Slightly late announcement of latest updates
Updated on 25 August 2022 (US) and 9 August 2022 (EU)!
Here is a slightly delayed (and short) run-down of the new stuff that we
The main addition for this update is a new system image.
It’s name is “haggis” and it has Python 3.10! There are also a number of new Python
packages installed. See our batteries included page
for a full list. There are also many new system libraries installed. You can
learn about system images and how to change yours
We have also:
- Updated Jupyter notebooks - updated notebooks are only available when you
are running the new “haggis” system image
- Fixed a number of security issues
- Fixed various bugs
Our Commitment to Providing Free Accounts
Managing fraud and abuse of free products is a challenge that nearly every SaaS
company contends with, but too often the perceived solution is to simply end
free accounts. We’ve seen this happen time and again across the open-source
ecosystem, most recently from Heroku,
and we fear this comes at the detriment of the community.
We believe we’ve found a better way to solve this problem and are therefore
committed to maintaining free PythonAnywhere accounts for the foreseeable
future. Yes, this does cost us money and we do need to handle fraud and abuse,
but over the 10 years we’ve been running we’ve found that the benefits to the
community and to the service itself outweigh the costs.
We are hiring!
As you probably already know, PythonAnywhere is now part of the Anaconda family! As we expected Anaconda’s investment in PythonAnywhere will allow us to expand and improve to better serve our users. So we’re starting to grow our team, and first time since 2014 we’re officially hiring!
If you are an experienced frontend developer who wants to get their feet wet with the backend stuff, we might be looking for you.
Anaconda Acquisition FAQs
In June 2022, Anaconda announced its acquisition of PythonAnywhere. This acquisition expands Python team collaboration in the cloud and adds capabilities designed to unite teams and create access to more robust cloud resources. We’ve compiled the following list of frequently asked questions to aid users in navigating the transition.
– Will this affect my PythonAnywhere account?
For now, it won’t! There are no plans to change PythonAnywhere user accounts, and you can continue to use yours as usual without interruption.
File storage security update
Last Wednesday, a security researcher working under our bug bounty program found a way that they could access one account’s file storage from another by using the “Dirty Pipe” Linux kernel vulnerability. We put a mitigation system in place to stop that from happening, and then on Thursday we were able to patch the underlying issue. On Friday, another researcher found a similar issue, which the mitigation system we’d put in place originally made relatively harmless – we were able to patch that one within minutes.
Accessing the files API using our new CLI tool
The new release of the
pythonanywhere helper scripts package introduces
new commands covering our files API.
More secure websites on PythonAnywhere: sunsetting TLS 1.0 and 1.1
As of this week, websites hosted on PythonAnywhere using HTTPS will only be accessible using
modern versions of TLS (the encryption protocol on which HTTPS is based) by default. This
will make them all more secure.
We can still support older versions of TLS for custom domains if you need to support them, but
you’ll need to get in touch with us to get it set up.
We’ve written a help page with
the background – please let us know in the comments if there’s anything confusing there!
Understanding multiple web workers and multiple users of your website
Over the years, we’ve found that one regular source of confusion for people who
are just getting started with web development is how to handle what we call “global state”.
We’ve written a help page explaining how to solve problems like this
and wanted to expand on it here.
Our October system update
On 6 October we upgraded our EU-based systems to the latest version of our platform, and today, 20
October, we did the same upgrade on our US-based system. There are a bunch of
changes to report!
Async work in Web Apps or – Have Your Cake and Eat It Too
This post is intended for users who begin their adventure with web
applications. You’ll find below how to structure a web app that relies on
heavy processing of the input data – processing that takes so long that
you can’t do it inside a request handler with a five-minute timeout, or at
least so long that you don’t want to risk slowing down your website by
doing it inside the website’s own code. You want it to happen in the
background. You’ll see an example implementing some hints from the “Async
work in Web apps” help page, which involve writing a
jQuery script polling
simple API endpoint communicating with a database updated by an external
script (so there will be some
sqlalchemy stuff too).