Most code is read many more times than it is written. Constructing readable code is important, but that doesn't mean it's easy.
If you've ever found unreadable PEP8-compliant code and wondered how to fix it, this talk is for you.
Long-lived code must be maintainable and readability is a prerequisite of maintainability. It's easier to identify unreadable code than it is to create readable code.
Let's talk about how to shape tricky code into something more readable and more maintainable.
During this talk we'll discuss:
We'll conclude this talk with a checklist of questions you can use to make your own code more readable.
Data and technology can be used to improve the health of older adults and to help them to continue to live at home and in the community as they age. Predictive analytics and modeling can predict who will get sick, be hospitalized, or have adverse outcomes in the future. Once we know who is at risk, we can design interventions to decrease the likelihood of negative health outcomes.
This talk will introduce you to health care data sources, such as electronic medical records and insurance claims; predictive modeling and how it can be used to improve the care we provide; and publicly available and open health data. We will talk about the D2S2 (discharge decision support system), which helps health care providers make decisions when older adults are getting ready to be discharged from the hospital; and how Django and Python can be used to visualize open health-related data.
Intro: Who I am (2 min)
Health care data and where it comes from (5 min)
Electronic health records
Dr. Chrono is actually built with Django!
Predictive modeling and decision support (10 min)
Predicting readmissions & the discharge decision support system (D2S2)
Predict whether older adults are at high risk or low risk of being readmitted to the hospital after discharge.
Building decision support to improve hospital discharge decision-making
Once we know a patient is at high risk of being readmitted, how do we decide what care they should receive after they leave the hospital? Use expert knowledge to develop decision support into the electronic medical record that will recommend a site for post acute care (care once the patient leaves the hospital).
Building patient preferences into the recommendations made to health care providers about what care the patient should receive after their hospitalization.
Brief overview of:
Likelihood of hospitalization modeling and nurse health coaching
Django and health care data (8 min)
Overview of open and publically available health care data
Open Data Philly (www.opendataphilly.org)
Visualizing open health data with Python and Django
How do I serve data up to my dashboard? We'll show how the Django REST Framework can make this easy.
How do I allow deep linking to particular queries on my dashboard? We'll use django-url-filter to transform a URL hash into a database query.
How do I get statistical calculations like quartiles out of Django? We'll stretch the Django ORM to use PostgreSQL's powerful statistics functions.
How do I make all of this work with D3? We'll have a brief survey of how D3 works and see how to plug data from Django into it.
Open source libraries have high quality standards. And understandably so, since the more important and widely used a project becomes, the more essential it is to maintain it. But this at times affects one of the fundamental advantages of open source software - contributions. Strict quality requirements and harsh code reviews make the process of contributing patches discouraging, disappointing, and even stressful.
In this talk, I will discuss tools and processes used by major Python libraries to maintain a high level of code quality and a robust code review culture. I will work through a list of people's code review fears with personal anecdotes, and how to deal with them and be more receptive to critical feedback. Through real examples taken from popular open source Python libraries, I will try to show what makes a good code review, what makes a bad code review, and what minor changes can turn the latter into the former.
Everyone of us knows this scenario, it's part of the daily life of a programmer: You build something and it doesn’t work. You run into a bug, you find a problem, you break your code - and then you have to figure out how to fix it again. This can take 5 minutes, several hours, sometimes even several days. Sometimes you get really frustrated and are about to give up but when you finally find the solution it's the greatest feeling in the world. Do you want to learn how to proceed when your code doesn’t work? Do you want to learn how you can become a better problem solver? Do you want to learn how a rubber duck can help you? Then this talk is for you :) In this talk I will present strategies on how to proceed when you run into a bug or other coding problems. I will also talk about what you can do in order to prevent frustration and how you can learn to be more confident when encountering bugs. My goal is to show that bugs are nothing to be scared of, that you can fix (almost) everything and shouldn’t be afraid of breaking things, and that debugging can be easier than you think it might be if you approach it the right way. Breaking things is the first step to learning how to fix them! This talk is inspired by a blog post I wrote a while ago, which you can find here().
Introduction - Who am I? What is this talk about? (2 minutes)
What is a bug?/What is debugging? (5 minutes)
Why breaking things is great - Don’t be afraid to break things (3 minutes)
Why a rubber duck? - Debugging strategies (10 minutes)
Reading error messages the right way
How Google can help
Rubber ducks, hypothesis, testing different approaches/solutions
Breaking your code down into smaller pieces
Drawing diagrams of code/writing pseudocode
Debugging tools like the django-debug toolbar
What to do when frustration kicks in (3 minutes)
Where/how to get help (2 minutes)
Q&A (5 minutes)
Lightning Talks by Many People
00:04 - Adrienne Lowe
06:33 - Russell Keith-Magee
09:42 - Tom Christie
15:14 - Trey Hunner
18:39 - Paul Logston
20:28 - Timothy Allen
It’s Friday night of hackathon weekend. The latest snazzy Internet-connected thingy is sitting on the table next to your beverage of choice, the device’s API docs are open in a browser tab, and your fingers are itching to write some Django. What’s the fastest way to get started? And next month when you come back to it, what will you want to upgrade?
This talk will walk through a common IoT use case, sending HTTP requests to turn on and off a device in response to some external data. I do this all the time at WattTime and I'll share some of the tricks I've picked up over the last couple years.
We’ll focus on two big differences from your typical blog or polls app: the data model abstractions that fit the problem, and the need to run frequent periodic tasks to hit the device’s API. I'll share a data model that's worked well for me across a bunch of IoT apps. And I'll show you two ways to run those periodic background tasks in Django: a hackathon-friendly version, and a production-friendly version using Celery. You'll walk away with a complete demo template that you can use in your own projects!
Together we’ll look at the code behind Bootstrap, Foundation, Semantic UI, and other CSS frameworks. We’ll identify common patterns and architectural decisions that make these systems so easy to use. Some of the things we’ll discover:
What it takes to set up a good type system.
How style and structure are separated to make theming easier.
Best practices for stubbing out grid systems.
How configuration works.
How to make everything feel cohesive.
What it takes to test a framework so you can potentially test your own.
So much more!
If you’re looking to improve your skills with one of these frameworks or potentially roll your own mini-Bootstrap, this talk is for you.
Today’s web applications demand information to be delivered immediately after it is available. This is a huge step from where everything started, simple HTTP blocking requests. In order to solve this Server Side Events (SSE) and Websockets (WS) were created. SSE works from the server to the client only and it uses the HTTP protocol. WS is bidirectional and implements a layer on top of HTTP. WS started to get more momentum and now most of modern web browsers support it.
Like most developers, I've always known that building accessible web apps is the right thing to do, but I wasn't sure how to do it. I tried my best to add image descriptions and audio transcripts and figured that was good enough. Then I started work on a Django 1.8 project for an agency that has a low-vision website administrator. When we sat her down in front of the app's admin interface for the first time, she had a lot of trouble using it. The contrast was way too low, and control features like sort by column weren't properly labeled. After watching her navigate the admin interface and learning more about how disabled users navigate the web, I customized our app's admin interface to improve accessibility. I've since gotten training in web accessibility, and want to share some of what I've learned so we can all build more accessible apps.
Django 1.8 and 1.9 include many very cool PostgreSQL-related features. Let's show them off!
We'll look at a few core problems that we were able to solve with Django forms.
Dynamic Field Creation: What if you don't know what fields should be present on a Django form until runtime?. Solutions:
Viewing a form's fields as a data structure (convert a field definition to a dictionary) Manipulate self.fields on a form to dynamically add / remove forms from a field.
A fields validated attributes can't be manipulated dynamically because of Validators within the forms API. Dynamic form layouts become difficult to manage, crispyforms does not scale as a solution!
Validate a form via an API: How can external validations behave the same as internal errors? Solutions:
form.clean() can be used for form wide errors, and form.add_error can be used to integrate those external validation errors into your existing form so that calls like is_valid() still work as expected with your external validations.
Adding fields at runtime: How can the user add fields to a form after it has been rendered?
Pitfalls: Creating a solution that creates a dynamic field that is validated, but doesn't render can cause issues with your layout solution (crispyforms fails again here)
Registration steps to use a web app, as well as login and password reset functionality is a common requirement, but where do you begin implementing this in Django? Walking through an actual case study with code examples, novice programmers will learn some tips and tricks for finding and implementing the right framework.
Not everyone can hire a professional designer for their websites and web apps, but we all still want our interfaces to be easy to use and attractive. However, if you want to learn a bit of design, design books jump straight into concepts like "the golden ratio" and teach proper typographic terms which, to be frank, aren't needed if you're just looking to improve your website's look and feel.
This talk will cover the top quick ways to improve your website, covering both user experience as well as visual design. Quick hits, easy to understand and utilize principles that anyone can use to improve their design skills. Perhaps you too can become the next designer+developer unicorn!
Outline Intro (5%): * Who am I? * Why is good design important? Overview of design terms (only the basics) (20%): * Definitions and overview of UI, UX, and visual design. * Overview of conversion, goals, and click-through rates. * What's most important when you're designing? Easy-to-understand design principles (40%): * Clutter is our #1 enemy. How a grid, fonts, and color can affect how cluttered our design looks. * Faces and photos, and other shortcuts we can use to make beautiful designs Step-by-step of walkthrough of creating a website design (20%): * Collecting ideas. * Sketching your ideas efficiently. * Tools to mock up your ideas. * Resources to help you build your idea. How improve your design eye and become a better designer (10%). Resources to learn more (5%).
Attendees should have the know-how to quickly improve the design of their websites immediately as well as knowledge of resources to improve their design eye.
The Cleveland International Film Festival (CIFF) is a two-week long event featuring hundreds of foreign, independent, and new films making their debut on the silver screen. For anyone less than a film buff, choosing a movie to watch at the film fest is a hard choice: there are no reviews, no IMDb info, and no Netflix/Hulu suggestions. Yes, it’s truly byzantine in that one must actually read all the movie descriptions to decide which one to watch.
With a handful of Python libraries, and 2 days, we developers at CodeRed built a movie recommendation engine for the CIFF. This talk outlines each step we took to build the recommendation engine, website, and twitterbot all centered around a Django project. Overall, this talk offers a complete look at the various parts and pieces that go into building a feature-full Django site, as well as exposure to doing entry-level Artificial Intelligence in Python.
Over the last few years SSL/TLS encryption of not only websites but many other services as well has risen tremendously. The Let’s Encrypt organization and certificate authority (CA) makes that pretty easy. Since September 2015 almost 1.8 million certificates have been issued. And you can use it, too. For free!
In this talk I'll demonstrate how to integrate SSL/TLS and point out some common pitfalls. I’ll briefly layout the Let's Encrypt ACME protocol and explain what you need to set up in Django to make SSL/TLS the default and only way to access your site.
The role Django (and Python) plays in this new world is becoming a bit more limited. There are plenty of great efforts to get Python running everywhere, but this talk isn't about any of that. This talk is about building the API all of these frontends need to communicate with to drive persistent and business logic.
pinax-api was originally built to serve the needs of a particular client at Eldarion, but later pulled out as its own app. It provides a simple and modern interface to building an API with Django. At its core, pinax-api leverages the JSON:API spec that was built out of Ember.
The talk will cover:
what is JSON:API
JSON:API in pinax-api
API primitives provided by pinax-pai
how pinax-api leverages Django to its fullest
automatic documentation generation using API Blueprint
why not Django REST Framework?
1) Short introduction 2) Run through available extension libraries and what’s possible in them: - Django Suit - Grappeli - Django Admin Tools 3) Quick run through available Django Admin options. - list_display, list_filter, list_editable, search_fields, ordering, sortable - readonly_fields - raw_id_fields - fieldsets - actions 4) Customizing Django Admin on your own. Let’s create a super custom Django Admin together! The case study of DjangoGirls.org website, that supports a management system for various users who should be able to only manage pages they’re assigned to. - Limiting objects to users - Displaying computed fields in list page - Limiting add/edit forms for different types of users - Automatically saving information per user - Custom actions 5) Summary - Instructions where to look for more information - Improve Admin (code.djangoproject.com, open source wohoo!) - Mention about Django Admin 2
REST API's have been with us a long time. It's time to ask if we can create better API's with new paradigms. We will discuss new ways to query and manipulate data so that our code becomes simpler and easier to scale.
GraphQL is a query language created by Facebook in 2012 which provides a common interface between the client and the server for data fetching and manipulations. We will do a quick overview of GraphQL and focus later on Graphene, the main GraphQL framework for Python.
Graphene allows us to reuse our existing Django Models to create schemas quickly and easily. We would like to think of it as the next natural step from the Django Rest Framework.
Day 2 Lightning Talks -
00:14 - Lucie Daeye
05:22 - Rostyslav Bryzgunov
08:09 - Tobias McNulty
13:10 - Kenneth Love
17:58 - Joseph Bane
21:35 - Ola Sitarska
26:13 - Rachell Calhoun
30:36 - Joe Cronyn
What is it?
What does it do?
Why Djangos collectstatic is not up to the job?
Must run after deployment
Doesn't do all the things
Integration on both sides
Webpack bundle tracker to output build stats
Django Webpack bundle loader to read those files
How to render links in templates.
In this talk, Russell Keith-Magee will bring the experience born of 25+ years as a software developer, 10 years as a Django core developer, 5 years as DSF President, and 5 years as a business owner to expose you to some topics that every software developer should know, but often aren't covered as part of formal training. This includes legal topics such as copyrights, licensing, and trademarks, the role played by codes of conduct, and some of the non-code skills that are important for successful projects, and essential for successful entrepreneurship.
Mezzanine CMS is a popular content-management solution for Django. With a rich set of built-in features and following Django’s batteries-included approach, it can supercharge your new or existing apps for content-oriented sites.
In this talk we will explore the features that Mezzanine provides by default, and how they take care of many common content-management tasks (page creation and editing, maintaining a blog, WYSIWYG editors, SEO, and more).
We will also take an existing Django app and convert it into a fully integrated Mezzanine application. You’ll be surprised at how much of the work has been done for you, and how your existing Django skills will let you hit the ground running when working with Mezzanine.
Basic integration of custom models
Advanced integration of custom models
Working with templates
Questions (if time permits)
Design is 95% typography, or something like that. Having a grasp on what makes for pleasant, easy to read typography that reinforces your brand is the first step towards building an amazing, impactful experience. Together we will explore typography fundamentals:
Sizing, spacing, and rhythm to make all of our type feel cohesive.
How to improve readability and encourage the user to read.
Type families and different styles.
Choosing and pairing fonts, how many to use, and when to use them.
These typography basics will help you better understand why some typefaces just don’t work and give you some go-to solutions for when the designer is out sick (or has gone crazy). We’ll learn a bunch but not too much, it will be just enough :grin:
User experience(UX) has come to the forefront of the design world over the last 5-10 years. As the internet and its content have evolved, we’re asking now more than ever about user goals when they visit the websites and software we create.
UX terms like Information Architecture, Interaction Design, and Research are regularly thrown around, but what are they and how does it impact a site and product?
This talk will define UX and it’s sub-disciplines to bring understanding to what UX is. Practical deliverables will be shared in an effort to give attendees something that they can begin to implement into their process.
Virtual reality in 2016 is moving closer to mainstream, especially with game development due to releases from multiple companies (Oculus Rift, Playstation VR, and HTC Vive). We decided to build an entertaining, accessible virtual reality game via Google Cardboard for iOS and Android based on a classic childhood game to find hidden objects in elaborate scenes.
One year ago we completed a years-long project of migrating theatlantic.com from a sprawling PHP codebase to a Python application built on Django. Our first attempt at a load-balanced Python stack had serious flaws, as we quickly learned. Since then we have completely remade our stack from the bottom up; we have built tools that improve our ability to monitor for performance and service degradation; and we have developed a deployment process that incorporates automated testing and that allows us to push out updates without incurring any downtime. I will discuss the mistakes we made, the steps we took to identify performance problems and server resource issues, what our current stack looks like, and how we achieved the holy grail of zero-downtime deploys.
Code review is like a buzzword in the programming world. Developers often talk about how important it is. But what really happens during code review? What do you achieve out of it? How can we learn during code review? This talk will present ideas of what should be the goals of a code review, and how can developers learn during code review process.
So you've written a bunch of code, and you think others might find it useful. You open source it, and... profit, right? Well, no. PyPI is filled with thousands of projects that have been released with the best of intentions, but never really break into the mainstream. How do you escape this trap, and maximize the chance that your project will actually be used, grow and thrive?
In a continent where more than 75% of the world’s poorest countries are located all with common problems of Economic hardship, electricity issues, lack of water e.t.c and there is a global need to change the narrative not just as individual countries but as a continent. Our leaders try as it may have failed us, nothing seems to be working. The next point of action is to use Technology in whatever form to change our narrative, change our story and enhance our lives.
What better way to go than to go the open source route. Already many initiatives have sprung up recently with PyCon Namibia and DjangoGirls spreading through different African countries. In this talk we highlight how Python education has gradually changed the lives of many women and hope to make suggestions on how such initiatives hope to bridge the technology gender gap in Africa and ultimately how it is being used to change our narrative.
Anywhere in the world, achieving development means going through serious technological changes and innovation. That implies having qualified people to drive those changes. These qualified people exists in most of the developing countries but it’s not enough. It is indeed a sheer case of demand outweighing supply. It is no secret that in Africa there are so many untapped resources with a whooping 60% of the entire population between the ages of 15-25. At this point there is so much potential laying fallow.
Globally there is a talent gap in technology with not enough people with the right skill set to fill in the role with Africa with no exemption. Furthermore, by looking closely, it’s easily noticeable that the majority of technological workforce is the men. There is therefore a considerable opportunity: WOMEN. Unfortunately, because of different reasons especially in Africa where women rights are not given due consideration, and due to unfair treatments, very few women are involved in technology. By consciously making extra efforts to enlighten and bring in more women, we can nearly double the amount of qualified people in technology, create more innovations and progress. This is in fact a no brainer solution
In this talk we would talk about how workshops like Django Girls are helping increase the number of skilled people in technology and also stress the need for to create a lot more similar events and make them more “3rd world friendly” by tackling challenges such as lack of electricity, internet, proper equipment etc. In this talk we would curate information from all DjangoGirls organizers in different African countries to highlight the general challenges faced in organizing python workshops and events in various countries in Africa and also profer solutions and suggestions in tackling these issues To conclude we leave with this quote from Karen Spärck Jones, Professor of Computers and Information at Cambridge Computer Laboratory "I think it's very important to get more women into computing. My slogan is: Computing is too important to be left to men."
(~ 5 minutes)
- Who we are and how did we meet?
WHY DO WE CARE?
(~ 10 minutes)
- Universal Design as a core value
- Who benefits?
- Why making inclusive products makes business sense?
- What liabilities you incur for not making inclusive products?
WHAT CAN YOU DO WITH AN ALREADY ROUNDED PRODUCT?
(~ 10 minutes)
BABY-STEPS WITH KA LITE
Easy things you can check for and correct fast (titles, headings, aria landmarks, visible focus, alttext for images, meaningful labels for EVERYTHING...)
Bit more tinkering required (menus and navigation, complex forms, accessible color schemes...)
Accessible Multimedia & Documents (offer ALTERNATIVES!)
WHAT SHOULD YOU DO RIGHT FROM THE START OF A NEW PROJECT?
(~ 10 minutes)
KOLIBRI FLIES FOR EVERYBODY
- Include a11y requirements into the Usability Style Guide
- Take a11y into account when choosing the libraries and frameworks
- Follow the standard web semantic
- Make accessible web components available from the beginning
- Start including a11y automated tests as soon as possible
ACCESSIBILITY IN EVERYDAY DEV TEAM LIFE
(~ 10 minutes)
- A11y Pills & lots of passion
- Make accessibility a *SHARED* responsibility
- Start a Tools Repository (Rome wasn't built in a day)
- Don't rely exclusively on checklists and automated testing (Involve the USERS!)
- No such thing as 100% accessible
What is imposter syndrome?
It's a failure to internalize your accomplishments. It's the nagging feeling you don't know enough, haven't done enough, don't have enough experience to do your job, land a new account, publish a new paper. It's feeling like a fraud and that you're about to be found out. The term was coined in a study by Pauline Rose Clance & Suzanne Imes in 1978 having to do with the habits and behaviors of high-achieving women, but it's recently become a hot topic in tech and career conversations - with good reason.
Who does it affect?
Originally a phenomenon studied among women in academic fields, studies (and anecdotal evidence) have shown it affects just about everyone. Sheryl Sandberg, Meryl Streep, and Maya Angelou have all commented about their own experiences with imposter syndrome. After we've asked, so have most of our friends and colleagues. We combine research with personal experience to provide the Big Six signs you might have imposter syndrome, so you can recognize the symptoms in yourself.
How is it affecting me?
Imposter syndrome can make us feel like we need to be super-people, adding and adding to our goals each day, with no end in sight. It means we might be less likely to raise our hands for new projects because we don't think we know enough. It might keep us from speaking up in meetings, seeking promotions, or talking at conferences. It can bring feelings of self-doubt, anxiety, fear, alienation, isolation, shame or despair. It can be paralyzing to a person's career.
Does it get better?
Thanks to the Dunning-Kruger effect, the more you learn, the more you realize how much you don't know. When combined with the imposter syndrome associated with increasing achievements over time, it usually gets worse.
But...there's good news.
Through identifying specific components of imposter syndrome, you can sort out what's a real area for improvement and what's mostly anxiety. Dealing with imposter syndrome is often part of the price of doing new, exciting things. We can help you figure out to cope. This talk will also help you recognize imposter syndrome in friends, colleagues, and employees, and we'll help you think about how to best support them. (Hint: responding with compliments does more harm than good.) By the end of our talk, you'll to learn how you can leverage the feelings of imposter syndrome to become a better leader, colleague and human.
Model Managers are an amazing part of the Django Framework. When put to use, they can bring enhanced readability, encapsulation of logic, increased security, and performance. But they're often overlooked - even by those with years of experience. Let's fix that. We'll go through examples that demonstrate how easy Model Managers are to integrate into a project and why they're so important.
QuerySets and object Managers are a core part of Django, and can be extremely powerful. But I didn't always know about some of their more advanced capabilities.
You have likely used filter(), exclude(), and order_by(). You've even probably used an aggregation method like Sum() or Count(). Less common, however, are query(), only()/defer(), and select_related().
F EXPRESSIONS / Q OBJECTS
For some more complex queries, those basic functions and filters won't cut it. How do you construct a query that needs to check for field A or field B? What do you do if you need to multiply two fields together and then sum them? Look no further than F() and Q().
RAW SQL / THE EXTRA() METHOD
As a last resort, it's entirely possible to use raw SQL queries to get the database results that you need. The sky's the limit, but there are definitely downsides to this approach; pitfalls include SQL injections and database backend portability issues.
A talk on QuerySets would be incomplete without mentioning Managers, and how to leverage Manager customization to make your life easier. Writing methods on existing Managers, and creating custom ones can go a long way towards being DRY and reducing the potential for errors.
The Django and Python communities have made codes of conducts a standard feature for many years now. But what exactly is a code of conduct? How does it work in practice? Why do we need them? What you should report? What are the consequences of having one?
We (Ola & Baptiste) have been working as CoC points of contacts at many conferences for the past few years: EuroPython 2014, DjangoCon Europe (2015 and 2016), and Django Under the Hood (2014, 2015). This has given us a unique insight into the inner workings and practical implications of codes of conducts and we want to share it with the Django community.
The talk will start with a brief history of codes of conducts. From then, we'll go over some of the challenges and pitfalls of implementing a CoC in our communities or events. After that, we'll show how CoC work in practice and answer some common questions about them. We will then briefly talk about how lessons learnt from CoC world can be applied successfully in your daily job to grow supportive and strong teams. Finally, we'll finish off by showing the new standardized CoC processes that we've been working on.
With this talk, we want to continue the process we've started of bringing CoC to the front of the stage, making them more transparent and less taboo. We believe that CoC are an essential part of any community and we'd like to share our vision for how we think ours should work.
Legacy software is software that already exists. It may be a project you've inherited after joining a team, a new client's application, or something you wrote last year, or last month. Most software developers seem to prefer "greenfield" development, where you get to start from a clean slate. The reality is that there's a lot of "brownfield" development out there, that it rarely makes sense to throw away working software, and we can control the experience quite a bit to make our lives, and the software, better. If you haven't worked with legacy software chances are pretty good you will.
We'll first walk through what "legacy" means, and what this looks like specifically for Django developers and Django projects. We'll also cover some of the scenarios in which you may find yourself working with legacy codebases. This includes the types of issues you'll be presented with, both generally and specific to Django.
What do we mean by legacy code?
What does a legacy Django project look like?
What kinds of issues will you need to deal with?
How to approach the codebase
Tools for working with your new legacy codebase
Introducing or fixing tests
Common issues to look for and how to solve them
Legacy deployment processes and other scary nightmares
More features! Balancing business needs and "perfect" code
Deciding when to upgrade Django and other dependency versions, and how to do this
Technology professionals have been in high demand for several decades, and this demand for talent has caused a culture to emerge that often turns a blind eye to those who may be struggling with alcoholism and addiction. We have to come together to avoid this "petri dish" continuing to exist, by watching out for ourselves, and one another. The CDC estimates that ten percent of Americans suffer from the disease of addiction, and only nine percent of addicts ever receive treatment. This "petri dish" of technology culture makes it even harder for those of us with careers in the field.
Recovery can be a wonderful journey for those of us who suffer from the disease, and I hope by sharing some of my journey, people will take a step back and consider what we can do to improve the culture for everyone.
Content warnings: this will be frank discussion that may involve colorful language, and topics including drug and alcohol abuse, death from addiction and sexual abuse.
Day 3 Lightning Talks -
00:15 - Andrew Sauber
05:04 - Dan Davis
09:21 - Justin Caratzas
14:02 - Kevin Daum
17:10 - Adrienne Lowe
20:52 - Ethan McCreadie
25:02 - Dan Dietz
29:56 - Phillip James
32:56 - Haris Ibrahim K. V.
Django Security Talk Notes
Philip James, how long I’ve worked with Python and Django, background at EB
Introduction to the story, and the characters
Safe-ish: Talk about Django’s Security Model and how it tries to provide sane defaults for developers
Run-through of the parts of the django security model
XSS (brief definition)
Django escapes characters by default
How do you turn it off? Mark Safe, | n, safe
CSRF (brief definition)
Django has middleware that checks POST requests for a token
Token is stored in cookie, also
Could be better? Make cookie httponly
Side-effect: harder to JS. Also, only an issue if you’re already owned, so maybe not an issue?
How to get around it? csrf_exempt
SQLi (brief definition)
Django’s ORM makes clean sql, (even when given bad data?)
How to get around it: extra()/RawSQL()
Clickjacking protection (brief definition)
Django has middleware that sets headers browsers are supposed to respect
Which browsers? https://docs.djangoproject.com/en/1.8/ref/clickjacking/#limitations
How to get around it: xframe_options_exempt, xframe_options_deny, xframe_options_sameorigin
This one is less "out of the box" than the others, so won’t be talked about here.
Host Header Validation (brief definition)
Django verifies against allowed hosts in settings
What are django sessions?
Cookie-based by design
How can we make this better?
Overall: Vigilance. Be aware of uses of this within your product
XSS, CSRF, SQLi, Clickjacking: Have them all enabled, write rules to check for "escape-hatch" functions
Set the correct settings
SECURE_SSL_REDIRECT: How does it work?
Volunteers often love running introductory programming workshops. This talk covers how to help attendees get the most out of your volunteer time. We’ll look at how to make a tutorial easier for attendees to follow and tips that help students stay relaxed and learn effectively. The talk incorporates what I learned as a student teacher and includes a new source of help in revising newcomer material.
From Frank's his early childhood of having a simple ant farm, up to and including his long experience in the deepest, most pristine, and undisturbed wilds of the Internet, his experience has honed his abilities to find and identify bugs. Learn some of the best tools of the trade that will help in your daily hunts.
Bug hunting tech you will learn about:
using iPython embed
effectively using Python logging so you don't need to use the last quite so often
Bug hunting is all about visibility. You may have the best net ever invented, but you can't catch a bug you can't see. Sure, you can spend all day turning over rocks and hope for the best or you can gear up with the tried and true night vision goggles all the pros use.
“You can’t break GitHub, don’t worry.” Maybe you can’t break it but you can sure get yourself into a labyrinth of git commands. Version control can be a headache but it can also save your project.
There are certain pitfalls to avoid when using Git, I’ve probably found most of them and stumbled my way out. While my goal is to help you avoid them altogether, I also want to give you the skills to work through these pitfalls so you can make it out alive and with your project intact.
Whether you’re working on your own project, or collaborating with others you can learn how to git survive anything. We’ll discuss the benefits version control has for your own projects as well as projects with others.
For all of you awesome collaborators working with others on a project, we’ll go over important steps to take while handling others’ code and ‘gitiquette’ so you can save yourself the embarrassment of faux pas in the git world.
My goal is to give you an overview of Github flow, provide solutions for potential problems you may encounter, and help you feel more comfortable with version control.
How to address URL based translation and Django language detection easily.
RTL LANGUAGE DIRECTION
Most of them are speaking in a language which is written right to left so it’s not enough to just translate your app to their language. You should change the style of your app to display them in a correct format. Some graphic elements should be flipped horizontally to make sense for them.
CHARACTER ENCODING ISSUES
When you are working with a language with completely different form of alphabet and characters there is a huge chance that you face an issue if you don’t abide some encoding standards.
Some of those countries have their own calendar which is completely different from gregorian calendar which is used in most of west countries. There are some apps helping you to convert unix timestamp to those different calendar format in both backend and frontend side
INTERFACE DESIGN AND PROPER FONTS
As their language is RTL some graphic elements need to be mirrored. Although it is true for most of layout parts but there are still some sections that needs to keep their direction, like mathematical equations, multimedia players progress bar, … Using modern frontend tools like SASS mixin to automatically float elements depending on the language direction.
We'll start with an overview how React works, with an eye towards how it's different from interpretive libraries like jQuery. This overview will center around how state is managed in React vs. jQuery, which is the biggest hurdle for many developers when they're learning React. So if you haven't quite wrapped your head around the difference between "2-way data binding" and "1-way data binding", or if you've heard someone talk about "data-down/actions-up", "flux", or "redux" and weren't quite sure what they were talking about, this will clear all that up.
Then we'll take a look at how you can integrate React into a Django project. We'll talk about how you might want to structure things if you're starting with a brand new project, but we'll also talk about ways you can start to take advantage of React's strengths even in projects that are already mature.
Finally, we'll talk about some of the challenging parts of working with React for the first time - how to handle front-end permissioning in React based on your back-end API, how to think about url routing when you literally have two routers, deployment, and the general confusion that goes along with using npm and webpack for the first time.
As developers move along in their career, they are often encouraged to take on roles that involve more and more people management and less code.
Stepping towards management often can be a good move to make, but it is not one that should be taken lightly. If such a move is taken without a full appreciation for what it truly is (a career change), it can lead to woe and misery for all involved.
In this talk we'll follow one developer's journey from coding 40 hours/week to primarily managing humans. What worked well, what didn't work well, what was hard, and what was surprising.
Attendees of this talk should expect to walk away with a better idea of if they may be suited for management and if so, how they can successfully acclimate to their new role.
WHAT IS WAGTAIL
Wagtail is a Django-based CMS made by developers that were just sick of the current solutions out there for reasons from usability to extensibility. It provides a sleek and intuitive editing experience, while keeping its design open and flexible for creating custom frameworks. I'll first explain what Wagtail is, how we can use it, what features make it great, and what makes it not so great.
Brad Frost coined this term in reference to his taxonomical design model. The model breaks down design layouts from the simplest element to the more complex layouts. I'll briefly go over what this model is.
Atomic design lends well to the strengths and some features of Wagtail. I'll tell you how you can use Atomic design in harmony with Wagtail, with tips and pitfalls you might encounter along the way.
Any new approach to something is going to be both fun and frustrating. I'll list some of the most frustrating aspects of Wagtail, trickled with some advice.
The Cyborg City Lecture Series
July 19, 2056
As an increasing number of scholars debate precisely what it means for our cities to be organisms unto themselves -- specifically cybernetic organisms -- we will take a retrospective look at the historical period that preceded this trend in ideas. Technology Historian Mjumbe Poe will share his perspectives on the first quarter of the 21st Century, and the evolution of the mediated relationship between people and cities by technology.
Among other themes related to cities, Poe will address:
Cyborgification -- individuals increasingly empathizing with their technology
The ever decreasing latency in all forms of communication, and the effects on neighborhoods and local politics
The ubiquity of digital representation and reluctant conversion of state business to electronic form
Privacy, security, particularly important rulings around rights to encryption, and digital devices as extensions of the self
Special attention will be paid to the role that the Web and ubiquitous network connectivity played in these developments.