dsanchez97's comments

Hey HN community,

I am excited to share an early Alpha of Cdev, a new Python Serverless Development framework. Cdev is designed to help developers build and deploy Serverless applications on AWS quickly and easily by providing out of the box optimizations for a developer’s project. Although Serverless Development can provide many benefits, it can come with many challenges that require developers to change their workflows and development experience. Cdev was designed from scratch to tackle the problems that arise with Serverless Development while providing a familiar experience for Python developers.

Some of the key features of Cdev include:

- Easy deployments: Cdev makes it easy to deploy your code to AWS Lambda by allowing you deploy a Lambda function with just a single extra annotation.

- Serverless Optimizations: Cdev provides optimizations that understand and parse out individual functions from files to automatically create artifacts that are optimized for Serverless Platforms.

- Automated Third Party Package Deployments: Cdev manages the bundling of third party packages used by functions.

- Infrastructure as Code: Cdev provides high level constructs for other Serverless Resources (DynamoDB, SQS, S3, etc) that easily integrate with your Serverless Functions.

- Isolated Environments: Create isolated development environments in the Cloud using the Cdev CLI.

When I first began learning about Serverless Development, one of the points of friction that felt unique to Serverless Development was having to break my functions into individual files or accept tradeoffs(https://dev.to/cdkpatterns/learn-the-3-aws-lambda-states-tod...) around package size, cold starts (latency), and purity of each Serverless Function only containing its own logic. To solve this issue, I created a process that analyzes a project’s Abstract Syntax Tree to understand and create optimized deployment artifacts. The created artifacts contain only the code necessary for an individual function, which provides the ability to track changes to individual functions even if they are contained in the same file.

One of the other challenges when transitioning to Serverless Development is understanding the process of packaging a function’s dependencies. Using the outputted artifacts from the Syntax Tree optimization, Cdev provides automated bundling of relative and packaged dependencies for your functions. These created dependencies are optimized to only contain the dependencies used by an individual function, which helps lower the cold start of your functions and avoid platform limitation regarding package sizes.

These optimizations are provided as part of a larger framework that strives to provide an approachable place for any Python developer to begin building Serverless applications. The framework provides high level Infrastructure as Code components for the most popular Serverless Resources on AWS that attempt to simplify connecting different Serverless resources. Along with helping developers get started fast, Cdev provides features like isolated deployment environments to help keep development fast as a project grows.

Currently, the framework is in an early alpha stage and has many rough edges, but it has all the features necessary to start building Serverless Python projects. I hope that Cdev will be a valuable tool for Python developers who want to build and deploy serverless applications quickly and easily. Thanks for checking it out and looking forward to any feedback!

I really like yalls website design and UX; especially around scheduling the functions to run. I am working on the same problem in Python space at https://cdevframework.io, but I am building it first as a client side SDK. Mostly chose that way because I don't have much frontend skills! Impressive that you could getting this up and going so quickly!

I think my experience might align with your daughters side of this. Both my parents are dentists and my older brother is now in dental school, so dentistry and health care were the talk and expertise of my household growing up. I ended up switching from a Biology major to Computer Science major my first year at University, so I went from a track where my parents could provide guidance based on their own professional experiences and experience of their peers to something that was completely outside their domain of knowledge. After I switched, I quickly had more knowledge about computers and "tech" then they ever would, so I could not turn to them for detailed professional advice and guidance.

Although they can not provide detailed and expert level guidance, I still turn to them for career and life advice. I try to explain anything I am working on at a level that they can understand, but even then, I have to weigh their guidance against the fact they do not share the same context as me or someone in the field. It came a bit faster than both they and I expected, but I think all of us have realized we reached a point where they can't provide all the guidance I need and that it is on me to find mentors and decide the path that is best for me.

I am actually working on a python library that works like you described at https://cdevframework.io! The goal is the provided a developer experience like Django that then deploys onto Serverless Infrastructure. It is a long way from that goal, but one day it will get there!

I think CGI is a good high level way of think about AWS Lambda and other Serverless compute platforms. I think the key innovations are the integrations with cloud services, and the scaling/economic model. Videos like the one linked below really demonstrate the level of optimizations implemented to make this work on the "cloud" scale. I think Serverless Compute platforms are going to become a really meaningful part of the software development ecosystem.

[1] https://www.youtube.com/watch?v=A-7j0QlGwFk&ab_channel=Insid...

Looks like a great product! I am also working on a similar product (https://cdevframework.io) in the same space, but I am focusing only on Python at the moment.

Are you using a custom IaaC management tool for the deployments, or is it compiling down to something like Aws Cloudformation or Terraform Providers?

I liked the Missing Semester by MIT. It provides a first principle style for learning some of the foundational tools. https://www.youtube.com/playlist?list=PLyzOVJj3bHQuloKGG59rS....

If you are using Python and looking for a framework to quickly get your Aws Lambda Functions up and running, try out the framework I am developing. It is still in the early stages, but it has some optimizations that make it simple to do things like use 3rd party packages. If you are interested, a good place to start are the docs on how to connect functions to Api Gateway https://staging.cdevframework.io/docs/examples/httpendpoints....

If you want the developer experience of Django with the benefits of Serverless Compute platforms check it out!

Interesting read, but I think it exemplifies some of the problems people currently have with Serverless development. For the main population of people here on HN that have experience with deploying applications, this will seem like a lot of learning and effort to recreate an already positive experience they with whatever framework/setup they currently use to build applications. For new developers, it is now a mountain of tools and services they must learn, which takes away one of the selling points of Serverless as an easy paradigm to learn and start building apps on (hence the selling point of not needing to worry about how to setup servers).

With all that said, I am working on building a framework that I would describe to the crowd here as Django for Serverless. It is in early stages but you can check it out at https://staging.cdevframework.io/. One of the main focuses is to make it easier to write code that is not dependent on running on a Functions as a Service (FaaS) model, so that your code can eventually be bundled up and deployed on a traditional server when a FaaS platform becomes uneconomical.

It has rough edges and is still super earlier, but I am building something along those lines for Python with the deployments on Aws Lambda at https://staging.cdevframework.io.

I definitely agree that most people/projects/etc gloss over that fact that there still needs be a 'start of authority' to be trusted with NFTS. I think a major upside of doing the digital transactions on a Blockchain (as opposed to the system you described) is that the start authority does not need to be present or keep track of any future transactions. In your Rolex example, I believe that there would be no way of person A selling their Rolex (and digital rights of the Rolex) without notifying Rolex and Rolex having to keep track of transaction. With a Blockchain, the people could agree that the 'start of authority' matches the public address that is associated with Rolex and then proceed with the transaction with no need for any middle party.

I played a decent amount of Runescape growing up, so when I first heard of NFT's I naturally thought of that game. I would definitely find intrinsic value in truly owning an NFT of some of the rare in game items. And knowing that even if Jagex (parent company) disappears that I still have ownership over the items definitely adds a lot of value.

Yep I feel you on that making life harder for these kinds of tools!

I have been doing some stuff where I analyze python code via the AST to try to figure out symbol reference so it was top of mind when I read the article. My tool works at runtime by importing the users code as module, which means all the symbols are evaluated by the python interpreter and then I can inspect the loaded module to determine the references. This is all part of a larger framework that has lifecycle rules for how/when it will load user defined code, which allows me some flexibility and information.

Even with that flexibility, there are still some things that just weren't possible because of how configurable python is at runtime. For example, someone could write a factory style class that dynamically creates python object instances based on a passed in string that represents the class the object will be of. Then they could pass user input into this factory making the created objects completely dependent on runtime input.

I would wage 99% of python written doesn't use these kinds of runtime abilities, and it probably isn't a great practice to use them in general from a maintainability point of view but they do exist. My solution to this is that if you are sophisticated enough to be using these features then you should be able to understand why my tool can't capture that information from the AST.

Not sure if that solution would work for what you are working on, but I figured I'd let you know about my experience because it can get gnarly quickly once you start thinking about all the things that are possible in python.

I haven't had time to watch the full talk yet, so sorry if this is answered there.

When python resolves 'import' statements, it looks for the modules based on the PYTHONPATH. Although not done that often, it is possible to modify the PYTHONPATH at runtime, changing what an imported symbol will resolve to. How do you handle situations like that?

Just from a hypothetical stand point, someone could take advantage of this to make it seem like the library is linking to a safe implementation of a function such that when using this feature people are directed to the safe implementation. Then at runtime without the user knowing, they could dynamically change the PYTHONPATH so a malicious version of the function is loaded.

I agree with most the tradeoffs that were brought up with "low code" integrations tools, but I feel like none of the tradeoffs of using a general purpose program language were discussed. My viewpoint is that most organizations reach for these solutions because they provide highly available runtimes that people can quickly access.

If I am at an organization and not directly on a software development team and want to do a simple data transformation between two systems, how would I go about getting an environment to run my process? Even if I know how to write it using a general purpose language there are probably too many steps to go through to get a server environment to run my code on. With a low code solution, I can get my simple process running and automated much easier.

A little while ago there was an article about the python environment run at big banks that allow banking analysts to easily use python to solve their day to day problems. The banking python system was built to allow these people to quickly write python without much organizational overhead and therefore saw wide spread adoption among non traditional software developers.

I have been thinking about this space because I am trying to build a platform on top of serverless (FaaS) platforms that would make it easy for companies to empower workers to use general purpose programming languages to solve their business problems.

I was just using that as an example haha I don't know anything about the actual history of the product. I just wanted to give an example of how the patent system could be used to protect small companies/inventors because it seems to mostly be used by established players now a days.

Definitely agree that a great product creates the most momentum and biggest moat! I figured this thread would be a good place to have a discussion and hear some other peoples experiences (and doesn't cost me lawyer fees).

Yea I spend 99% of time actually working on the product, but I have been also thinking about this recently as once you choose a license it has long lasting consequences and is hard to change (i.e. Elasticsearch). Figured this thread would be a good place to have a discussion though.

I think that the fact that it is easy to re-implement once seen is what is interesting. From my understanding, the patent system was designed to protect ideas that once in the 'public eye' could easily be copied by companies with more resources.

A hypothetical example is that a small toy maker comes up with the idea for the Big Wheel (https://www.amazon.com/Original-Big-Wheel-Inch-Tricycle/dp/B...). They patent the design for the concept and begin manufacturing the Big Wheel. Once on the market, a big toy manufacturer could easily begin producing the exact same product because they have the resources to, so the fact that it is easy to reimplement does not mean that it is contradictory for the inventor to want a patent. The patent on the 'invention' of the Big Wheel would be the only thing the small inventor has to protect themselves.

I know that the world and community has benefited from open source and freely available software and that there is a bad history of software companies using the patent system in debatable ways, but there are also cases where it can look like big companies take advantage of the free and open ecosystem in ways that disincentivise future innovations.

I know that software patents and licenses are a murky field, but I was wondering if anyone knows of any licenses or ideas that fit a situation I am in. I can't go into much detail but this is a general description of my situation:

I am working on a startup idea that has a component that I would like to 'defend'. I am trying to improve a process for developers and I think this new component is a big piece of solving the problem. The component is a unique/new part of a pipeline, but there are already established companies working on pipelines to solve the same problem. This component executes on the client side, so it can not be kept as a secret process that happens server side. I know that once it is viewed by competitors, they could reimplement the idea without directly using the 'source code' and add it to their pipeline/product. I want to be able to distribute my project to potential users and allow them to use it freely while also preventing competitors from copying the ideas into their own products.

I know that patents were originally created to incentivize innovation by preventing established competitors from simply copying ideas/processes from new competitors, and I feel that I am in that situation.

One idea I had is to separate the unique component into its own library then give my own project the right to license/distribute the library, but I do not know if there are any off the shelf licenses that support that.