Here is a blog post with links and references to accompany my closing keynote today at #PyConUS , on stories from a few years working on #Python packaging.
@brainwane Honestly you got me in the second content slide, "caring through infrastructure". I knew it'd probably happen at some point but all I could think was "dang, already!" π
@webology I like it, but probably won't be getting one. The most interesting feature IMO is the USB-C video out, wish that Analogue had something similar!
@brainwane Yuuup. There were a few points in there too that I hadn't thought about to conclusion as well, like being able to side-step your application's built-in download process and provide it with the file it intended to download that you've fetched through a more reliable process.
It makes total sense to me now that I've read it, but I've always framed the problem as "applications themselves have to do better", but the ability to use a local file improves so many use-cases.
@ianlewis Thanks for writing this up Ian! I really appreciate you calling out SLSA build level 3 specifically, there's so much confusion about "what is build provenance, what is publish provenance" and in my mind SLSA build 3 = build provenance, SLSA build 2 = publish provenance"
It's tough seeing Paper Mario: The Thousand Year Door for Switch being released today and so many hyped people and I'll likely need to wait for a week before I can start playing in earnest π
@jezdez@jazzband Thank you for everything you do Jannis, you've created an incredible project with none of the tools and platform support that are available today and you should be proud of that. I'm humbled to be a small part of the journey :)