• Using Django Tasks in production
• Co-authored with Claude?
• PyPI packages are increasing rapidly
• httpx2
• Extras
• Joke

About the show

Sponsored by us! Support our work through:

• Our courses at Talk Python Training
• The Complete pytest Course
• Patreon Supporters Connect with the hosts
• Michael: @mkennedy@fosstodon.org / @mkennedy.codes (bsky)
• Brian: @brianokken@fosstodon.org / @brianokken.bsky.social
• Show: @pythonbytes@fosstodon.org / @pythonbytes.fm (bsky) Join us on YouTube at pythonbytes.fm/live to be part of the audience. Usually Monday at 11am PT. Older video versions available there too. Finally, if you want an artisanal, hand-crafted digest of every week of the show notes in email form? Add your name and email to our friends of the show list, we'll never share it.

Brian #1: Using Django Tasks in production

• Tim Schilling shares how the Djangonaut Space website has been using Django’s new tasks framework and some of the info missing from the official Django docs.
• Tasks require a third party package, django-tasks-db to actually run the tasks.
• Article walks through all changes necessary to get an email process running to notify admins of new testimonials. Cool simple example.
• With the db backend, you can monitor progress of tasks in the admin, to see which tasks are scheduled, completed, or have errors.
• Some wishes for the community to implement
  • new tutorial in the Django docs
  • Django Debug toolbar panel for tasks
  • test/mock backend
• Great title for wish list: Thinks I’d like to see, but I’m too lazy to implement myself.

Michael #2: Co-authored with Claude?

• Via Nik T.
• We don’t put “executed on macOS”, “edited with PyCharm”, etc. in our commits. Why Claude?
• Seems like a growth hack to me, that I don’t really care to participate in.
• Some projects that have formalized their thoughts on this: The Generative AI Policy Landscape in Open Source
• Adjust to turn off in ~/.claude/settings.json see the docs.

  {
     "attribution": {
        "commit": "",
         "pr": ""
     }
  }
  

Brian #3: PyPI packages are increasing rapidly

• Artem Golubin
• There’s been an increase of published packages per week on PyPI
• A pretty big increase in the last handful of months.
• 30% increase since 2025, clearly due to AI
• Artem is building hexora, a malicious Python code detector.
• Cool package too, it can:
  • Audit project dependencies to catch potential supply-chain attacks
  • Detect malicious scripts found on platforms like Pastebin, GitHub, or open directories
  • Analyze IoC files from past security incidents
  • Audit new packages uploaded to PyPi.
• Artem is using hexora to analyze recently published pypi packages and many are obviously vibecoded and trigger false positives for abuses of eval, exec, and subprocess
  • Side note: I don’t think that’s necessarily a false positive. Not malicious, but maybe a stupid-code-detector?
• Lots are LLM related, Lots have bots contributing code
• Publishing rate is crazy, dozens to hundreds of published versions in a day is a bug, not a feature
• Brian’s proposal, PyPI should limit releases per day for any package to something a sane human would do, even if they make a mistake on a release, to maybe like 2-3, definitely under 10, in a day. And if the repo has obvious agent contributors listed, maybe lower to the limit to 1-2 a day? Honestly, “move fast and break things” doesn’t apply to breaking the commons.

Michael #4: httpx2

• More on the httpx, httpxyz, etc changes: Pydantic people started their own fork, httpx2.
• Michiel says “while we think httpxyz was definitely needed, we welcome httpx2 and think it should be the ‘blessed’ fork.”
• Kludex, who is among other things maintainer of Starlette, was considering a fork
• As it stands, httpx2 is lacking the performance improvements they added to httpxyz. But it will not be long before they will add those, too.
• Also they already made some smart decisions:
  • they are switching from certifi to truststore
  • they are switching to compression.zstd on Python 3.14+, enabling zstd compression by default
  • they merged httpcore and vendored it in their repository
• Discussion on Hacker News

Extras

Brian:

• The Four Horsemen of the LLM Apocalypse - Anarcat
• Django/JetBrains 2026 developer survey is open
• Pyrefly 1.0 : “meaning we are confident that Pyrefly is ready for production use.” Michael:
• Just about ready to release Python Web Security: OWASP Top 10 with Agentic AI course. Be sure to be on the courses newsletter to get notified.

Joke: Proud Parents

Until very recently, it was observed that LLMs had a very hard time with complex problems. Context was lost, memory of previous steps was distorted, and so forth. This led to unreliable results (hallucinations) and, consequently, to a lack of trust in the technology.

Recent research has shown that LLMs are, in fact, quite good at reasoning and planning if the problem is broken into a series of steps as a result of the right prompts. This reasoning and planning is the foundation of Agents.

Chain of Thought

One of the great breakthroughs in the field of agentics was the discovery that appending “think step by step” to the prompt had a profound effect on the accuracy of the agent’s output. Prompting the LLM in this way forces the model to decompose the problem and to generate an “inner monologue” of the steps it is taking to solve the problem.

This has two significant advantages:

• It makes the agent’s reasoning process more transparent
• It allows the model to check its own work as it goes.

For example, we might ask, “If a plane crashes on the border of the north field and the south field, where will the survivors be buried?”

Without the reasoning prompt, it is entirely possible that the agent would pick one of the fields at random. However, if we tell it to think step-by-step, it will examine the parts of the question and realize that survivors are not buried at all.

Note that today’s LLMs have a degree of Chain-of-Thought built into them and won’t get this wrong.

There are three key aspects to explain why chain-of-thought reasoning works:

• Decomposing the problem into smaller intermediate steps
• CoT offers the model the ability to keep track of its work and to remember intermediate results.
• Typically, more tokens are allocated to the reasoning, and thus the model can “think” longer.

Debugging

Because we’ve asked the LLM to think step-by-step, it can tell us each step in its reasoning, and we can examine those steps to see when the LLM fell of the rails. This takes a process that might otherwise be opaque and makes it transparent, greatly enhancing the debugging process.

Next up: ReAct…

Native C++ projects in Visual Studio now support <PackageReference>, the modern, MSBuild-native way to declare NuGet package dependencies directly in your project file. This support is available experimentally for .vcxproj projects in the Visual Studio Insiders Channel starting with version 18.7.

This feature has been the most upvoted feature request on Visual Studio Developer Community, and we’re delivering it based on that feedback and in collaboration with other teams at Microsoft, including Windows and Azure.

NuGet with PackageReferences can be useful for teams that develop both .NET and C++ projects (native or interop) that need a consistent way to deploy their binaries across their repos or to their consumers, or for managing dependencies that aren’t C++ libraries, such as binary SDK packages. We continue to recommend vcpkg for acquiring and managing C++ libraries, as it is more specialized and flexible for these types of dependencies.

What Is PackageReference?

Traditionally, NuGet packages in C++ projects were managed through packages.config, a separate XML file that listed every dependency (including transitive ones) and required a per-solution packages folder. PackageReference eliminates that by declaring dependencies directly in the project file:

<ItemGroup>
  <PackageReference Include="Microsoft.Windows.CppWinRT" Version="2.0.240405.15" />
</ItemGroup>

The key advantages over packages.config:

• Single source of truth. Dependencies live in the project file alongside your other project references. No separate files required.
• Transitive dependency resolution. You only list packages you directly depend on. NuGet resolves the rest automatically at restore time.
• Global package cache. Packages are stored once on disk in a global folder, not duplicated per-solution. This means faster restores and less disk usage.
• MSBuild integration. You can use conditions to vary package references by configuration, platform, or target framework, using the same MSBuild syntax you already know.

For a full overview, see the PackageReference documentation on Microsoft Learn. If you’re migrating an existing project, see Migrate from packages.config to PackageReference.

How It Works

Once enabled, this experience is identical to .NET projects, both in the Visual Studio IDE and on the command line. There is no difference in the core UX. You can add PackageReferences by:

1. Editing the project file directly. Add <PackageReference> items to an <ItemGroup> in your .vcxproj.
2. Using the NuGet Package Manager UI. Right-click your project in Solution Explorer, select Manage NuGet Packages, and install packages as usual.
3. Using the Package Manager Console. Run Install-Package commands.

NuGet restore handles downloading, caching, and making package assets available to your build. The underlying implementation uses core CPS (Common Project System) capabilities, the same infrastructure that powers this feature for .NET projects.

How to Enable It

This feature is experimental and off by default in version 18.7. To opt in, set the EnableNativePackageReferenceSupport MSBuild property to true.

You can do this in your project file’s Globals property group:

<PropertyGroup Label="Globals">
  <EnableNativePackageReferenceSupport>true</EnableNativePackageReferenceSupport>
</PropertyGroup>

Or, to enable it across all projects in a repository, add it to a Directory.Build.props file:

<Project>
  <PropertyGroup>
    <EnableNativePackageReferenceSupport>true</EnableNativePackageReferenceSupport>
  </PropertyGroup>
</Project>

Performance

We designed this feature to be fully compatible with the project load performance improvements shipped since Visual Studio 2017. One of the things holding us back from shipping PackageReference in the past was that a simpler implementation would invalidate this work, causing ongoing performance regressions for customers. Happily, this problem is now solved. The first time you add PackageReferences to a project, there is a one-time cache warm-up cost. After that initial load, the cache is warm and subsequent project operations are fully optimized with no ongoing performance impact.

Current Limitations

This initial release supports native C++ projects (.vcxproj). The following scenarios are not yet supported:

• C++/CLI projects targeting legacy .NET Framework versions. (PackageReference for C++/CLI projects targeting modern .NET is already supported; see our earlier announcement.)
• C++ projects that reference C++/CLI projects or C# projects. We are investigating a solution to this. In the meantime, you can use one of these workarounds:
  • Set <ReferenceOutputAssembly>false</ReferenceOutputAssembly> and <SkipGetTargetFrameworkProperties>true</SkipGetTargetFrameworkProperties> on the <ProjectReference> item, which will allow NuGet to ignore it and not cause restore and build issues.
  • Set AssetTargetFallback to include frameworks compatible with the referenced C# project. For example:

    <PropertyGroup>
    <AssetTargetFallback>net472;net10.0</AssetTargetFallback>
    </PropertyGroup>

What About vcpkg?

This feature does not change our recommendation for vcpkg. We continue to recommend vcpkg as the primary tool for acquiring and managing C and C++ libraries. vcpkg provides source-based builds with binary caching support, ABI compatibility management, support for offline installation, and a curated registry of thousands of open-source libraries optimized for C++ workflows.

PackageReference support complements vcpkg by enabling NuGet-based distribution workflows. For example, teams that publish internal SDK packages via NuGet feeds, or projects that consume Windows-specific packages distributed through NuGet.org. The two tools serve different use cases and work well together. You can also use vcpkg to build library dependencies, then export them as NuGet with the vcpkg export --nuget command.

Try It Out

1. Download Visual Studio Insiders.
2. Enable the feature by setting EnableNativePackageReferenceSupport to true in your project or Directory.Build.props.
3. Add a PackageReference to your .vcxproj and build.

We want your feedback. This is an experimental release, and your input will directly shape how we evolve this feature before enabling it by default. Let us know:

• Does the end-to-end experience work well for your projects?
• Are there gaps or rough edges you encounter?
• How does performance feel in your solutions?

You can share feedback through Developer Community, the blog comments below, or Help → Send Feedback in Visual Studio.

The post NuGet PackageReference for C++ Projects in Visual Studio appeared first on C++ Team Blog.

I’m about to fly up to San Jose to be at Google I/O tomorrow. It’s probably recency bias, but this looks like our biggest builder-focused I/O since I got here. Some fantastic announcements coming!

[article] From Open Source Software to Open Source Strategy. What a great essay. Full of genuine insights into open source, and how the landscape is shifting.

[blog] Don’t Outsource the Learning. LLMs cater to finishing a task, not teaching us. You need to be intentional about how you continue to develop your skills.

[article] Why Doesn’t Anyone Teach Developers About Context Management? Get good at context management. It’s worth the upfront and ongoing investment to feed relevant info into your LLMs.

[blog] Beyond SQL: How BigQuery Evolved into a Complete AI and Graph Platform. BigQuery’s built-in graph and AI functions make tasks like this much more straightforward.

[blog] Everything You Know About Scaling Web Apps Breaks When You Serve an LLM. Great stuff. Tokens matter more than requests, memory management is different, load balancing isn’t the same, and tackle cost optimization differently when serving models.

[article] Opinion: Vibe coding needs an on-ramp — and seat belts. Sure. There’s still a LOT of implicit knowledge needed to build software correctly. But new tools and baking that knowledge into the process.

[blog] Just Fucking Use Go. I can’t pinpoint who’s voice I heard in my head while reading this. But man, I laughed a few times, and so much of this is spot on.

[blog] Open and Closed: The Pursuit of Frontier Models. Deep analysis by Steve here. Closed beats open today on innovation and performance, but the cycle needed to close the gap keeps shrinking.

[article] Engineering roles shift from developing code to managing AI. I suspect this won’t be a long-term shift to just reviewing AI output. That’ll be a relatively solved problem, and the work shifts again to primarily “thinking” and orchestrating.

[blog] Who Determines Done? Why Agentic AI Needs Escalation, Not More Loops. Great question. Do you just “loop harder”? Keith looks at when escalation is needed and how to think about it.

[blog] How I use LLMs as a staff engineer in 2026. Agents are good right now. That fact may change what tasks you throw at them. But own the core of your job.

[article] Forward deployed engineer is AI’s hottest job as OpenAI and Google race to hire. Here’s how to become one. Definitely a cool job. Probably one I would have pursued at some point in my career. But it’s based on knowledge, so get hands-on experience!

Want to get this update sent to you every day? Subscribe to my RSS feed or subscribe via email below:

2026-05-18

• postToolUse hook additionalContext is now injected as a system message for the model instead of being silently discarded
• Mouse clicks in the prompt correctly position cursor when input contains wide characters (CJK, emoji)
• Add /chronicle search subcommand to search all session content by keyword or topic
• /user switch reuses the fetched user list and shows a loading spinner on first open
• MCP servers using static OAuth clients correctly persist registration for token refreshes
• Add support for running the CLI on Alpine Linux (musl libc)
• Add /exit print option to print the session to the terminal before exiting
• Add /rubber-duck command to get an independent critique of the agent's current work
• Add /session id subcommand to display the current session ID and copy it to the clipboard
• Add auth.redirectPort config option for MCP servers to pin the OAuth callback to a fixed port
• Add /memory on|off|show slash command to enable, disable, or view memory status (persistent)
• Add copilot plugin update --all to update all installed plugins at once
• Add /rubber-duck command to invoke the rubber duck agent for an independent critique (experimental)
• Input prompt collapses to a single line when empty and grows naturally as you type
• File diffs are correctly reported to ACP clients for all edit tool types
• Repo hooks in .github/hooks/ now load in prompt mode (-p) when the folder is already trusted
• Fix extra line in timeline entries
• Box drawing and block characters render correctly on Windows terminals not using UTF-8 code page
• MCP server configurations with no args field are now accepted and treated as an empty args list
• Document attachment paths are included in context so the agent can reference pasted file paths, including Windows Copy as path inputs
• MCP stdio servers now display type as 'stdio' instead of 'local' for consistency
• Progress bar indicator now displays correctly in tmux sessions
• Experimental slash commands are now annotated with "(experimental)" in the help dialog and command picker
• Auto-update downloads the smaller platform-specific package instead of the universal one when available
• Auto-link GitHub issue and PR references (owner/repo#number) in assistant responses
• Prompt mode (-p) automatically loads workspace MCP sources when the current folder is already trusted
• Experimental: /mcp search command to search and install MCP servers from registry
• Experimental: Tool search with deferred loading for MCP and external tools
• Add "None" reasoning effort option to disable model reasoning in the reasoning effort picker
• Add COPILOT_PLUGIN_DIR_ONLY environment variable to disable automatic plugin discovery, enabling deterministic plugin sets when using --plugin-dir
• Copying text from the scroll view joins soft-wrapped lines without extra newlines or indentation
• Cursor positioning in input fields works correctly with wide characters (CJK, emoji)
• Hooks (preToolUse, postToolUse, subagentStart, subagentStop) now fire correctly for sub-agent tool calls
• Plugins loaded via --plugin-dir now correctly register their agents as available task(agent_type=...) subagents in prompt mode
• Memory storage correctly limits available scopes when no repository context is present
• --plugin-dir and --additional-mcp-config now work in --server / --headless mode
• Content-filtered model responses now display an explanation instead of a blank assistant turn
• PromptFrame UI now renders inside tmux when the outer terminal is ghostty, WezTerm, or kitty (detected via tmux list-clients).
• MCP OAuth token lookups are correctly scoped to the active session
• Memory permission prompts now name who can see a stored memory: user scope or the specific owner/repo for repository scope. Timeline entries also show the scope ((for user) / (shared with repository collaborators)).
• Reduce PowerShell syntax errors on Windows by avoiding && chaining instructions when using legacy PowerShell 5.x

This week I’m talking with Matt Carey about Code Mode and how most of us have been thinking about MCP all wrong. Matt works on the Agents SDK and MCP at Cloudflare — we discuss how server-side Code Mode lets one MCP server expose all ~2,500 Cloudflare API endpoints in about 1,000 tokens of context, the dynamic Worker loader that runs model-written code safely in a V8 isolate, Matt’s own workflow with Claude, where memory fits into the future of agents, and his Zaggy git wrapper that keeps agents from force-pushing his repos.

Join the discussion

Changelog++ members save 9 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

• Coder.com – Secure environments where devs and agents work in parallel. Open by design. Secure by default.
• Tailscale – Adam loves Tailscale! Easy, secure, identity-based access to anything. Tailscale deploys quickly and enables Zero Trust access to any resource on your network. From CI/CD runners across multi-cloud environments, to SaaS tools and infrastructure, Tailscale connects it all, seamlessly.
• RWX – CI/CD platform for high velocity teams. When agents help developers write code in minutes, validation becomes your bottleneck. RWX gives agents programmatic control, sub-second cached builds, and semantic outputs they can act on. No commit required. Just iterate until CI passes, then push.
• Fly.io – The home of Changelog.com — Deploy your apps close to your users — global Anycast load-balancing, zero-configuration private networking, hardware isolation, and instant WireGuard VPN connections. Push-button deployments that scale to thousands of instances. Check out the speedrun to get started in minutes.

Featuring:

• Matt Carey – Website, GitHub, LinkedIn, X
• Adam Stacoviak – Website, GitHub, LinkedIn, Mastodon, X

Show Notes:

Featured

• Matt Carey on the Cloudflare blog
• You’ve Been a Bad Agent
• Cloudflare
• Code Mode: give agents an entire API in 1,000 tokens
• Code Mode: the better way to use MCP
• Cloudflare MCP Server
• Cloudflare Agents SDK
• Cloudflare Agents SDK on GitHub

Cloudflare platform

• Dynamic Workers
• Cloudflare Workers
• Durable Objects
• AI Gateway
• Vectorize

MCP and code-mode references

• Model Context Protocol
• Introducing the Model Context Protocol
• Code execution with MCP
• CodeAct paper
• GitHub MCP Server
• Datadog MCP Server
• Pydantic Monty

Coding agents and tools

• Claude Code
• Claude Code voice dictation
• OpenCode
• Cursor
• OpenAI Codex CLI
• Changesets
• Handy

Agent memory and personal AI

• Granola
• Letta
• Mastra
• Supermemory
• Poke
• Pi coding agent

Homelab and infrastructure

• Swamp Club
• Proxmox VE
• Tailscale
• 1Password
• K3s
• Pi-hole
• DuckDB
• Apache Parquet
• ClickHouse

Something missing or broken? PRs welcome!