Welcome to the first edition of PyPI monthly! What’s this all about? Being a company that monitors people’s dependencies to help them keep their project safe and up to date, we have a lot of data about packages.
We asked ourselves how we can use that to be even more useful to our customers and the whole community.
The answer? PyPI monthly. A monthly newsletter that will tell you about a handful of the most notable package updates of the last month.
We send this only to people who have Python projects configured on Gemnasium or people subscribing specifically for this. You can get it if you are a Gemnasium user, or by subscribing on this post.
We would love your feedback, so we know if it’s useful for you with the chat widget on this page or send me an email directly to email@example.com.
Without further ado, let’s talk about some packages!
Requests 2.14.0, 2.14.1 and 2.14.2
Did you know that this is the most popular PyPI package on Gemnasium across all our users to have a new version in the last month? I didn’t know until a few minutes ago! :)
So, Requests had a new release with a bunch of improvements on May 9th. It comes with new options related to proxies, errors when certificates bundlers have invalid paths and a lot more improvements, behavior change and bugfixes.
You can see the changelog here. If you’re logged in your Gemnasium account, you can see which of your projects are using it and which version they use.
Django 1.11 & 1.11.1
The popular web framework had a new version in early April and a bug fix release recently. Ok, it was a bit more than one month ago, but I thought it would be relevant anyway for this issue anyway.
Version 1.11 had a lot of new things, deprecations and all, but it was also fixing security issues. The same security issues were also fixed by 1.10.7, 1.9.13 and 1.8.18. You should probably upgrade to one of these.
So, what are the big things besides this security issue?
First, Django 1.11 requires Python 2.7, 3.4, 3.5, or 3.6. 1.11.x are the last versions to support Python 2. Time to upgrade your projects to Python 3!
They added class-based model indexes, template-based widget rendering, subquery expressions and a LOT of minor features. The changelog is here. If you want to learn more about the security that this fixes, look here.
I don’t know for you, but I LOVE testing. And I like the peace of mind that testing provides.
If you’re like me and you like testing, or if you need to test your projects, you’ll be pleased to know that pytest 3.1.0 was released this week. What’s in it for you?
6 new features, 16 changes and bug fixes.
Talking of testing, another popular testing tool had a release. It comes with improvements and bug fixes that will make your coverage report more reliable. Definitely check it out. Details of all the changes are here.
And much more…
A lot more package updates were published in the last month, here are a few worth mentioning quickly too:
- django-redis 4.8.0
- oauth2client (from Google) had a new release and was deprecated with some replacement suggestions
- Pillow, the PIL (Python Imaging Library) fork released 4.1.0 and 4.1.1. 4.1.0 had a lot of changes, check it out
- protobuf 3.3.0
Did you like this overview of the most notable package updates lately?
We would love to get your feedback to improve it quickly, so it becomes another tool that makes your life easier. You can send a message using the chat widget at the bottom right of this post or just shoot me an email at firstname.lastname@example.org.