
Dependency groups, PEP 735, supported
# pyproject.toml [dependency-groups] test = ["pytest", "pytest-xdist"] lint = ["mypy", "isort"] # Dependency Groups can include other groups! ✨ dev = [ {include-group = "test"}, {include-group = "lint"} ]Package installation progress bar
- Resumable downloads
- Experimental lockfile generation, PEP 751, with pip lock
- so cool
- pip index versions is stable, no longer experimental
- use this to get a list of available versions
- ex: python3 -m pip index versions pytest-check
- combine with --json to get a nice script readable output
Michael #2: aiohttp goes free threaded
- Thanks to months of consistent contributions by Lysandros Nikolaou, all of the mandatory dependencies of #aiohttp now ship free-threaded variants of #wheels!
- This unlocks the same in aiohttp!
Brian #3: uv 0.6.15 supports pylock.toml
- Discovered through Brett Cannon
- So far, these projects support pylock.toml
- pip
- pip-audit
- pdm
- uv
- With uv
- To export a uv.lock to the pylock.toml format,
- run: uv export -o pylock.toml
- To generate a pylock.toml file from a set of requirements,
- run: uv pip compile -o pylock.toml -r requirements.in
- To install from a pylock.toml file,
- run: uv pip sync pylock.toml or uv pip install -r pylock.toml
- To export a uv.lock to the pylock.toml format,
Michael #4: Whenever
- via Pat Decker
- Typed and DST-safe datetimes for Python, available in Rust or pure Python.
- Whenever helps you write correct and type checked datetime code.
- It's also way faster than other third-party libraries—and usually the standard library as well.
Extras
Brian:
Michael:
- New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents via Brian Skinn
- And typosquatting in the AI age
- Firefox Send alternatives
Joke: Can you Vibe?
The AI-powered Podcast Player
