EPISODE · Jun 1, 2026 · 24 MIN
#482 Mr. Beast's episode
from Python Bytes · host Michael Kennedy and Calvin Hendryx-Parker
Topics covered in this episode: CVE-2026-48710: A Maintainer's Perspective daily-stars-explorer Markdown to pdf with pandoc and typst postman2pytest Extras Joke Watch on YouTube About the show Brian #1: CVE-2026-48710: A Maintainer's Perspective Marcelo Trylesinski suggested by Lee Luocks Short version: users of Starlette: upgrade to Starlette 1.0.1 security professionals: we can’t treat open source projects like corporations This top link is a Starlette security advisory with the title Missing Host header validation poisons request.url.path, bypassing path-based security checks The CVE apparently caused some negative press targeting starlette. However, “the vulnerability came from the application pattern and the deployment, never from something Starlette intended.” A quote from an OSTIF article: “This bug is a classic “responsibility gap” where if this maintainer didn’t patch, thousands of exposed projects would have to individually secure their projects. In doing this work, they’ve voluntarily taken on the responsibility to protect the ecosystem from long-term systemic harm. As with all open source projects, they owed us nothing and could have left this to be everyone else’s problem and took the extraordinary steps of helping the ecosystem.” Both X40 D-Sec and Ars Technica expected immediate fixes and responses from Starlette. That’s not good. We can do better. Michael #2: daily-stars-explorer Explore the full history of any GitHub repository. 📈 Full Star History - Complete daily star counts for any repo ⏰ Hourly Stars - Hour-by-hour activity with timezone support 🔀 Compare Repos - Side-by-side comparison of any two repositories 📊 Activity Timelines - Commits, PRs, Issues, Forks, Contributors over time 📌 Pin Favorites - Bookmark repos for quick access without retyping 📰 Feed Mentions - See when repos were mentioned on HN, Reddit, YouTube, GitHub 💾 Export Data - Download as CSV or JSON 🌙 Dark Mode - Easy on the eyes Try/use it online at emanuelef.github.io/daily-stars-explorer or install it for yourself. Brian #3: Markdown to pdf with pandoc and typst typst suggestion from Matt Harrison Markdown is awesome Pandoc is great for converting markdown to tons of stuff but for pdf, it goes through LaTeX, which is … yuk (my opinion) Pandoc also can convert to typst And typst creates beautiful pdfs and is way easier (my opinion) to deal with than LaTeX. New tools brew upgrade pandoc brew install typst Now convert pandoc something.md --to typst -o something.typ typst compile something.typ something.pdf Michael #4: postman2pytest via Mikhail Based on postman app Convert Postman Collection v2.1 JSON into executable pytest test suites Postman collections document your API. postman2pytest turns that documentation into executable regression tests that run in CI. No manual rewriting, no drift. Extras: New blog, who dis? - testandcode.org is now on .org and a blog and soon to be a “publisher”. Joke: Centering a div
What this episode covers
Topics include CVE-2026-48710: A Maintainer's Perspective, daily-stars-explorer, Markdown to pdf with pandoc and typst, and postman2pytest.
NOW PLAYING
#482 Mr. Beast's episode
No transcript for this episode yet
Similar Episodes
Jul 3, 2026 ·45m
Jun 26, 2026 ·46m
Jun 22, 2026 ·56m
Jun 12, 2026 ·40m
Jun 5, 2026 ·38m