This is the 3rd episode of season 2 of the Sad Python Girls Club Podcast, and we couldn't be more excited about it! 🥳 We had an awesome chat with Courtney Webster, Product Manager II at Microsoft working on the Python development support in Visual Studio Code and Visual Studio 🐍. She’s also the esteemed author behind our monthly release blog posts for the Python extension in VS Code 📰. Dive in with us as we learn about Courtney’s contributions to the Python community, her work to streamline the "getting started" experience for Python in VS Code, her efforts in package management support and educational initiatives, as well her approach to experimentation 🧪 and data-driven development 📈.

Links and Resources

• Courtney Webster @ GitHub
• Python extension for VS Code blog posts & release notes
• Python in Visual Studio
• Microsoft's Privacy Statement
• How to disable telemetry in VS Code & extensions
• Microsoft's Experimentation Platform
• VS Code experimentation client
• How to opt in, opt out or disable Python extension experiments
• A look into workflow tools - package management in the Python extension for VS Code, by Courtney Webster @ discuss.python.org
• PEP 722 - Dependency specification for single-file scripts [rejected]
• PEP 723 - Inline Script Metadata [accepted]
• PEP 722 and PEP 723 User Study Discussion by Courtney Webster @ discuss.python.org
• Python extension's Create Environment command
• Quick Start Guide for Python in VS Code
• Microsoft Learn
• Python Trainings @ Microsoft Learn
• PyCon US 2024
• DjancoCon US
• DjangoCon Europe 2024
• EuroPython 2024
• SciPy 2024
• CFP: EuroScipy 2024 (Poland), open until May 26th, 2024
• CFP: PyCon India 2024, open until May 31st, 2024
• CFP: PyCon France 2024, open until July 21st, 2024
• CFP: PyCon APAC 2024 (Indonesia), open until August 1st, 2024
• What a Time by Julia Michaels ft. Niall Horan

Intro Song: Pastel

Producer: Blue.P

Music provided by LogSquare

Microsoft’s latest Windows Insider blog posts say that when it comes to testing new Copilot features in Windows 11, “We have decided to pause the rollouts of these experiences to further refine them based on user feedback.” For people who already have the feature, “Copilot in Windows will continue to work as expected while we continue to evolve new ideas with Windows Insiders.”

Microsoft is holding an AI event on May 20th which would be a good time to show more of what’s next, and after setting up 2024 as “the year of the AI PC,” with a new Copilot key on Windows keyboards, there’s a lot to live up to.

We’re expecting to see new Surface laptops powered by Qualcomm’s Snapdragon X Elite processors that run Windows on Arm and compete with...

Continue reading…

Satya Nadella, the Chief Executive Officer, shared the below communication to the employees of Microsoft. In light of the significant attention and discussion this announcement has garnered, it has been made publicly available as an official record.

Today, I want to talk about something critical to our company’s future: prioritizing security above all else.

Microsoft runs on trust, and our success depends on earning and maintaining it. We have a unique opportunity and responsibility to build the most secure and trusted platform that the world innovates upon.

The recent findings by the Department of Homeland Security’s Cyber Safety Review Board (CSRB) regarding the Storm-0558 cyberattack, from summer 2023, underscore the severity of the threats facing our company and our customers, as well as our responsibility to defend against these increasingly sophisticated threat actors.

Last November, we launched our Secure Future Initiative (SFI) with this responsibility in mind, bringing together every part of the company to advance cybersecurity protection across both new products and legacy infrastructure. I’m proud of this initiative, and grateful for the work that has gone into implementing it. But we must and will do more.

Going forward, we will commit the entirety of our organization to SFI, as we double down on this initiative with an approach grounded in three core principles:

• Secure by Design: Security comes first when designing any product or service.
• Secure by Default: Security protections are enabled and enforced by default, require no extra effort, and are not optional.
• Secure Operations: Security controls and monitoring will continuously be improved to meet current and future threats.

These principles will govern every facet of our SFI pillars as we: Protect Identities and Secrets, Protect Tenants and Isolate Production Systems, Protect Networks, Protect Engineering Systems, Monitor and Detect Threats, and Accelerate Response and Remediation. We’ve shared specific, company-wide actions each of these pillars will entail — including those recommended in the CSRB’s report — which you can learn about here. Across Microsoft, we will mobilize to implement and operationalize these standards, guidelines, and requirements and this will be an added dimension of our hiring and rewards decisions. In addition, we will instill accountability by basing part of the compensation of the senior leadership team on our progress towards meeting our security plans and milestones.

We must approach this challenge with both technical and operational rigor, and with a focus on continuous improvement. Every task we take on – from a line of code, to a customer or partner process – is an opportunity to help bolster our own security and that of our entire ecosystem. This includes learning from our adversaries and the increasing sophistication of their capabilities, as we did with Midnight Blizzard. And learning from the trillions of unique signals we’re constantly monitoring to strengthen our overall posture. It also includes stronger, more structured collaboration across the public and private sector.

Security is a team sport, and accelerating SFI isn’t just job number one for our security teams – it’s everyone’s top priority and our customers’ greatest need.

If you’re faced with the tradeoff between security and another priority, your answer is clear: Do security. In some cases, this will mean prioritizing security above other things we do, such as releasing new features or providing ongoing support for legacy systems. This is key to advancing both our platform quality and capability such that we can protect the digital estates of our customers and build a safer world for all.

Satya

The post Prioritizing security above all else appeared first on The Official Microsoft Blog.

The Okta Workforce Identity Developer Podcast returns to discuss the OpenID Foundation’s Shared Signals Framework.

Watch on the OktaDev YouTube channel

Learn more about the Shared Signals Framework

You can explore the Shared Signals Framework at sharedsignals.guide, and learn about Jamf’s SSF integration here.

If you’d like to join a pilot program for using SSF to integrate with Okta, contact us at wic-dev-advocacy at okta dot com. If signals about security events were available, which could you send to other services? What signals would you want to receive in order to help your code detect threats quickly and accurately? Let us know in the comments below!

Follow us on Twitter and subscribe to our YouTube channel. If you have any questions or you want to share what other topics you’d like to hear about on the podcast, please comment below!

Highlights

• The no-case-declarations rule now provides suggestions for some of the problems reported by this rule.

Features

• 8485d76 feat: no-case-declarations add suggestions (#18388) (Josh Goldberg ✨)
• a498f35 feat: update Unicode letter detection in capitalized-comments rule (#18375) (Francesco Trotta)

Bug Fixes

• eeec413 fix: do not throw when defining a global named __defineSetter__ (#18364) (唯然)

Documentation

• 0f5df50 docs: Update README (GitHub Actions Bot)
• 1579ce0 docs: update wording regarding indirect eval (#18394) (Kirk Waiblinger)
• f12a02c docs: update to eslint v9 in custom-rule-tutorial (#18383) (唯然)

Chores

• b346605 chore: upgrade @eslint/js@9.2.0 (#18413) (Milos Djermanovic)
• c4c18e0 chore: package.json update for @eslint/js release (Jenkins)
• 284722c chore: package.json update for eslint-config-eslint release (Jenkins)
• 347d44f chore: remove eslintrc export from eslint-config-eslint (#18400) (Milos Djermanovic)
• f316e20 ci: run tests in Node.js 22 (#18393) (Francesco Trotta)