memray
cryptography
memray | cryptography | |
---|---|---|
27 | 70 | |
12,628 | 6,329 | |
1.6% | 1.6% | |
9.0 | 9.9 | |
9 days ago | 7 days ago | |
Python | Python | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
memray
-
Memray – A Memory Profiler for Python
I collected a list of profilers (also memory profilers, also specifically for Python) here: https://github.com/albertz/wiki/blob/master/profiling.md
Currently I actually need a Python memory profiler, because I want to figure out whether there is some memory leak in my application (PyTorch based training script), and where exactly (in this case, it's not a problem of GPU memory, but CPU memory).
I tried Scalene (https://github.com/plasma-umass/scalene), which seems to be powerful, but somehow the output it gives me is not useful at all? It doesn't really give me a flamegraph, or a list of the top lines with memory allocations, but instead it gives me a listing of all source code lines, and prints some (very sparse) information on each line. So I need to search through that listing now by hand to find the spots? Maybe I just don't know how to use it properly.
I tried Memray, but first ran into an issue (https://github.com/bloomberg/memray/issues/212), but after using some workaround, it worked now. I get a flamegraph out, but it doesn't really seem accurate? After a while, there don't seem to be any new memory allocations at all anymore, and I don't quite trust that this is correct.
There is also Austin (https://github.com/P403n1x87/austin), which I also wanted to try (have not yet).
Somehow this experience so far was very disappointing.
(Side node, I debugged some very strange memory allocation behavior of Python before, where all local variables were kept around after an exception, even though I made sure there is no reference anymore to the exception object, to the traceback, etc, and I even called frame.clear() for all frames to really clear it. It turns out, frame.f_locals will create another copy of all the local variables, and the exception object and all the locals in the other frame still stay alive until you access frame.f_locals again. At that point, it will sync the f_locals again with the real (fast) locals, and then it can finally free everything. It was quite annoying to find the source of this problem and to find workarounds for it. https://github.com/python/cpython/issues/113939)
-
Microservice memory profiling
second time was nastier. I used https://github.com/bloomberg/memray to try to spot it - that's the tool you should try out. You load your service through memray, and it will get you some stats that you can export as a flamegraph. I can't really afford to make it run on production so I ran it in a docker image and repeatedly ran the scenario I thought was responsible. Didn't find anything. I know what I did wrong: I assumed one particular codepath was the problem. If would have find the issue if I had a really complete scenario that covers broadly every possible endpoint and condition. Can't blame memray, that tool is really promising.
-
Big Data Is Dead
This is an excellent summary, but it omits part of the problem (perhaps because the author has an obvious, and often quite good solution, namely DuckDB).
The implicit problem is that even if the dataset fits in memory, the software processing that data often uses more RAM than the machine has. It's _really easy_ to use way too much memory with e.g. Pandas. And there's three ways to approach this:
* As mentioned in the article, throw more money at the problem with cloud VMs. This gets expensive at scale, and can be a pain, and (unless you pursue the next two solutions) is in some sense a workaround.
* Better data processing tools: Use a smart enough tool that it can use efficient query planning and streaming algorithms to limit data usage. There's DuckDB, obviously, and Polars; here's a writeup I did showing how Polars uses much less memory than Pandas for the same query: https://pythonspeed.com/articles/polars-memory-pandas/
* Better visibility/observability: Make it easier to actually see where memory usage is coming from, so that the problems can be fixed. It's often very difficult to get good visibility here, partially because the tooling for performance and memory is often biased towards web apps, that have different requirements than data processing. In particular, the bottleneck is _peak_ memory, which requires a particular kind of memory profiling.
In the Python world, relevant memory profilers are pretty new. The most popular open source one at this point is Memray (https://bloomberg.github.io/memray/), but I also maintain Fil (https://pythonspeed.com/fil/). Both can give you visibility into sources of memory usage that was previous painfully difficult to get. On the commercial side, I'm working on https://sciagraph.com, which does memory and also performance profiling for Python data processing applications, and is designed to support running in development but also in production.
-
Check Python Memory Usage
bloomberg/memray: Memray is a memory profiler for Python
- What Python library do you wish existed?
- Modules Import and Optimisation
-
The hand-picked selection of the best Python libraries and tools of 2022
Memray — a memory profiler
-
Python 3.11 delivers.
Python profiling is enabled primarily through cprofile, and can be visualized with help of tools like snakeviz (output flame graph can look like this). There are also memory profilers like memray which does in-depth traces, or sampling profilers like py-spy.
-
Memory Profiling for Python
I've been using this recently for memory profiling with Python, it works pretty well: https://github.com/bloomberg/memray
-
What stack or tools are you using for ensuring code quality and best practices in medium and large codebases ?
great suggestions in this thread. i also recommend performance testing your codebase. these include techniques such as: - creating micro performance benchmarks - using [cProfile] (and learning how to plot / read flame graphs) - memory profiling (e.g. via memray)
cryptography
-
We build X.509 chains so you don't have to
Congratulations to the authors, this was a feature that was dearly missing from pyca/cryptography. It took a long time to get right.
For the history: https://github.com/pyca/cryptography/issues/2381
-
“Our paying customers need X, when will you fix it?”
Some context:
- The cryptography dependency used by the current release of mitmproxy has a CVE related to an OpenSSL vulnerability (https://github.com/pyca/cryptography/security/advisories/GHS...)
- The main branch of mitmproxy has already upgraded to the latest version of the cryptography package
- The author of the package does not believe the CVE impacts users of mitmproxy so a release including this commit has not been made
-
Creating a password manager
Also you'll use https://github.com/pyca/cryptography
-
Microservice memory profiling
first, I did see a correlation between an endpoint being heavily hit in a given time window, and an increase of memory usage that didn't went down afterwards. The endpoint didn't do much so I went through every instruction - is a global variable appended indefinitely ? Is a cache decorator growing without a limit set ? Do I use a 3rd party that has a known issue ? Turns out, it was using cryptography, so I looked up known issues. Saw an issue about a leak when using load_pem_x509_certificate https://github.com/pyca/cryptography/issues/4833 - which I used ! I could fortunately just upgrade the library
-
[Python] Poésie vs Pipenv vs. pip-tools: Qu’utilisez-vous?
Après le kerfuffle du paquet de cryptographie cette semaine (https://github.com/pyca/cryptography/issues/5771), J’ai passé en revue l’état des outils de gestion des dépendances en Python.
-
I love building a startup in Rust. I wouldn't pick it again
> A big problem with Rust, long-term, is that the kind of programs that really need it are somewhat out of today's mainstream. It's not that useful for webcrap. It's not that useful for phone apps. The AI people use Jupyter notebooks and Python to drive code on GPUs.
One thing this is missing is that Rust is useful for libraries callable by many different languages. You may or may not want to use it to build an actual Web app (I personally think it's a solid choice, but reasonable people can disagree). But for building, say, the Python cryptography library [1], which is used as a part of "webcrap" and Jupyter notebooks, Rust is clearly an excellent option. Nobody is going to build core Python infrastructure in Go or Node, and there will always be a need for plumbing libraries.
[1]: https://github.com/pyca/cryptography
-
The impossible case of pitching rust in a web dev shop
Also, I see more and more examples where rust gets included in different technologies using FFI. Ie for python https://github.com/pyca/cryptography for security/performance critical pieces.
-
Azure CTO: “It's time to halt starting any new projects in C/C++ ”
> I am curious. Could you give some more context?
Probably talking about this: https://github.com/pyca/cryptography/issues/5771
- Zig, the Small Language
-
os independent way to convert ssl crt to pem
You will be hard pressed to find a cryptography library that doesn't depend on openssl. Fortunately openssl bindings can be installed on Windows. One of the more popular libraries for python is cryptography, but it does depend on libssl.
What are some alternatives?
scalene - Scalene: a high-performance, high-precision CPU, GPU, and memory profiler for Python with AI-powered optimization proposals
PyCrypto - The Python Cryptography Toolkit
pyinstrument - 🚴 Call stack profiler for Python. Shows you why your code is slow!
pycryptodome - A self-contained cryptographic library for Python
MemoryProfiler - memory_profiler for ruby
pyOpenSSL -- A Python wrapper around the OpenSSL library - A Python wrapper around the OpenSSL library
viztracer - VizTracer is a low-overhead logging/debugging/profiling tool that can trace and visualize your python code execution.
PyNacl - Python binding to the Networking and Cryptography (NaCl) library
magic-trace - magic-trace collects and displays high-resolution traces of what a process is doing
Paramiko - The leading native Python SSHv2 protocol library.
py-spy - Sampling profiler for Python programs
Passlib