Находки в опенсорсе: Python
974 subscribers
4 photos
225 links
Легкие задачки в опенсорсе из мира Python

Чат: @opensource_findings_chat
Download Telegram
🚀 New issue to ag2ai/faststream by @dzeveloper
📝 Feature: Consumer-Only Mode for KafkaBroker (#2879)


When deploying a subscriber-only service, it's common to provision Kafka credentials scoped strictly to READ + DESCRIBE ACLs on specific topics. Today, KafkaBroker always starts a producer during broker.start(), regardless of whether any @broker.publisher is registered. This causes the producer to attempt a connection using consumer-only credentials, which fails or raises errors at the broker/ACL level.

Proposal:

# Option A: broker-level flag
broker = KafkaBroker("localhost:9092", consumer_only=True)

# Option B: skip producer if no publishers are registered (automatic)
# No API change needed — broker inspects registered publishers at start()


#enhancement #good_first_issue #confluent #aiokafka #faststream #ag2ai
sent via relator
👍1
🚀 New issue to wemake-services/django-modern-rest by @sobolevn
📝 Flaky test: `test_redis_sync_leaky_bucket` (#1043)


Output:

 ______________________ test_redis_sync_leaky_bucket[True] ______________________
tests/test_integration/test_throttling/test_backends/test_redis_backend/test_redis_backend.py:110: in test_redis_sync_leaky_bucket
assert response.status_code == HTTPStatus.TOO_MANY_REQUESTS
E assert 200 == <HTTPStatus.TOO_MANY_REQUESTS: 429>
E + where 200 = <HttpResponse status_code=200, "application/json">.status_code
E + and <HTTPStatus.TOO_MANY_REQUESTS: 429> = HTTPStatus.TOO_MANY_REQUESTS
================================ tests coverage ================================

=========================== short test summary info ============================
FAILED tests/test_integration/test_throttling/test_backends/test_redis_backend/test_redis_backend.py::test_redis_sync_leaky_bucket[True] - assert 200 == <HTTPStatus.TOO_MANY_REQUESTS: 429>
+ where 200 = <HttpResponse status_code=200, "application/json">.status_code
+ and <HTTPStatus.TOO_MANY_REQUESTS: 429> = HTTPStatus.TOO_MANY_REQUESTS
============ 1 failed, 2479 passed, 10 skipped in 243.50s (0:04:03) ============


It fails from time to time: https://github.com/wemake-services/django-modern-rest/actions/runs/26490639540/job/78007463856?pr=1042


#bug #good_first_issue #help_wanted #django_modern_rest
sent via relator
🚀 New issue to wemake-services/django-modern-rest by @sobolevn
📝 Flaky test: `test_sse_ping_with_last` (#1046)


Happened on mypyc wheels cp314-macosx_x86_64

  =================================== FAILURES ===================================
___________________________ test_sse_ping_with_last ____________________________

dmr_async_rf = <dmr.test.DMRAsyncRequestFactory object at 0x114ddad60>

@pytest.mark.asyncio
async def test_sse_ping_with_last(
dmr_async_rf: DMRAsyncRequestFactory,
) -> None:
"""Ensures that valid sse produces valid results."""
request = dmr_async_rf.post('/whatever/', data={'produce_last': True})

response = await dmr_async_rf.wrap(_PingSSE.as_view()(request))

assert isinstance(response, StreamingResponse)
assert response.streaming
assert response.status_code == HTTPStatus.OK
assert response.headers == {
'Cache-Control': 'no-cache',
'Content-Type': 'text/event-stream',
'X-Accel-Buffering': 'no',
'Connection': 'keep-alive',
}
> assert await get_streaming_content(response) == (
b'data: 1\r\n'
b'\r\n'
b': ping\r\n'
b'\r\n'
b'data: 2\r\n'
b'\r\n'
b': ping\r\n'
b'\r\n'
b': ping\r\n'
b'\r\n'
b'data: 3\r\n'
b'\r\n'
)
E AssertionError: assert b'data: 1\r\n...ta: 3\r\n\r\n' == b'data: 1\r\n...ta: 3\r\n\r\n'
E
E At index 42 diff: b'd' != b':'
E
E Full diff:
E - (b'data: 1\r\n\r\n: ping\r\n\r\ndata: 2\r\n\r\n: ping\r\n\r\n: ping\r\n\r\ndata'
E ? --------------
E + (b'data: 1\r\n\r\n: ping\r\n\r\ndata: 2\r\n\r\n: ping\r\n\r\ndata: 3\r\n\r\n')
E ? +++++++++++ +
E - b': 3\r\n\r\n')

For some reason data: 3 was not sent.
Let's fix it.


#bug #good_first_issue #help_wanted #django_modern_rest
sent via relator
🚀 New issue to wemake-services/django-modern-rest by @sobolevn
📝 Add default admin page for `dmr/security/jwt/blocklist` (#1054)


Right now our app for jwt blocklisting has a default model: https://github.com/wemake-services/django-modern-rest/blob/master/dmr/security/jwt/blocklist/models.py

But, it does not have a default admin.py file.
Good example: https://github.com/Dresdn/django-modern-rest/blob/3324d0aecf32509b5434df7e8826d7be6ddac7a8/dmr/security/token/admin.py

This is a very easy task :)


#feature #good_first_issue #help_wanted #django_modern_rest
sent via relator
«Институт логики» приглашает разработчиков свободного ПО на конкурс «Код логики»

Стартовал первый этап конкурса Open-Source-проектов разработчиков свободного программного обеспечения «Код логики». Конкурс проводится при финансовой поддержке «Базальт СПО» и частных лиц.
Организатор конкурса — АНО «Институт логики, когнитологии и развития личности».
Кто может участвовать: физические лица — разработчики свободного ПО, граждане РФ старше 18 лет, налоговые резиденты.
Что нужно сделать: предоставить значимый вклад в существующий Open-Source-проект, опубликованный в публичном репозитории под свободной лицензией. Вклад может быть сделан в свой или сторонний проект.
Призовой фонд: денежные премии. Всего 3 призовых места, максимальное количество победителей — до 6 человек. Победитель получит 1 000 000 рублей.
Сроки: заявки принимаются до 15 августа 2026 года на сайте института.
Награждение победителей состоится 2–4 октября на XXII ежегодной конференции разработчиков свободных программ.
Подробности об условиях конкурса доступны на сайте: https://logic.ru/
На протяжении 35 лет институт поддерживает разработчиков свободного ПО и образовательные технологии. Институт развивался как академическая площадка на стыке логики, искусственного интеллекта, образования и моделирования мышления. Миссия АНО «Институт логики» — помогать исследователям, специалистам и учебным учреждениям реализовывать проекты, влияющие на развитие технологий. Конкурс Open-Source-проектов разработчиков свободного программного обеспечения — часть этой работы.

Ссылка: https://logic.ru/
👍2
🚀 New issue to wemake-services/django-modern-rest by @sobolevn
📝 `test_user_create_models_example` is flaky (#1089)


Please fix it :)

=========================== short test summary info ============================
FAILED tests/test_integration/test_model_fk/test_model_fk.py::test_user_create_models_example[False] - AssertionError: assert {'email': 'jd... 'id': 1, ...} == {'email': 'jd...itiveInt, ...}

Omitting 4 identical items, use -vv to show
Differing items:
{'tags': [{'name': 'Jessica Johnson'}]} != {'tags': IsList({'name': 'Jessica Johnson'}, {'name': 'Jessica Johnson'}, check_order=False)}

Full diff:
{
'email': 'jdominguez@example.com',
'role': {
'name': 'Jason Burgess',
},
- 'tags': IsList({'name': 'Jessica Johnson'}, {'name': 'Jessica Johnson'}, check_order=False),
- 'id': IsPositiveInt,
+ 'tags': [
+ {
+ 'name': 'Jessica Johnson',
+ },
+ ],
+ 'id': 1,
'created_at': '2026-06-19T10:39:36.779795Z',
}
============ 1 failed, 2506 passed, 10 skipped in 268.28s (0:04:28) ============


https://github.com/wemake-services/django-modern-rest/actions/runs/27820624206/job/82332576787


#bug #good_first_issue #help_wanted #django_modern_rest
sent via relator
🚀 New issue to wemake-services/django-modern-rest by @sobolevn
📝 Setup `lychee` link check tool for `pre-commit` (#1094)


It allows checking that all links are actually valid.
This will helps us finding dead / renamed links in the docs / code.

Hooks: https://github.com/lycheeverse/lychee/blob/master/.pre-commit-hooks.yaml
Docs: https://lychee.cli.rs/
Example config: https://github.com/msgspec/msgspec/blob/main/lychee.toml (but I would prefer to have it in the same folder as zizmor config is).


#documentation #feature #good_first_issue #help_wanted #django_modern_rest
sent via relator
🚀 New issue to wemake-services/django-modern-rest by @ZhdanovAM72
📝 Add a built-in JWT access token verification flow. (#1129)


FEATURE

Thesis

Add a built-in JWT access token verification flow.

For example, django-modern-rest could provide a reusable controller:

from dmr.security.jwt.views import VerifyTokenSyncController


class TokenVerifyController(VerifyTokenSyncController):
pass

Expected behavior:

• accept an encoded token from the request body
• decode and validate the JWT
• reject malformed tokens
• reject expired tokens
• reject refresh tokens when an access token is expected
• verify that the token subject belongs to an existing active user
• return a successful empty response when the token is valid

The exact public API can be different. It could be implemented as a controller,
auth class, or reusable JWT verification component.

Reasoning

django-modern-rest already provides JWT obtain and refresh controllers, but
applications commonly also need a token verification endpoint.

Without built-in support, each project has to implement the same logic manually:

from django.conf import settings
from dmr.exceptions import NotAuthenticatedError
from dmr.security.jwt.token import JWToken


token = JWToken.decode(
encoded_token=encoded_token,
secret=str(settings.SECRET_KEY),
algorithm="HS256",
)

if token.extras.get("type") != "access":
raise NotAuthenticatedError

user = User.objects.get(pk=token.sub)

if not user.is_active:
raise NotAuthenticatedError

This logic is not application-specific. It is part of the common JWT API
surface.

Providing it in django-modern-rest would reduce duplication and make JWT support
more complete. It would also make error handling more consistent with the
existing obtain and refresh controllers.


#feature #good_first_issue #help_wanted #django_modern_rest
sent via relator