Python 3.11 is Out, Public Health News and New Systems and Proof-of-Concept Exploits! - Python Community News 2022-10-28
Python 3.11 has been released
submitted by kjaymiller
Python 3.11 is now available. The release is the first in a series of released designed to make Python up to five times faster.
Notable Features include:
- Exception groups and a new except* syntax
- Support for Parsing TOML in the Standard Library
and - many additions to typing and the type library
The release is available in most downloading channels including: Python.org, the Windows Store, Homebrew, Linux Repositories, and Pyenv.
Microsoft Announces New Dev Kits using ARM64
submitted by kjaymiller
Microsoft's Dev Kit, announced under the code name Volterra is available for order today. This device was designed to create a simplified development process for ARM64 Development and enables developers to build apps using its NPU hardware to accelerate AI/ML workloads, delivering AI-enhanced features & experiences without compromising app performance. Python 3.11 is the first version to have dedicated installations for Windows ARM and maintainers are hoping to see increased adoption among maintainers. The device is available for $599USD on the Microsoft Online Store in Australia, Canada, China, France, Germany, Japan, the United Kingdom and the United States.
Disclaimer: Jay, one of the shows hosts, works for Microsoft
Last call for Hacktoberfest contributions
submitted by jonafato
The last day to create a pull request counting toward Hacktoberfest is October 31st. Pull requests created before the month ends will count toward the promotion and potentially qualify contributors to receive a tree planted in their name or a Hacktoberfest 2022 t-shirt.
PyCon US Announces New Health and Safety Guidelines for PyCon US 2023
submitted by kjaymiller
The PyCon US organizers have released new Health and Safety Guidelines for PyCon US 2023. The Conference requirements will include: - Vaccines against COVID19 - Masks indoors except when eating The conference also promises refunds to people showing COVID-like symptoms up to a week prior to the event. Last years post event survey revealed: 12 people reported directly to to organizers they had tested positive for COVID-19 either during or following the event. 16 responded through the survey they tested positive. It can not be determined if any of the 16 were also part of the 12 that contacted the organizers directly. PyCon US is the Python community's largest conference and will one of the most travelled events around the globe.
DjangoCon US Code of Conduct Transparency Report
submitted by jonafato
DjangoCon US has posted its 2022 Code of Conduct transparency report. This report is published after each DjangoCon US conference, anonymously detailing code of conduct reports made to the code of conduct committee.
Public Health Pledge website launched
submitted by jonafato
The Public Health Pledge website has launched, calling on conference participants to limit their participation to events that follow specific precautions related to public health and the Covid-19 pandemic. The pledge website launches following a series of events changing their Covid-19 policies shortly before they're scheduled to begin. The website states that a guide for event organizers will follow.
Thousands of GitHub repositories deliver fake PoC exploits with malware
submitted by kjaymiller
Researchers at the Leiden Institute of Advanced Computer Science found thousands of repositories on GitHub that offer fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. According to the technical paper from the researchers at Leiden Institute of Advanced Computer Science, the possibility of getting infected with malware instead of obtaining a PoC could be as high as 10.3%, excluding proven fakes and prankware. Soufian believes that all testers should follow these three steps: - Read carefully the code you are about to run on your or your customer's network. - If the code is too obfuscated and needs too much time to analyze manually, sandbox it in an environment (ex: an isolated Virtual Machine) and check your network for any suspicious traffic. - Use open-source intelligence tools like VirusTotal to analyze binaries. The researchers have reported all the malicious repositories they discovered to GitHub, but it will take some time until all of them are reviewed and removed, so many still remain available to the public.