The PythonAnywhere Newsletter, December 2016
Welcome to our Christmas newsletter! Featuring a selection of the Internet’s very worst Christmas-themed animated Gifs!
Here’s what we’ve been up to.
Read more…Welcome to our Christmas newsletter! Featuring a selection of the Internet’s very worst Christmas-themed animated Gifs!
Here’s what we’ve been up to.
Read more…This morning we deployed a new version of PythonAnywhere – we’ve blogged about the new stuff that you can see in it, and this post is a run-down on why it took longer than we were expecting.
Our normal system updates tend to take between 15 and 20 minutes. Today’s was meant to take about 40 minutes – more about why later – but it wound up taking over an hour and forty minutes. That definitely warrants an explanation.
Read more…The main driver for our release this morning was a move, behind the scenes, to put our servers into a “VPC”, and despite the fact that it’ll have no visible impact, it was a significant change to the infrastructure, and not without its challenges, as you’ll hear in more detail from Giles later :)
One change you might notice is that the Consoles page has changed, and includes some little red Xs for killing consoles. The original idea was just to change them from being links that cause a page refresh to being ajax calls, which would let you kill multiple consoles at the same time. Somehow though, that small user interface tweak turned into the whole office deciding to treat that How it feels to learn JavaScript in 2016 comedy blog post as if it were an instruction manual, and we have now spent several days knee deep in React, ES6, promises, webpack, npm, Enzyme, fetch, promises, promises, and many, many more. Still, by the end of it, it all worked, and we have to conclude that ES6 is much nicer to work with than horrible old javascript.
The tarpit is one of the key ways we balance the resource needs of our various users. What happens when you exceed your CPU quota is that your processes still run, but they get a lower priority compared to people who are still within the amount they paid for. That’s been working fairly well, but as with all things, we notice there’s a power law at work, and there are a small number of users who regularly go massively over their tarpit limit. We’ve added some code that will automatically kill processes of these kinds of users, and send them a friendly notification email. Bad programmer! No biscuit.
We’ve also added some code to limit the amount of output in consoles, so that kids (and adults) whose first Python program is while True: print(“farts”)
will have less of an impact on the system. Although plenty of farts will still be printed, fear ye not.
The upshot of all that should be that console performance will hopefully be a little more consistent from now on.
We do our best to avoid the classic Anglocentric, parochial laziness of imagining that the world ends with ASCII, but it takes work! For a while we’ve known that users on certain operating systems with certain keyboard types & layouts would have difficulties entering certain text into our consoles. So we’ve rolled out the ability to switch from hterm to xterm.js for our client-side terminal emulation.
If you’d like to try it out, give us a shout and we can switch it on for you. NB - keyboard shortcuts for copy + paste will be different, it’ll be Ctrl+Ins / Shift+Ins instead of Ctrl-C & Ctrl-V.
And the usual retinue of bug fixes. Some of which were (minor) security fixes, incidentally, as reported by some enthusiastic security researchers. Find out more about our bug bounty if that describes you!
We try to get a newsletter out every month, but sometimes we just get too distracted working on our latest and greatest features to manage it. It wasn’t that we were all out in Norway doing an opera, honest :-)
Here’s what we were up to.
Read more…We were sad to hear about the sudden departure of our frenemies* at Nitrous.
Read more…This morning’s system update went smoothly, and we’ve made a couple of great changes :-)
This one should be pretty much transparent to you, but we’ve revamped the way we route requests for the websites that we host; this should speed things up for some people.
Noisy neighbours always cause problems, in the real world and on the Internet. When someone writes a website that hogs system resources on PythonAnywhere, sometimes it can impact other people who happen to be on the same server. Naturally, we monitor the system, and when we find a particularly badly-behaved website we notify its owner by email and ask them to fix it – or in extreme cases, if it’s causing serious problems, we shut it down. But that’s far from ideal.
Today’s update makes that all a lot better. We’ve given ourselves, the system administrators, fine-grained control over where websites run. So now, if we see a website that’s causing slowdowns for other users, as well as notifying the owner so that they can fix it, we can move it right away onto a server where it won’t impact other people. We’re calling it “putting them in the sin bin”…
…as people have reminded us frequently in suspiciously-similar Tweets. And they’re right! So we’ve implemented two-factor authentication, using Google Authenticator (or any other TOTP app). It’s currently going through a short internal-only testing process (in other words, we’ve switched it on for our own accounts to see if it breaks anything) and if all is well, we’ll provide it as an option for everyone next week.
On the subject of security, we’ve also fixed a couple of bugs: Nikhil Mittal reported a CSRF issue on PythonAnywhere that would have allowed an attacker who knew both your username and the internal database ID of one of your scheduled tasks to delete that task, if they tricked you into visiting a web page that they controlled while you were logged in to PythonAnywhere. It wouldn’t have given the attacker access to any of your data, but it could have been really irritating, and we’re glad it was reported so that we could fix it. Bug: fixed. Bug bounty: paid. Nikhil also reported some issues around our email confirmation system, which we’ve also fixed.
As always, we’ve put in a number of user interface tweaks, including fixing the print preview on IPython notebooks.
Thanks for reading, and for using PythonAnywhere :-)
We try to get a newsletter out every month, but in August we were all too busy working on our latest and greatest features to manage it. It wasn’t that we were all out sunning ourselves, honest :-)
Here’s what we were up to.
Read more…Yes, we know it’s been a long time coming, but now you can rename your web apps (and, as a result change the domain they’re served from) right on the web app setup page. Look for the little edit pencil icon next to your web app address.
We’ve made it easier for students to share their consoles with their teacher.
For those of you that may be wondering how much of your hard-earned money you’ve spent on PythonAnywhere, we’ve added a list of all of your invoices to the Account page.
A helpful user pointed out that “Download as PDF” wasn’t working in Jupyter notebooks on PythonAnywhere. So we fixed it.
If you’re ever editing a file and want to open a Bash console in the same directory as the file, now you can.
As usual. This is usually where we put all the fixes for bugs that are too embarrassing to list.
until we’ve tested it ourselves.
Dear teachers,
If there’s one thing we know, it’s that teachers (and students) love, it’s being reminded that the holidays is that the holidays are coming to an end. Hooray!
Here’s a few ideas and pointers for some of the things that we hope will make your life, as a teacher, easier.
Read more…Morning all! A lovely day for leave-ing an old server image behind and welcoming in a new, independent, codebase. #brupgrade #brelease #breployment.
On a bit of a whim we decided to upgrade to bootstrap 3, so you’ll notice slightly different stylings. Flat buttons! Oh-so-3-years-ago. But also, there are some improvements to the way the site displays on mobile and smaller displays, which is nice.
We also upgraded to the latest version of the ace editor, which should bring a few little improvements too, like better vim keybindings, and better support for ipads (you can now scroll, yay!)
It’s not ready for prime-time yet, but we’ve started work on a PythonAnywhere API. It may end up not being something we publish for general use, and just something for us to use behind the scenes, but if you’re keen to take a look, get in touch, and we’ll switch it on for you. Currently the API allows you to do stuff to your web apps, namely:
You should bear in mind that anything you build using that api will probably break when we next do a release, we’re making no guarantees about backward-compatibility, or that the api will even work as it is. So really it’s just for playing around or for the curious for now. Still, email us if you’re interested, we’d love to hear from you.
Your comments and suggestions are always welcome. Enjoy!