pyMNtos

  • Home
  • Blog
  • Meetings

July 2011 Meet-up Notes

August 4, 2011

Lightning Talks

Ben - PyTest - simplified unit testing tool for python

  • Reduces boilerplate code
  • Uses standard python assert statement
  • Uses abstract syntax trees to dynamically rewrite your assert to preserve intermediate values
  • Works for common cases; may not work for "super-obscure" stuff
  • http://pytest.org/latest/

John - Getting user selection with JavaScript

  • use window.getSelection or document.selection to get a range object describing what the user has selected.
  • You get a Range object (in non-IE browsers) which presents the user's markup as a valid HTML snippet
  • Handles closing HTML tags when range spans tab boundaries (e.g. selecting across paragraphs or s)
  • Difficulty: Range object strips out context, so its problematic to figure out the original context of the text selection given just the range object.
  • Possible library to handle ranges: Rangy (http://code.google.com/p/rangy/)

Kevin - Q & A session:

  • http://webstatuscodes.appspot.com/ yields a sample response with the supplied status code; useful for testing against realistic error responses
  • Testing timeouts:
    • Sending a request to google.com on port 77 yields a realistic HTTP timeout
  • Advice:
    • Use Request () instead of urllib2 for making web requests
      • Cleaner API
      • Better handling of HTTPS/SSL
    • Use Scrapy (http://scrapy.org/) to scrape web pages
    • Use Path (http://pypi.python.org/pypi/path.py) for path and glob operations

Dan - Tamper resistant backups to S3

  • How do we keep our backups safe if our box gets owned
  • Can't have application push to backup server; allows attacker to connect from application server to backup server and trash the backups along with the application
  • Keeping, configuring and administering a separate backup server is a pain. Solution: push backups to Amazon S3
  • S3 is versioned - don't need to set up backup histories yourself
  • S3 supports ACLs - can grant application server only put and update rights; if an attacker compromises your application server, he or she doesn't automatically gain the privileges to trash your backups as well
  • boto (http://code.google.com/p/boto/) is a Python API for Amazon web services, including S3
  • We can use boto to transfer our backups to S3 via a script that's called from cron

Jobs:

  • Renesys: Network & Web programmers with Python
  • The Nerdery: Contract and full-time positions for Python/Django programmers
  • Clockwork: Software Engineer, Software Engineer (intern) and Software Test Engineer positions
  • Holmes: QA engineers able to read and understand Zope code
  • Logic PD: Embedded Linux engineers

Log in.