2026-04-17

Simon Willison — 2026-04-17#

Highlight#

The most exciting news today is the addition of a dedicated AI track at PyCon US 2026, signaling the deep integration of AI engineering into the core Python community. With talks covering everything from local LLM quantization to async patterns for AI agents, it’s a clear indicator of where the Python ecosystem is heading this year.

Posts#

[Join us at PyCon US 2026 in Long Beach - we have new AI and security tracks this year] · Source PyCon US heads to Long Beach this May, and Simon highlights the addition of dedicated AI and Security tracks to the conference. He shares the full AI track schedule—which he naturally scraped using Claude Code and his Rodney tool—featuring highly relevant sessions on local quantization, browser-based inference, and async agent patterns. Simon also emphasizes the value of the conference’s open spaces, where he plans to instigate discussions around Datasette and agentic engineering.

2026-04-29

Simon Willison — 2026-04-29#

Highlight#

The standout update today is the alpha release of llm 0.32a0, which introduces a major architectural shift to handle the complex realities of modern frontier models. By moving from a simple text-in/text-out abstraction to one based on message sequences and typed streaming parts, Simon is future-proofing the library to seamlessly support reasoning tokens, server-side tool calls, and multi-modal inputs and outputs.

Posts#

[LLM 0.32a0 is a major backwards-compatible refactor] · Source Simon has released an alpha version of his LLM Python library and CLI tool that significantly refactors how models process prompts and responses. Recognizing that modern LLMs possess complex capabilities like reasoning, executing tool calls, and returning images or audio, the original text-in/text-out abstraction was no longer sufficient. The library now models inputs as a sequence of conversational messages and outputs as a stream of typed message parts. Developers can use the new llm.user() and llm.assistant() builder functions to cleanly feed in previous conversation turns without relying on SQLite, while the updated streaming interface elegantly interleaves text, tool execution requests, and reasoning output. For CLI users, the only visible change is a new -R/--no-reasoning flag that suppresses thinking tokens, and Python API users gain a new built-in serialization mechanism to roll their own storage alternatives.

2026-05-30

Simon Willison — 2026-05-30#

Highlight#

Today’s standout is Simon’s breakthrough in running ASGI apps entirely in the browser using Pyodide and Service Workers. Guided by Claude Opus 4.8, this research paves the way for a major architectural upgrade to Datasette Lite, solving longstanding issues with JavaScript execution and plugin compatibility that plagued the older Web Worker approach.

Posts#

Running Python ASGI apps in the browser via Pyodide + a service worker · Source Simon documents a successful experiment using Claude Opus 4.8 to transition Datasette Lite from Web Workers to Service Workers. The previous Web Worker approach intercepted navigation but unfortunately broke inline <script> tags and numerous Datasette plugins. The new service worker method successfully runs a basic ASGI FastCGI demo and Datasette 1.0a31. Simon plans to fully implement this upgrade into Datasette Lite once he completely wraps his head around the AI-generated solution.

2026-06-01

Simon Willison — 2026-06-01#

Highlight#

The standout piece today is a staggering security failure at Meta, where an overly empowered AI support bot allowed hackers to hijack high-profile Instagram accounts simply by asking. It serves as a stark, practical reminder of the dangers of wiring LLMs directly into sensitive operational workflows without robust authorization safeguards.

Posts#

Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked Simon highlights a massive security oversight where attackers successfully bypassed the Instagram account recovery process merely by instructing Meta’s AI support bot to link a new email address to a target username. He notes this barely qualifies as a sophisticated prompt injection, but rather a profound architectural failure where Meta granted an AI chatbot the ability to fast-forward through the entire account recovery process. The core takeaway is a blunt warning to developers: never wire your support bots to execute one-shot account takeovers.

2026-06-03

Simon Willison — 2026-06-03#

Highlight#

Simon’s breakdown of Uber’s new $1,500 monthly cap on AI coding agents is a fascinating look at the real enterprise economics of token-burning tools. It puts a concrete dollar value on developer augmentation, framing AI spend as a direct percentage of software engineer compensation rather than just another standard SaaS subscription.

Posts#

Uber Caps Usage of AI Tools Like Claude Code to Manage Costs · Source Simon comments on a Bloomberg report that Uber is capping employee spending on agentic coding tools like Claude Code and Cursor to $1,500 per tool per month. He calculates that for two actively used tools, this translates to an annual cap of $36,000, which represents roughly 11% of the $330,000 median compensation for an Uber software engineer. Simon views this limit as a highly rational policy to manage token-burning costs, especially compared to gamified usage leaderboards, and notes that even his own heavy usage would still leave him with $500 a month to spare under this cap.

2026-06-06

Simon Willison — 2026-06-06#

Highlight#

The single most substantive piece today is Simon’s deep dive into building a safe WebAssembly sandbox for Python, tackling the highly risky business of executing untrusted, AI-generated code. It is a perfect example of using AI coding assistants to quickly prototype complex C and WASM integrations to solve a critical developer tooling problem.

Posts#

Running Python code in a sandbox with MicroPython and WASM · Source Simon tackles the security risks of running fully privileged plugin code in Python applications by embedding MicroPython within a WebAssembly environment. Using AI assistants like GPT-5.5 Pro, Codex Desktop, and Claude, he rapidly prototyped micropython-wasm, an alpha package that maintains persistent interpreter state and strictly controls file, network, and host function access. This vibe-coded sandbox is already powering a new code execution plugin for Datasette Agent, demonstrating a highly practical approach to executing AI-generated code safely without compromising the host system.

2026-06-12

Engineering Reads — 2026-06-12#

The Big Idea#

Across vastly different domains—large language models, personal publishing, and music theory engines—the core differentiator in system quality is often the ruthless elimination of friction. Whether by caching deterministic LLM state to avoid redundant compute, keeping a strict single source of truth on the server to prevent client drift, or dropping local environment build times to zero, stripping away the barriers between intent and execution directly unlocks raw capability.

2026-06-13

Simon Willison — 2026-06-13#

Highlight#

The most substantive update today explores the major Pyodide 314.0 release that finally allows publishing WASM wheels directly to PyPI. This eliminates a massive bottleneck for the Python-in-the-browser ecosystem, and Simon immediately proved its value by using AI tools to package and ship a C++ based WebAssembly experiment.

Posts#

Publishing WASM wheels to PyPI for use with Pyodide With Pyodide 314.0, developers can now publish Python packages built for Pyodide directly to PyPI, removing a major hurdle where maintainers previously had to manually review and host over 300 packages themselves. To celebrate, Simon used Codex and GPT-5.5 xhigh to package his experimental C++ Luau WebAssembly project, successfully building and deploying it via GitHub Actions. True to form, he then used ChatGPT to draft a BigQuery SQL query to explore PyPI’s dataset, discovering that 28 packages are already utilizing the new pyemscripten_202*_wasm32 tags.

2026-06-14

Engineering Reads — 2026-06-14#

The Big Idea#

Designing a plugin architecture is a deceptively simple “shallow API” problem where it is heavily tempting for developers to roll their own custom solutions. However, adopting a battle-tested abstraction like Python’s Pluggy library trades a minor dependency addition for robust, standardized solutions to hidden complexities like package discovery, execution ordering, and result aggregation.

Deep Reads#

Plugins case study: Pluggy · Eli Bendersky The author examines Pluggy, a standalone plugin management library extracted from the rich ecosystem of the pytest project, to evaluate whether taking on a third-party dependency is better than engineering a custom framework. Pluggy relies on a straightforward architecture where the host application defines API contracts via HookspecMarker decorators, and plugins implement these specific hooks using HookimplMarker. While basic plugin registration is relatively trivial to implement from scratch, Pluggy proves its system-level worth by providing seamless setuptools entry point discovery out of the box, alongside robust execution control like default LIFO ordering, signature validation, and strict execution priorities via tryfirst and trylast. The core architectural tradeoff here is the dependency footprint versus the hidden engineering effort of edge cases: because plugin frameworks inherently expose a “shallow API,” engineers frequently fall into the trap of writing bespoke implementations that eventually recreate these exact advanced features. Software engineers building extensible Python tools should read this to understand exactly what capabilities they gain by adopting Pluggy rather than reinventing the wheel.

2026-06-28

Engineering Reads — 2026-06-28#

The Big Idea#

The most enduring tools are those that eliminate context switching by operating entirely within the environment where the work actually happens. By pushing heavy computational engines directly into local, sandboxed constraints, engineers can preserve creative flow and eliminate external dependencies.

Deep Reads#

Python, Inside JavaScript, Inside a DAW · Kenneth Reitz · Source The core premise here is that context switching destroys creative flow, making the cognitive cost of leaving your workspace higher than the value of looking up the information you need. To solve this, the author embedded a complete CPython interpreter within Ableton Live using Pyodide to run a music theory library entirely offline. Because Live extensions run in a locked JavaScript sandbox that prohibits dynamic imports, the engineering solution routes around this constraint by isolating the interpreter in a worker thread and crossing the boundary strictly through flat, serialized data messages. This architecture elegantly avoids the typical maintenance trap of rewriting complex domain logic into a host application’s native plugin language, thereby maintaining a single source of truth. Engineers grappling with heavily sandboxed environments or cross-domain integrations should read this to see how strict platform constraints can force clean, decoupled architectural seams.