Build better software to build software better

The article from Slack Engineering describes how Slack improved their build pipeline by applying classic software engineering principles combined with high-performance build tooling (Bazel). They restructured their build system by separating concerns, modeling builds as graphs of well-defined work units, and leveraging caching and parallelization, which resulted in builds running up to s...

https://slack.engineering/build-better-software-to-build-software-better

Decompression is up to 30% faster in CPython 3.15

CPython 3.15 introduces significant improvements in decompression speed: Zstandard (zstd) decompression is now up to 25–30% faster, and zlib decompression is 10–15% faster for data larger than 1 MiB. These gains result from optimizations in the handling of output buffers during decompression.

https://emmatyping.dev/decompression-is-up-to-30-faster-in-cpython-315.html

httpmorph

httpmorph is a drop-in replacement for Python's requests library that uses a custom C implementation with BoringSSL instead of Python's standard HTTP stack.

https://github.com/arman-bd/httpmorph

How often does Python allocate?

The article explores how frequently Python allocates memory, focusing on the integer type implementation. It finds that CPython allocates new memory objects often but mitigates overhead by reusing objects from a freelist and employing a specialized pool allocator; nonetheless, Python's integer handling still incurs considerably more allocation overhead than the single CPU ADD instruction...

https://zackoverflow.dev/writing/how-often-does-python-allocate

PyBay 2025 Videos

The talk videos from PyBay 2025 are now available.

https://www.youtube.com/playlist?list=PL85KuAjbN_gseSuHZTUCgNAHLeKuMDBxI

Memori

An open-source SQL-Native memory engine for AI.

https://github.com/GibsonAI/Memori

7 vulnerabilities in django-allauth enabling account impersonation and token abuse

The django-allauth package had seven vulnerabilities, including four major ones that enabled account impersonation by exploiting mutable or non-unique identifiers from Okta and NetIQ, token refresh for deactivated users, and unverified email acceptance from Notion. These flaws could allow attackers to impersonate users and abuse tokens, but all have been fixed in version 65.13.0.

https://zeropath.com/blog/django-allauth-account-takeover-vulnerabilities

How to use UUIDv7 in Python, Django and PostgreSQL

Learn how to use UUIDv7 today with stable releases of Python 3.14, Django 5.2 and PostgreSQL 18. A step by step guide showing how to generate UUIDv7 in Python, store them in Django models, use PostgreSQL native functions and build time ordered primary keys without writing SQL.

https://www.paulox.net/2025/11/14/how-to-use-uuidv7-in-python-django-and-postgresql/

Hachi: An (Image) Search engine

The Hachi project is an end-to-end, fast, self-hosted semantic and metadata search engine designed to enable comprehensive search across all types of media by extracting independent information from distributed personal data. It prioritizes minimal external dependencies, hackability, and the integration of machine learning models to fuse deterministic and semantic attributes, aiming for ...

https://eagledot.xyz/hachi.md.html

GNN From Scratch

The article provides an introduction to Graph Neural Networks (GNNs), explaining how graphs are represented for machine learning and introducing the mathematical intuition behind GNNs. It covers key concepts such as nodes, edges, and the message-passing mechanism, helping readers understand how GNNs learn from graph-structured data.

https://cultured-avenue-f13.notion.site/GNN-From-Scratch-2a3dfe9550dd80ac87deee4fe6cd0696