Frappe makes defining DocTypes easier without the need for code to be used everywhere, since everything in Frappe is a DocType. The framework also includes a single-page application with forms, lists, and search navigation built in.

Additionally, users have the ability to define customer roles and permissions that are applied out of the box on every interaction, and they can create their own applications that can be extended by other apps with Frappe’s modular architecture. 

The framework allows for integrations and comes with REST API and Webhooks on all models based on authentication. It also allows users to configure background workers as well as run periodic tasks that are powered by Python RQ.

Soket.io support based on NodeJS is also included, along with the ability to send, receive, view, and manage emails using SMTP and IMAP based email accounts.

Lastly, Frappe enables customers to host several sites on one server, with its database driven multi-tenant architecture. 

The post SD Times Open-Source Project of the Week: Frappe appeared first on SD Times.

This is one of the main reasons why Capital One uses Python to power a large number of serverless applications, giving developers a better experience as they deliver business value to customers.

Python has a rich toolset with codified best practices that perform well in AWS Lambda. Capital One has been able to take modules, whether they were developed internally or from the Python community, and put them together to build what is necessary inside of a fully managed compute instance.  

“We have vibrant Python and serverless communities within Capital One which has helped us advance this work,” said Brian McNamara, Distinguished Engineer.

Why Python for Serverless

Python and serverless practices are closely aligned in the development lifecycle which allows for quick feedback loops and the ability to scale horizontally. Using Python for serverless also allows for:

• Faster time to market: Developers use Python to quickly go from ideation to production code. Serverless applications developed with Python allow developers to have their code deployed on a resilient, performant, scalable, and secure platform.

• Focus on business value: Lower total cost of ownership so developers can focus on features instead of maintaining servers and containers; addressing operating-level system concerns; and managing resilience, autoscaling and utilization.

• Extremely fast scale: Serverless is event-driven which helps with fast scaling, so it’s important to think of API calls, data in a stream, or a new file to process as events. For example, with built-in retry logic from cloud services, a Python serverless function can process the non-critical path from durable cues so the customer experience is not impacted.

• Reusable resources: The Python ecosystem provides great resources and the AWS Lambda Powertools Python package is based on a number of open source capabilities. AWS Serverless Application Model also allows for a local testing experience that generates event examples.

• Flexible coding style: Python provides a flexible coding style allowing developers to blend functional programming, data classes and Object Oriented Programming to process the event.

 Observability Benefits

Additionally, Furman and McNamara emphasized that using Python to power serverless applications has provided Capital One with countless observability benefits so that developers know what is happening inside an application.

“Observability in serverless can be often perceived as more challenging, but it can also be more structured with libraries that codify logs, telemetry data and metric data. This makes it easy to codify best practices,” said Dan Furman, Distinguished Engineer.

Furman and McNamara also pointed out the importance of leveraging the vastness of both the serverless and Python ecosystems. Looking at the knowledge that has been acquired by other members of these communities allows for organizations to gain the benefit of their experiences. 

McNamara and Furman will be giving a presentation on using Python to power serverless applications at PyCon US 2023, taking place at the Salt Palace Convention Center in Salt Lake City Utah from April 19-27. For more information about PyCon US 2023, visit the website.

The post How Capital One Uses Python to Power Serverless Applications appeared first on SD Times.

PyTorch is a Linux Foundation machine learning framework that was originally developed by Meta. 

This release includes a high-performance implementation of the Transformer API. It supports more use cases now, such as models using Cross-Attention, Transformer Decoders, and for training models. The goal of releasing this new API is to make training and deployment of Transformer models more cost effective and affordable, the team explained. 

PyTorch 2.0 also introduces torch.compile as the main API for wrapping models and returning a compiled model. This is a completely additive feature, helping to maintain backwards compatibility.  

Torch.compile is built on four other new technologies: 

1. TorchDynamo, which uses Python Frame Evaluation Hooks to safely capture PyTorch programs
2. AOTAutogram, which can be used to generate ahead-of-time backward traces
3. PrimTorch, which condenses over 2,000 PyTorch operators down into a set of 250 that can be targeted to build a complete PyTorch backend, significantly reducing the barrier to entry
4. TorchInductor, which is a deep learning compiler that makes use of OpenAI Triton.

“We have achieved major speedups for training transformer models and in particular large language models with Accelerated PyTorch 2 Transformers using a combination of custom kernels and torch.compile(),” the PyTorch team wrote in a blog post. 

This release also adds support for 60 new operators to the Metal Performance Shaders (MPS) backend, which provides GPU accelerated training on macOS platforms. This brings the total coverage to 300 operators to-date. 

AWS customers will see improved performance on AWS Graviton compared to previous releases. These improvements focus on GEMM kernels, bfloat16 support, primitive caching, and the memory allocator. 

This release also includes several beta updates to PyTorch domain libraries and other libraries like TorchAudio, TorchVision, and TorchText. 

There are also several features in the prototype stage across many features, including TensorParallel, DTensor, 2D parallel, TorchDynamo, AOTAutograd, PrimTorch and TorchInductor.

The post PyTorch 2.0 introduces accelerated Transformer API to democratize ML appeared first on SD Times.

The team created Memray to enable developers to analyze their memory allocations, thus enabling them to reduce memory usage, find leaks, and identify memory hotspots in code. 

The tool was recently open-sourced so that Python developers all over the world could take advantage of it. 

Some key features of Memray include tracing of every function call, handling of native calls in C/C++ library, report generation, and the ability to work with both Python and native threads.

According to Bloomberg, some of the benefits of Memray include speed, gathering of large amounts of data, that it can be activated and deactivated at runtime, and that it shows the merged Python and C/C++ stack for each allocation so that it can be understood how memory is being allocated in native extensions.  

“There are some great open source profilers available to figure out where a Python program is spending its time. However, there haven’t been many great solutions for figuring out where a Python program is spending its memory, especially when that memory is allocated by a native extension module. My hope is that the next time someone wonders why a script is using so much memory, they’re able to figure it out without needing to change anything about their program besides how they run it,” said Pablo Galindo Salgado, member of the Python Infrastructure team at Bloomberg, in an interview posted on Bloomberg’s blog. 

The post SD Times Open-Source Project of the Week: Memray appeared first on SD Times.

Dependabot alerts use GitHub’s precise code navigation engine to determine if a repository directly calls a vulnerable function. 

The new feature marks a shift in how GitHub curates information on vulnerable packages from the Advisory Database to curating information on affected functions for each source library. 

GitHub performs static analysis with functions in order to generate an affected call graph for a repository, which surfaces on a Dependabot alert. 

The implementation is powered by stack graphs, which powers Precise Code Navigation and provides a no-configuration experience that works on any advisories with annotated vulnerable functions, according to GitHub.

GitHub announced that it has details of vulnerable functions for 79 Python advisories from the pip ecosystem and that it will continue backfilling data on vulnerable functions for Python advisories through the beta, as well as supporting any new Python advisories.

“Since our February ship of improvements to Dependabot alerts, Dependabot has helped developers resolve nearly 3 million alerts,” Erin Havens, product manager at GitHub, wrote in a blog post. “Dependabot alerts will now surface whether your code is calling vulnerable code paths, so that you can prioritize and remediate alerts more effectively.”

The post GitHub’s Dependabot alerts now surface if code calls a vulnerability appeared first on SD Times.

With this, Flutter has been tailored specifically for Windows applications, combining a Dart framework and C++ engine. Additionally, the Flutter engine is hosted on an embedded layer that allows for communication between Windows and Flutter. 

Flutter coordinates with Windows to deal with things such as window resizing and DPI changes, as well as working with inputs such as keyboard and mouse, in addition to touch screen capabilities already built in.

For more details, read more.

Python in VS Code February 2022 release 

Microsoft revealed that the Python Extension for Visual Studio Code includes several new features, including: 

• Smart selection
• Folding support
• Improvements to the Python interpreters list
• Improvements when using Anaconda

With Smart selection via Pylance, selecting Python Code using the keyboard requires fewer key presses. This comes as a highly requested update, defining the users’ selection range by considering their own code structure and heuristics. 

Developers are also enabled to expand their code selection with Shift+Alt+Right Arrow and shrink it with Shift+Alt+Left Arrow. See here for more information. 

Apache weekly update

For the week ending on February 4, 2022, 303 Apache Committers altered 9,625,849 lines of code over 3,255 commits. The top five contributors of the week are Jean-Baptiste Onofré, Claus Ibsen, Sebastian Bazley, Guillaume Nodet, and Eric Milles.

There have also been several project updates, including the retirement of Apache Ambari and Apache Usergrid. This decision came from Apache committers and was due to general inactivity. 

In addition, users of Apache Superset up to and including 1.3.2 should upgrade to version 1.4.0 or higher as a password leak has been detected for authenticated users. This leak was found and reported by Cesar Santos. 

The post SD Times news digest: Support for Flutter on Windows now available; Python in VS Code February 2022 release; Apache weekly update appeared first on SD Times.

New features and capabilities include the ability to perform code analysis for Kotlin apps for mobile development, which is an early-stage beta release, and Intelligent SCA for Python and Golang, which is also a beta release, that allows developers to identify attackable open source vulnerabilities in their code.

The release also includes workflow enhancements like improved build rules that allow for  automatic detection and interception of attacker reachable open-source vulnerabilities, interactive remediation that enables developers to specify custom validation for the tool to recognize in scan results, enhanced vulnerability descriptions, branch selection, and richer data flow visualizations. 

“Customers are already using ShiftLeft CORE to make security fixes earlier in the development cycle where they are less painful for devs and result in significantly less security debt for the application. That said, the increased frequency of scans and greater volume of vulnerability information can create information overload,” said Alok Shukla, the VP of products at ShiftLeft. “The ‘Velocity Update’ to ShiftLeft CORE helps them easily browse and triage high volumes of attackable dataflows and intelligently automate build decisions based on attackability exposure in each pull request.”

The post ShiftLeft CORE gets new vulnerability identification features appeared first on SD Times.

This financing round was led by Sixth Street Growth, which will now be joining the SnapLogic board. These funds will go directly towards speeding up international expansion, product innovation, and sales and marketing. 

“We are pleased to lead this funding round and partner with SnapLogic to bring its market vision, unmatched platform, and robust partnerships to more enterprises around the world,” said Michael McGinn, partner and co-head of Sixth Street Growth.

Vulnerability found in log4j 2

This past Thursday, December 9th, a 0-day exploit in the Java logging library, log4j (version 2) was discovered. This vulnerability results in Remote Code Execution by logging a certain string. Considering the ubiquitousness of the library, the impact of this vulnerability is severe.

Several services are vulnerable to this exploit. This includes cloud services such as Stream, Apple iCloud, and apps like Minecraft. Additionally, any Apache Struts user is likely vulnerable to the exploit. 

For more information on this vulnerability and how to mitigate it, visit here. 

December release of Python VS Code now available

Microsoft recently announced that the December 2021 release of the Python Extension for Visual Studio Code is now available. The extension can be downloaded from the Marketplace or users can install it directly from the extension gallery in Visual Studio Code. If the Python extension is already installed, users can get this latest update by restarting Visual Studio Code.

A few highlights of this announcement include 

• Module rename refactoring with change preview, via Pylance
• A rich editing experience when working with virtual or untrusted workspaces
• An update regarding debugging with Python 2.7
• And a Python environment manager extension

For a full list of improvements included in this release, visit here.  

The post SD Times news digest: SnapLogic raises $165 million; Vulnerability found in log4j 2; December release of Python for VS Code appeared first on SD Times.

Swimm ensures that documentation is up to date through the introduction of “live” code snippets that automatically sync with changes made to the code base. In addition, the platform offers users access to documentation such as tutorials, guides, and walkthroughs in a secure Web App. 

In addition, Swimm announced a $27.6 million Series A funding round. This financing round brings Swimm’s total funding to $33.3 million and was led by Insight Partners with participation from Dawn Capital as well as existing seed investors Pitango First and TAU Ventures. 

Python in Visual Studio Code November release 

Microsoft recently announced that the November 2021 release of the Python Extension for Visual Studio Code is now available for download from the Marketplace, or directly from the extension gallery in Visual Studio Code. If the Python extension is already installed, you can gain access to the latest update by restarting Visual Studio Code.

As a part of this release, the Microsoft Python Language Server has reached end of life. Legacy language server users should switch to a supported language server such as Pylance or Jedi. If a user has not already transitioned to one of these alternate language servers, they will be flipped to Pylance, the default language support for Visual Studio Code.

Other changes and enhancements with this release include

• Support environment variable substitution for “python” property in the launch.json file
• Support for unittestsub-tests 
• Fix for running all tests when using ini
• And fix unresponsive extension issues

UiPath platform 2021.10 released 

UiPath today announced the release of their 2021.10 platform, enabling users to further their automation journeys with new capabilities and simpler experiences in discovering, building, managing, and running automations across the enterprise.

With this release, UiPath strengthens its core robotic process automation (RPA) solutions while also introducing enterprise-grade UI-based and API-based automation capabilities,delivering enterprise-grade automation management, reliability, governance, and security. With this, the way developers build automations and users implement them will be accelerated.

In addition, this release offers cloud native architecture through the new UiPath Automation Suite regardless of whether users choose to take delivery of the UiPath platform via on-premises, public cloud, or third-party hosted services. Other new features include Endpoint Protection Integration with CrowdStrike, UiPath Integration Service, and the acceleration of development and use of automation.

The post SD Times news digest: Swimm raises $27.6 million in funding; Python in Visual Studio Code November release; UiPath platform 2021.10 released appeared first on SD Times.

This tool empowers OEMs to inspect the provenance of their code and each software asset that comes into their overall supply chains, addressing the increasing complexity and growing cybersecurity threats among software supply chains. 

BlackBerry Jarvis also addresses the need to identify and address vulnerabilities by making them known and quickly providing actionable insights.

Python in Visual Studio Code October 2021 release

Microsoft recently announced the availability of the October 2021 release of the Python Extension for Visual Studio Code. It can be downloaded from the Marketplace or installed directly from the extension gallery in Visual Studio Code.

This release addresses 88 issues, including debugging support for Jupyter Notebooks, a new Python walkthrough, and improvements to the debugging experience for Python files and projects. 

In addition, there have been other small improvements requested by users, such as python.testing.cwd setting no longer being ignored when discovering or running tests; removing support for rope, ctags, and pylintMinimalCheckers setting; changing the default value of python.linting.pylintEnabled to false; and more.

Google announces Dev Library

Google announced its Dev Library, an open source platform for developers. The Dev Library provides a space where projects related to Google technologies can be highlighted. Dev Library as a platform showcases blog posts and open source tools for product areas such as Machine Learning, Flutter, Firebase, Angular, Cloud, and Android.

While the Dev Library is open source, not every project submitted gets a spot on the site; only the ones determined to be the most accurate and relevant by experts at Google get on the site. This ensures that when users view the content posted on the site, it has the backing of Google experts.

The Dev Library is designed to provide visibility to developers that they may not have had access to before, despite extensive expertise. In addition, it provides a space for developers to network with other contributors.

The post SD Times news digest: BlackBerry, Deloitte collaborate on loT software supply chain security; Python in Visual Studio Code October 2021 release; Google announces Dev Library appeared first on SD Times.