Pydantic Data Validation & Python Web Security Practices

26 snips

Apr 26, 2024

Christopher Trudeau, PyCoder's Weekly contributor, discusses Pydantic data validation in Python web apps. They cover installation, base models, validation functions, and environment variables. Also, they talk about Python web security best practices, list multiplication quirks, mutability in Python, SQL injection vulnerabilities, effective exception handling, open-source contributions, and Python libraries for sound playback and country info.

Ask episode

AI Snips

Chapters

Transcript

Episode notes

ADVICE

Input Validation and Sanitization

Validate user inputs to ensure data integrity and application security.
Sanitize or coerce data using tools like Pydantic, especially for web applications.

INSIGHT

Python List Multiplication

Multiplying nested lists in Python creates multiple references to the same inner list.
Appending to one referenced list affects all of them due to mutability.

ADVICE

Secure Coding Practices

Secure your web applications by using secure coding libraries and keeping dependencies updated.
Employ tools like Bandit and pip-audit to scan for vulnerabilities and outdated packages.

Get the Snipd Podcast app to discover more snips from this episode

Get the app

How do you verify and validate the data coming into your Python web application? What tools and security best practices should you consider as a developer? Christopher Trudeau is back on the show this week, bringing another batch of PyCoder’s Weekly articles and projects.

We discuss the recent Real Python tutorial “Pydantic: Simplifying Data Validation in Python.” The piece covers installing the library with optional dependencies, working with base models, validating functions, and managing environment variables.

We continue our conversation about web development with another article about Python security best practices. This article covers several Python libraries and crucial steps you can take to help make your web-based applications more secure.

We also share several other articles and projects from the Python community, including a news roundup, why Python lists multiply oddly, inline run dependencies in pipx, a discussion about open-source contribution assignments, playing sounds in Python, and a Python library to access ISO country definitions.

This episode is sponsored by Mailtrap.

Course Spotlight: Using raise for Effective Exceptions

In this video course, you’ll learn how to raise exceptions in Python, which will improve your ability to efficiently handle errors and exceptional situations in your code. This way, you’ll write more reliable, robust, and maintainable code.

Topics:

00:00:00 – Introduction
00:02:40 – Python 3.12.3, Python 3.11.9, and 3.13.0a6 Released
00:03:43 – Django Bugfix Release Issued: 5.0.4
00:04:48 – PEP 738 Accepted: Adding Android as a Supported Platform
00:05:53 – EuroPython Tickets on Sale: Prague/Remote July 8-14
00:06:38 – PyCon Portugal 2024
00:07:17 – Pydantic: Simplifying Data Validation in Python
00:15:24 – Sponsor: Mailtrap
00:15:58 – Why Do Python Lists Multiply Oddly?
00:22:21 – Best Python Security Practices for Web Developers
00:34:13 – Video Course Spotlight
00:35:38 – Inline Run Dependencies in pipx 1.4.2
00:40:16 – So Your Teacher Wants You to Do Open Source
00:54:49 – nava: Play Sounds in Python
00:56:25 – pycountry: A Python library to access ISO country definitions
00:58:18 – Thanks and goodbye

News:

Show Links:

Pydantic: Simplifying Data Validation in Python – Discover the power of Pydantic, Python’s most popular data parsing, validation, and serialization library. In this hands-on tutorial, you’ll learn how to make your code more robust, trustworthy, and easier to debug with Pydantic.
Why Do Python Lists Multiply Oddly? – In Python you can use the multiplication operator on sequences to return a repeated version of the value. When you do this with a list containing an empty list you get what might be unexpected behavior. This article explains what happens and why.
Best Python Security Practices for Web Developers – Coding on the web means you have to be more security conscious as everyone has access to your software. This article discusses key steps you can take to help make your code more secure.
Inline Run Dependencies in pipx 1.4.2 – PEP 723 adds the ability to specify dependencies within a Python script itself. The folks who write pipx have added an experimental feature that takes advantage of this future language change. This article shows you how the new feature looks and what pipx does with it.
Install and Execute Python Applications Using pipx – In this tutorial, you’ll learn about a tool called pipx, which lets you conveniently install and run Python packages as standalone command-line applications in isolated environments. In a way, pipx turns the Python Package Index (PyPI) into an app marketplace for Python programmers.

Discussion:

So Your Teacher Wants You to Do Open Source – Sometimes teachers or mentors ask students to contribute to an open source project, without the context of what that entails. This opinion piece covers just how much noise that causes for the projects and why you shouldn’t do it unless you truly mean to contribute.
503 Days Working Full-Time on FOSS: Lessons Learned – For a year and a half, Rodrigo worked at Textualize the company behind the popular open source Python projects Rich and Textual. This blog post talks about what he learned while he was there.

Projects:

Additional Links:

Level up your Python skills with our expert-led courses:

Support the podcast & join our community of Pythonistas