Deprecations via warnings don’t work for Python libraries

Seth Larson reports that urllib3 2.6.0 released on the 5th of December and finally removed the HTTPResponse.getheaders() and HTTPResponse.getheader(name, default) methods, which have been marked as deprecated via warnings since v2.0.0 in April 2023. They had to add them back again in a hastily released 2.6.1 a few days later when it turned out major downstream dependents such as kubernetes-client and fastly-py still hadn't upgraded.

Seth says:

My conclusion from this incident is that DeprecationWarning in its current state does not work for deprecating APIs, at least for Python libraries. That is unfortunate, as DeprecationWarning and the warnings module are easy-to-use, language-"blessed", and explicit without impacting users that don't need to take action due to deprecations.

On Lobste.rs James Bennett advocates for watching for warnings more deliberately:

Something I always encourage people to do, and try to get implemented anywhere I work, is running Python test suites with -Wonce::DeprecationWarning. This doesn't spam you with noise if a deprecated API is called a lot, but still makes sure you see the warning so you know there's something you need to fix.

I didn't know about the -Wonce option - the documentation describes that as "Warn once per Python process".

Via lobste.rs

Tags: james-bennett, open-source, python, seth-michael-larson

Comic strip for 2025/11/27

Furnituremakers among you undoubtedly remember your most difficult glue-up: A countertop, bench or tabletop of unwieldy dimensions. Well, you probably won't complain again, after seeing what these folks are doing. Swiss timber company Huesser Holzleimbau, which specializes in creating glue-lam beams, recently won a contract to manufacture two burly beams for a bridge.

Twenty-eight employees (including people from the office called onto the shop floor to pitch in) worked together on the most massive glue-up I've ever seen:

Once all of the separate glue-ups were put together, the resultant part was 27.3 m (90 ft) long, with a width and height of 1320 x 1360 mm (52 x 54 in). Counting the steel brackets embedded into the beam, it weighs 24.1 tonnes (53,130 lbs)! And they made two of them.

Located in Obersaxen, Switzerland, the Lochlitobel Bridge was erected last month to span a gorge.

As for why they made it out of wood and not steel, it was actually faster and required less logistics to make it out of wood. Glue-lam beams have 1.5 to 3 times the strength-to-weight ratio of steel, and could thus be fabricated offsite, trucked to the site and hoisted into place with less equipment than would have been required with heavy steel.

"During the entire construction period, no auxiliary bridges would have been possible, and there would have been virtually no convenient detour options," writes the Canton of Graubunden, where the bridge is located. "To minimize traffic restrictions, the two wooden load-bearing girders, each weighing 25 tons and over 27 meters long, were prefabricated and then installed on site with millimeter precision. This process ensured high quality and, from the dismantling of the old bridge to the commissioning of the new one, a road closure of only eight weeks."

Claude Code Can Debug Low-level Cryptography

Go cryptography author Filippo Valsorda reports on some very positive results applying Claude Code to the challenge of implementing novel cryptography algorithms. After Claude was able to resolve a "fairly complex low-level bug" in fresh code he tried it against two other examples and got positive results both time.

Filippo isn't directly using Claude's solutions to the bugs, but is finding it useful for tracking down the cause and saving him a solid amount of debugging work:

Three out of three one-shot debugging hits with no help is extremely impressive. Importantly, there is no need to trust the LLM or review its output when its job is just saving me an hour or two by telling me where the bug is, for me to reason about it and fix it.

Using coding agents in this way may represent a useful entrypoint for LLM-skeptics who wouldn't dream of letting an autocomplete-machine writing code on their behalf.

Via Hacker News

Tags: cryptography, go, security, ai, generative-ai, llms, ai-assisted-programming, filippo-valsorda, coding-agents, claude-code

Comic strip for 2025/10/31

Amazon is reportedly leaning into automation plans that will enable the company to avoid hiring more than half a million US workers. Citing interviews and internal strategy documents, The New York Times reports that Amazon is hoping its robots can replace more than 600,000 jobs it would otherwise have to hire in the United States by 2033, despite estimating it’ll sell about twice as many products over the period.

Documents reportedly show that Amazon’s robotics team is working towards automating 75 percent of the company’s entire operations, and expects to ditch 160,000 US roles that would otherwise be needed by 2027. This would save about 30 cents on every item that Amazon warehouses and delivers to customers, with automation efforts expected to save the company $12.6 billion from 2025 to 2027.

Amazon has considered steps to improve its image as a “good corporate citizen” in preparation for the anticipated backlash around job losses, according to The NYT, reporting that the company considered participating in community projects and avoiding terms like “automation” and “AI.” More vague terms like “advanced technology” were explored instead, and using the term “cobot” for robots that work alongside humans.

In a statement to The NYT, Amazon said the leaked documents were incomplete and did not represent the company’s overall hiring strategy, and that executives are not being instructed to avoid using certain terms when referring to robotics. We have also reached out to Amazon for comment. 

“Nobody else has the same incentive as Amazon to find the way to automate. Once they work out how to do this profitably, it will spread to others, too,” Daron Acemoglu, winner of the Nobel Prize in economic science last year, told The NYT. Adding that if Amazon achieves its automation goal, “one of the biggest employers in the United States will become a net job destroyer, not a net job creator.”