Slide from my talk at Python Web Conference 2021 https://2021.pythonwebconf.com/presentations/complete-python-toolbox-for-modern-developers

1. Complete Python toolbox for
modern developers
Jan Giacomelli
Python Web Conference 2021

2. About me
● Tech lead and co-founder typless.com
● Author at testdriven.io
● Twitter: @jangiacomelli

3. Python development
● creating and re-creating virtual environments
● installing, uninstalling, and updating dependencies
● type checking
● writing and running tests
● following consistent code style
● avoiding security vulnerabilities
● documenting code

4. Modern Python Environments - pyenv
Lets you easily switch between multiple versions of Python.
● Install specific Python version: $ pyenv install 3.8.5
● List available Python versions: $ pyenv versions

5. Modern Python Environments - pyenv
● Select a specific version as a global default: $ pyenv global 3.8.5
● Select a specific version for the current project: $ pyenv local 3.9.0

6. Modern Python Environments - pip + venv
Fairly simple to use. Pre-installed with most versions of Python.
● Create virtual environment: $ python -m venv my_venv
● Activate virtual environment: $ source my_venv/bin/activate
● Install a dependency: (my_venv)$ python -m pip install <package-name>
● Create list of dependencies: (my_venv)$ python -m pip freeze > requirements.txt

7. Modern Python Environments - pip + venv

8. Modern Python Environments - Poetry
Powerful CLI used for creating and managing Python projects.
● Create a new project: $ poetry new <project-name>
● Install a dependency: $ poetry add [--dev] <package name>
● Run a command inside the virtual environment: $ poetry run python -m pytest
● Dependencies are managed inside pyproject.toml

9. Modern Python Environments - Poetry

10. Modern Python Environments - pipenv
Managing dependencies and virtual environments.
● Create virtual environment: $ pipenv --python 3.8
● Install a dependency: $ pipenv install [--dev] <package name>
● Run a command inside the virtual environment: $ pipenv run python -m pytest
● Dependencies are managed inside Pipfile

11. Modern Python Environments - pipenv

12. Which one to choose?
● pip + venv
● poetry
● pipenv

13. Python testing - pytest
Go-to testing framework for testing Python code.
Compared to unittest:
● less boilerplate code -> more readable test suites
● uses built-in assert statement -> more readable and easier to remember
● updated more frequently (not part of the Python standard library)
● simpler setting up and tearing down test state with its fixture system
● uses a functional approach

14. Python testing - pytest

15. Python testing - pytest

16. Python testing - pytest
Plugins:
● pytest-django - set of tools made specifically for testing Django applications
● pytest-xdist - run tests in parallel
● pytest-cov - adds code coverage support
● pytest-instafail - shows failures and errors immediately instead of waiting until the end of a run

17. Python testing - Mocking
Practice of replacing real objects with
mocked ones, which mimic their
behavior, at runtime.

18. Python testing - Mocking
● pytest’s monkeypatch
● Python’s built-in untttest.mock library
○ Mock
○ MagicMock
○ create_autospec

19. Python testing - Code coverage
A metric that tells you the ratio between the
number of lines executed during test runs and
the total number of all lines in your code base.
pytest-cov - adds code coverage support

20. Code quality
Code is considered to be of high quality when:
● It serves its purpose
● Its behavior can be tested
● It follows a consistent style
● It's understandable
● It doesn't contain security vulnerabilities
● It's documented well
● It's easy to maintain

21. Code quality - linters
Linters flag programming errors, bugs, stylistic errors, and suspicious constructs through source code
analysis.

22. Code quality - flake8
Wrapper around Pyflakes, pycodestyle, and McCabe.

23. Code quality - flake8

24. Code quality - formatters
Reformat your code based on a set of standards.
Code formatting is a dull job that should be performed by a computer.
● reduce merge conflicts
● easier to read code
● easier to find bugs
● easier to onboard new developers

25. Code quality - isort
Automatically separates imports into groups standard library, third-party, local, and alphabetically
orders them.

26. Code quality - black
Code formatter that's used to reformat your code based on the Black's code style guide.

27. Code quality - black

28. Code quality - Security Vulnerability Scanners
Your code is only as secure as its weakest link.

29. Code quality - bandit
Tool designed to find common security issues in Python code.
● hardcoded password strings
● deserializing untrusted code
● using pass in except blocks

30. Code quality - safety
Used to check your installed dependencies for known security vulnerabilities against Safety database.

31. Type checking - type hints
Type hints allow developers to annotate expected types for variables, function parameters, and
function returns inside Python code.
● not enforced by the Python interpreter
● better express the intent
● autocomplete
● less bugs

32. Type checking - type hints

33. Type checking - type hints

34. Type checking - mypy
A tool for type checking at compile-time.

35. Type checking - pydantic
Uses type hints to validate data on runtime.
● easy to use
● uses type casting
● use it when dealing with external data

36. Type checking - pydantic

37. Type checking - Marshmallow
Helps to validate complex data and load/dump data from/to native Python types.
● doesn't use type casting
● schema and class defined separately

38. Type checking -
Marshmallow

39. Type checking - Typeguard
It enforces types while your program is running.
● typechecked decorator
● comes with pytest plugin
● for classes and functions

40. Type checking - Typeguard

41. Documenting Python Code
Without proper documentation, it can be very difficult or impossible for internal and external
stakeholders to use and/or maintain your code.
● standalone resource
● should always be present
● how and when to use something

42. Documenting Python Code - Docstrings
A special "string literal that occurs as the first
statement in a module, function, class, or method
definition".
● __doc__ attribute of module/class/function
● multiline and single line
● different formats (Google, NumPy,
reStructuredText, Epytext)
● code examples (doctest)

43. Documenting Python Code - Sphinx
Converts your project's docstrings to HTML and CSS.

44. Documenting Python Code - Sphinx

45. Documenting Python Code - Sphinx

46. Documenting Python Code - OpenAPI
Standard format for describing, producing,
consuming, and visualizing RESTful APIs.
● used for SwaggerUI and ReDoc
● can be imported to Postman
● can be used to generate SDKs
● can be auto-generated

47. Documenting Python Code - OpenAPI

48. Conclusion
● creating and re-creating virtual environments - pyenv, pip + venv, poetry, pipenv
● installing, uninstalling, and updating dependencies - pip + venv, poetry, pipenv
● writing and running tests - pytest, pytest-cov, unittest.mock
● type checking - mypy, pydantic, marshmallow, typeguard
● following consistent code style - black, flake8, isort
● avoiding security vulnerabilities - bandit, security
● documenting code - Sphinx, OpenAPI
You can learn more about these tools in Complete Python Guide