If someone had a Nintendo Wii connected to their laptop on a flight I am not sure I'd be able to resist asking to change seats to sit next to them. This is an amazing blog post! ๐คฉ
bryankeller.github.io/2026/04/08/p...
Donald Trump must be removed from office for threatening war crimes and genocide.
Speaker Johnson: bring the House back into session.
Invoking the 25th Amendment and impeachment must be on the table, but Congress should also move on a War Powers resolution to stop Trump.
Glad I'm not the only one! :)
If this graph concerns you, send an email to: sponsors@python.org
Once I actually make it to the dungeons everything works out great, but figuring out how to get to the next plot point has been rougher.
Compared to Link's Awakening, I'm finding Oracle of Seasons to be /much/ more difficult and puzzling to navigate (especially with the "other world" thrown in), I've had to consult a guide at least 5-10 times at this point to figure out what to do next and I'm only at the 4th dungeon.
I built a small progress calculator for @retroachievements.org using their API, and it's showing ~23h to beat Oracle of Seasons based on my progress speed. Compare to 18h estimate from "Time to Beat"... this has been accurate to my feelings.
github.com/sethmlarson/...
#gaming #retrogaming #gameboy
Core Dispatch #1
New releases are slated to drop on Monday: 3.13.13, 3.14.4, and 3.15.0a8.
PEP 803 got accepted, so free-threaded builds will have a stable ABI.
Ken Jin also wrote up what's going on with the JIT in 3.15.
coredispatch.xyz/editions/1
Dizzy Sheep Disaster is a new e-Reader game coming on the 14th!
It was made by @sarahlynne.bsky.social, @mteegfx.com and @humanthomas.bsky.social
#indiedev #gba #nes
Screenshots of Dizzy Sheep Disaster: EX
Cards for Dizzy Sheep Disaster: EX
The packaging for Dizzy Sheep Disaster: EX
Iโve been teasing it for a bit, but hereโs the official word: Dizzy Sheep Disaster: Ex is going on sale on April 14th!
Iโll have around 100 copies for sale through an online store to start. Stay tuned to get your copy of the game for your Nintendo e-reader and the web!
#gamedev #homebrew
Warning to open source maintainers: the Axios supply chain attack started with some
very sophisticated social engineering targeted at one of their developers simonwillison.net/2026/Apr/3/s...
Absolutely stellar blog post from @sethmlarson.dev and @miketheman.com about the recent LiteLLM supply chain attack, and what you can do to protect your projects!
Everyone should read this post (and sponsor their _very important_ work!)
blog.pypi.org/posts/2026-0...
PSF Security developers have published incident reports on the LiteLLM & Telnyx #supplychain attacks. Read what happened, who's affected, and what developers & maintainers can do to prepare and protect themselves from future incidents. #security #python
There is a ton in this report, like how @pypi.org is able to respond so quickly to malware thanks to our network of trusted reporters and how to keep yourself secure both as a maintainer and user of Python packages.
The real question is how many of those "War and Peace" cards are actually printed? :) haha
Today we launch the e-Reader e-Reader!
Gittensor is paying crypto for merged OSS PRs and itโs generating slop contributions to repos listed on their platform without maintainer consent.
If you maintain an open source project, it's probably worth checking if youโre listed and requesting removal: gittensor.io/repositories
If a package is actively malicious or breaks the terms of service you can report it to: security@pypi.org
Being AI generated isn't against the ToS, so if could serve a legitimate purpose it's unlikely we'd remove a package for being "spam".
๐ Security Track Spotlight:
Join Hala Ali & Andrew Case at #PyConUS 2026 for "Post-Incident Runtime SBOM Generation from #Python Memory" and learn how to generate SBOMs from memory to uncover hidden dependencies and reduce false positives. #security
us.pycon.org/2026/schedul...
Lego set for the Gameboy DMG
Received the #Lego #Gameboy as a gift! My chances of doing buildaboy.co by @nataliethenerd.com have suddenly increased astronomically.
Creating a personalised bin calendar: alexwlchan.net/2026/bin-cal...
I wrote a quick post about how I create my a fridge calendar that tells me about bin day.
Python stdlib + CSS = ๐ฎ ๐
pip supports this option, too via --min-release-age. Relative dependency cooldowns (e.g. "7 days" or "P7D") are coming in pip v26.1 which can be configured globally in your pip.conf
I've been an #iOS Lockdown Mode user (and iCloud Advanced Data Security) for ~2 years now, it breaks a few things but... might be worth it to be Cellebrite and zero-day proof these days?
techcrunch.com/2026/03/27/a...
#security #iphone
We're working lots with Arrow these days.
I needed a tool to do some debug/filtering.
So I've built a thing!
If that helps you as much as it helps me, use it, feedbacks and PRs are welcome. ๐ฅณ
Studies into the abstraction of cartridge designs into letter forms.
Lots of research into cartridge types, and pages of these as I tried to see what aspects of each cart to use, how much to abstract it, and what letters to assign them to. Turned out way better than it would have otherwise due to a bunch of great feedback from @supernatetendo.bsky.social as well.
Phone with two Pocket Tacos on either end completely obscuring the emulator on screen.
@thewulffden.com @bob.thewulffden.com Got the GameSir Pocket Taco from your review. Love it so far!
Limit candidate packages to those that were uploaded prior to the given date. Accepts RFC 3339 timestamps (e.g., 2006-12-02T02:07:43Z), local dates in the same format (e.g., 2006-12-02) resolved based on your system's configured time zone, a "friendly" duration (e.g., 24 hours, 1 week, 30 days), or an ISO 8601 duration (e.g., PT24H, P7D, P30D). Durations do not respect semantics of the local time zone and are always resolved to a fixed number of seconds assuming that a day is 24 hours (e.g., DST transitions are ignored). Calendar units such as months and years are not allowed. May also be set with the UV_EXCLUDE_NEWER environment variable.
In light of the fallout from the LiteLLM supply chain attack, I just learned that you can exclude newly published package versions when installing with uv using exclude-newer.
