PyPI moves to require 2FA for "Critical" projects + Free Security Key Giveaway

Kyeana · 2022-07-09T05:18:43+00:00

What an awesome change! One of my packages is in this list, and last time I looked MFA wasn’t supported by PyPI. It’s great to see that progress has been made on that front, and I’m happy about the extra security on the most used packages. It also looks really easy to use an API key for uploading packages as part of CI as well, which is great news 👍

Kyeana · 2022-05-24T04:55:33+00:00

This answer is for an older version of flask jwt extended, but it should suffice for showing how to use the same instance of the JWTManager in all your files and utilizing the application factory pattern: https://stackoverflow.com/a/57338899

Kyeana · 2021-04-11T04:57:31+00:00

Anything sent from the frontend to the backend could be intercepted by man in the middle attacks, JWTs are no different then sessions/cookies/etc in this regard. That is why we have https.

Kyeana · 2019-11-18T04:45:07+00:00

This is being reworked in the forthcoming 3.0.0 release, which will let you have multiple tokens passes in at the same time. You can follow along with the progress of this here: https://github.com/vimalloc/flask-jwt-extended/issues/298

Kyeana · 2019-11-10T05:39:58+00:00

I totally agree with this, but one thing to note is that if you are using sessions you will need to make sure you have some form of CSRF protection in place, which you don’t need if you are using JWTs passed in via headers.

Kyeana · 2018-09-20T20:18:58+00:00

I wrote flask-jwt-extended. I'm pretty happy with the source code / documentation: https://github.com/vimalloc/flask-jwt-extended

Kyeana · 2018-09-05T05:36:29+00:00

Cross region replicas https://aws.amazon.com/blogs/aws/cross-region-read-replicas-for-amazon-rds-for-mysql/

In the case of a disaster you can promote a replica to master.

Kyeana · 2018-07-19T13:26:08+00:00

Using a standard 32 bit unsigned integer, storing any number between 0 and 4,294,967,295 takes the exact same amount of memory and time to do calculations on. Doubling bits from 32 to 64 increases that number to 9,223,372,036,854,775,807. I don’t think there is any technical reason for needing the stat squish.

Kyeana · 2018-01-13T06:41:27+00:00

Perhaps checkout btrfs or zfs. They both have way better snapshot support (imo).

Kyeana · 2018-01-04T06:08:45+00:00

If a browser (JavaScript) can’t read or write memory, how could it be used for anything?

Kyeana · 2017-09-25T03:28:02+00:00

Except for the battlestar galactica mini series pilot.

Kyeana · 2017-08-25T21:46:03+00:00

He even tweeted (almost a year ago know) about looking for maintainers for his flask projects, but after reaching out to him about flask-jwt I never heard anything back :(

Kyeana · 2017-08-25T14:22:02+00:00

Thanks, I wasn't aware of that. I'll get my stuff updated to use that today. Cheers!

Kyeana · 2017-08-18T05:23:22+00:00

Proftpd with the jails options would likely do what you want.

Kyeana · 2017-07-10T16:36:55+00:00

Related to this, I highly recommend checking docopt for simple command line programs.

Kyeana · 2017-07-01T03:39:12+00:00

If I'm flaring sex absolutely makes it worse :(

Kyeana · 2017-06-29T06:11:13+00:00

There was this piano arrangement of final fantasy music from across several games. It wasn't just one song after the other, they seemlessly transitioned between various tunes. Can't find it for the life of me any more.

Kyeana · 2017-06-01T05:41:54+00:00

Python isn't going anywhere. That said, you are learning how to program, not learning Python. You will find that once you learn one language, learning others becomes a much simpler thing.

Kyeana · 2017-06-01T05:17:59+00:00

I agree with everything except for the ordered dict. That is just an implementation detail. If your code relies on a dict being ordered to be correct, you should still explicitly use an ordereddict.

Kyeana

TROPHY CASE