Test and Code: 74: Technical Interviews: Preparing For, What to Expect, and Tips for Success – Derrick Mar

In this episode, I talk with Derrick Mar, CTO and co-founder of Pathrise.
This is the episode you need to listen to to get ready for software interviews.

  • We discuss four aspects of technical interviews that interviewers are looking for:

    • communication
    • problem solving
    • coding
    • verification
  • How to practice for the interview.

  • Techniques for synchronizing with interviewer and asking for hints.

  • Even how to ask the recruiter or hiring manager how to prepare for the interview.

If you or anyone you know has a software interview coming up, this episode will help you both feel more comfortable about the interview before you show up, and give you concrete tips on how to do better during the interview.

Special Guest: Derrick Mar.

Sponsored By:

Support Test & Code – Software Testing, Development, Python

Links:

<p>In this episode, I talk with Derrick Mar, CTO and co-founder of Pathrise.<br> This is the episode you need to listen to to get ready for software interviews.</p> <ul> <li><p>We discuss four aspects of technical interviews that interviewers are looking for:</p> <ul> <li>communication</li> <li>problem solving</li> <li>coding</li> <li>verification</li> </ul></li> <li><p>How to practice for the interview.</p></li> <li><p>Techniques for synchronizing with interviewer and asking for hints.</p></li> <li><p>Even how to ask the recruiter or hiring manager how to prepare for the interview.</p></li> </ul> <p>If you or anyone you know has a software interview coming up, this episode will help you both feel more comfortable about the interview before you show up, and give you concrete tips on how to do better during the interview.</p><p>Special Guest: Derrick Mar.</p><p>Sponsored By:</p><ul><li><a href=”http://amzn.to/2E6cYZ9″ rel=”nofollow”>Python Testing with pytest</a>: <a href=”http://amzn.to/2E6cYZ9″ rel=”nofollow”>Simple, Rapid, Effective, and Scalable The fastest way to learn pytest. From 0 to expert in under 200 pages.</a></li><li><a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Patreon Supporters</a>: <a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Help support the show with as little as $ 1 per month. Funds help pay for expenses associated with the show.</a></li></ul><p><a href=”https://www.patreon.com/testpodcast” rel=”payment”>Support Test & Code – Software Testing, Development, Python</a></p><p>Links:</p><ul><li><a href=”https://testandcode.com/72″ title=”72: Technical Interview Fixes – April Wensel” rel=”nofollow”>72: Technical Interview Fixes – April Wensel</a></li><li><a href=”https://www.pathrise.com/” title=”Pathrise” rel=”nofollow”>Pathrise</a></li></ul>
Planet Python

Django Weblog: Unauthenticated Remote Code Execution on djangoci.com

Yesterday the Django Security and Operations teams were made aware of a remote code execution vulnerability in the Django Software Foundation’s Jenkins infrastructure, used to run tests on the Django code base for GitHub pull requests and release branches. In this blog post, the teams want to outline the course of events.

Impact

The Django Security and Operations teams want to assure that at no point was there any risk about issuing or uploading malicious releases of Django to PyPI or the Django Project website. Official Django releases have always been issued manually by releasers. Neither was there any risk to any user data related to the Django Project website or the Django bug tracker.

Timeline

On May 14th, 2019 at 07:48 UTC the Django Security team was made aware by Ai Ho through its HackerOne project that the Django’s Continuous Integration service was susceptible to a remote code execution vulnerability, allowing unauthenticated users to execute arbitrary code.

At 08:01 UTC, the Django Security team acknowledged the report and took immediate steps to mitigate the issue by shutting down the primary Jenkins server. The Jenkins master server was shut down by 08:10 UTC.

At 08:45 UTC, the Operations team started provisioning a new server. In cases of a compromised server, it is almost always impractical to clean it up. Starting with a fresh, clean installation is a considerably better and safer approach.

At 14:59 UTC, the new Jenkins master server was up and running again, with some configuration left to do to get Jenkins jobs working again. About 10 minutes later, at 15:09 UTC, that was the case.

At 15:44 UTC, Jenkins started running tests against GitHub pull requests again.

At 16:00 UTC, the Operations team discussed the necessity of revoking various Let’s Encrypt certificates or keys. However, since there was no indication that either the account or the certificate’s private key was exposed, it was deemed sufficient to rely on the auto-expiration of the Let’s Encrypt certificate. However, a new private key for the djangoci.com certificate was generated during the bootstrapping of the new Jenkins master server.

At 16:50 UTC, the Jenkins Windows nodes were working again and started to process jobs.

General notes regarding security reporting

As always, we ask that potential security issues be reported via private email to security@djangoproject.com or HackerOne, and not via Django’s Trac instance or the django-developers list. Please see our security policies for further information.

Planet Python

Wingware Blog: Renaming Symbols and Attributes in Python Code with Wing Pro’s Refactoring Tool

In the previous Wing Tips post we looked at using multiple selections to edit several parts of code at once. As part of that, we briefly mentioned that refactoring is a better approach when renaming a symbol or attribute globally. Let’s take a closer look at that now.

What is Refactoring Anyway?

Refactoring is the process of changing code in a way that does not alter its functionality, in order to better organize the code or make it easier to read and maintain. A round of refactoring is often appropriate before working on code that has become a bit crufty over time.

IDEs like Wing Pro can help with this process by automating some of the operations commonly made during refactoring, including renaming symbols or attributes, moving symbols around, collecting code into a new function or method, and so forth.

Renaming Symbols and Attributes

Rename refactoring is often used to make code more readable by selecting clearer or more appropriate names. It may also be used to change a method on a class from __Private form, which in Python can only be accessed from code in the class itself, to a form that can be called from code outside of the class. For example:

/images/blog/refactor-rename/refactor-rename-1.gif

Renaming method “__SetPosition” to “_SetPosition” with refactoring, so it can be used from outside of the class

Renaming Modules and Packages

Rename refactoring may also be used on whole modules or packages, by renaming any use of the module or package name. Wing Pro will rename the associated disk files and directories and track the change in the active revision control system, if any.

/images/blog/refactor-rename/refactor-rename-2.gif

Renaming module “urlutils” to “urlops” with refactoring

Like-Named Symbols and Symbol Identity

Wing Pro’s rename refactoring uses static source analysis of your code to determine which symbols are actually the same symbol. For example, in the following code there are two distinct symbols called name, one in the scope show_name and another in the scope process_name:

 def show_name(name=None):     if name is not None:         print(name)  def process_name(name):     show = enter_name(name)     if show:         show_name(name=name) 

Renaming name in the first function should only affect that scope, and any code that is passing the argument by name, as in the following example:

/images/blog/refactor-rename/refactor-rename-3.gif

Refactoring to rename only one of two distinct but like-named symbols “name”

Uncertain Symbol Identity

In some cases, Wing Pro cannot determine for certain that a like-named symbol is actually the same symbol as the one you are renaming. In the following example, a missing import statement prevents Wing from determining that the instance of name in the file testanother.py is definitely the same symbol:

/images/blog/refactor-rename/refactor-rename-4.gif

Renaming “name” finds an uncertain match, where a missing import prevents analysis from establishing the symbol’s identity

When this occurs, Wing marks the potential match with a ? and won’t rename it unless you check the checkbox next to it. Items can be visited in the editor by clicking on them in the Refactoring tool.

If you find Wing is failing to identify many symbols with certainty, you may want to check that your configured Python Path in Project Properties is allowing Wing to trace down the modules that you import in your code. You should see code warning indicators on imports that cannot be resolved.

In some other cases, adding type hints may also help Wing’s static analysis of your code.

Wing Pro also provides a number of other refactoring operations that we’ll eventually go through here in Wing Tips. For more information, take a look at Refactoring in the product manual.

That’s it for now! We’ll be back next week with more Wing Tips for Wing Python IDE.

Planet Python

Test and Code: PyCon 2019 Live Recording

This is a "Yay! It’s PyCon 2019" episode.
PyCon is very important to me.
But it’s kinda hard to put a finger on why.
So I figured I’d ask more people to help explain why it’s important.
I ask a few simple questions to people about Python and PyCon and get some great insights into both the language popularity and the special place this conference holds to many people.

Sponsored By:

Support Test & Code – Software Testing, Development, Python

<p>This is a &quot;Yay! It&#39;s PyCon 2019&quot; episode.<br> PyCon is very important to me.<br> But it&#39;s kinda hard to put a finger on why. <br> So I figured I&#39;d ask more people to help explain why it&#39;s important.<br> I ask a few simple questions to people about Python and PyCon and get some great insights into both the language popularity and the special place this conference holds to many people.</p><p>Sponsored By:</p><ul><li><a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Patreon Supporters</a><a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Help support the show with as little as $ 1 per month. Funds help pay for expenses associated with the show.</a></li></ul><p><a href=”https://www.patreon.com/testpodcast” rel=”payment”>Support Test & Code – Software Testing, Development, Python</a></p>
Planet Python

Test and Code: Technical Interview Fixes – April Wensel

Some typical technical interview practices can be harmful and get in the way of hiring great people. April Wensel offers advice to help fix the technical interview process.

She recommends:

  • hire for mindset and attitude
  • look for empathy and mentorship skills
  • allow candidates to show their strengths instead of hunting for weaknesses
  • have the candidate leave feeling good about themselves and your company, regardless of the hiring decision

Some topics discussed:

  • interview questions to bring out stories of skills and successes
  • stereotype threat
  • diversity
  • interview hazing
  • white boards
  • coding challenges
  • unconscious bias
  • emotional intelligence
  • myth of talent shortage
  • pair programming and collaboration during interviews
  • mirrortocracy
  • cultural add vs cultural fit
  • empathy
  • mentoring

This episode is important for anyone going into a technical interview, as a candidate, as a hiring manager, or as a member of an interview team.

Special Guest: April Wensel.

Sponsored By:

Support Test & Code – Software Testing, Development, Python

Links:

<p>Some typical technical interview practices can be harmful and get in the way of hiring great people. April Wensel offers advice to help fix the technical interview process.</p> <p>She recommends:</p> <ul> <li>hire for mindset and attitude</li> <li>look for empathy and mentorship skills</li> <li>allow candidates to show their strengths instead of hunting for weaknesses</li> <li>have the candidate leave feeling good about themselves and your company, regardless of the hiring decision</li> </ul> <p>Some topics discussed:</p> <ul> <li>interview questions to bring out stories of skills and successes</li> <li>stereotype threat</li> <li>diversity</li> <li>interview hazing</li> <li>white boards</li> <li>coding challenges</li> <li>unconscious bias</li> <li>emotional intelligence</li> <li>myth of talent shortage</li> <li>pair programming and collaboration during interviews</li> <li>mirrortocracy</li> <li>cultural add vs cultural fit</li> <li>empathy</li> <li>mentoring</li> </ul> <p>This episode is important for anyone going into a technical interview, as a candidate, as a hiring manager, or as a member of an interview team.</p><p>Special Guest: April Wensel.</p><p>Sponsored By:</p><ul><li><a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Patreon Supporters</a><a href=”https://www.patreon.com/testpodcast” rel=”nofollow”>Help support the show with as little as $ 1 per month. Funds help pay for expenses associated with the show.</a></li></ul><p><a href=”https://www.patreon.com/testpodcast” rel=”payment”>Support Test & Code – Software Testing, Development, Python</a></p><p>Links:</p><ul><li><a href=”https://compassionatecoding.com/” title=”Compassionate Coding” rel=”nofollow”>Compassionate Coding</a></li><li><a href=”https://medium.com/compassionate-coding/leave-your-gut-out-of-hiring-decisions-8b70c6f8e09d” title=”Leave Your “Gut” Out of Hiring Decisions” rel=”nofollow”>Leave Your “Gut” Out of Hiring Decisions</a></li><li><a href=”https://medium.com/compassionate-coding/if-you-can-use-a-fork-youre-technical-352e21d92c87″ title=”If You Can Use a Fork, You’re “Technical”” rel=”nofollow”>If You Can Use a Fork, You’re “Technical”</a> &mdash; April Wensel</li><li><a href=”https://projectinclude.org/” title=”Project Include” rel=”nofollow”>Project Include</a></li></ul>
Planet Python