# Bernát Gábor — Python packaging, tox, virtualenv & open source > Engineering notes from Bernát Gábor — PyPA maintainer of tox, virtualenv, pipx, filelock, and platformdirs. Python packaging, type hints, and supply chain security. Maintained by Bernát Gábor. Every page links to its raw-markdown source; append it to any page URL to fetch clean markdown. ## Posts - [Building a fast HTML toolkit in C for Python](https://bernat.tech/posts/blazing-fast-html-parser/index.md): How turbohtml builds a fast HTML toolkit in C for Python: SWAR, SIMD, zero-copy, interned atoms, IDNA, LTO/PGO, and honest benchmarking, 3-22x faster. - [Deterministic Multithreaded Testing in Python with blanket](https://bernat.tech/posts/blanket-deterministic-threading/index.md): How blanket gives Python tests deterministic control over thread scheduling, and why that matters now that free-threaded Python is shipping. - [PyCon US 2026 Packaging Summit Recap](https://bernat.tech/posts/pycon-us-2026-packaging-summit-recap/index.md): Per-talk notes from the PyCon US 2026 Packaging Summit in Long Beach: Emma Smith on Wheel 2.0 and Zstandard compression, Mike Fiedler on PyPI abuse vectors, Mahe Iram Khan on ecosystems, lightning talks on PEP 772, mobile wheels, AI accelerator variants, and the roundtable discussions. - [PyCon US 2026 Typing Summit Recap](https://bernat.tech/posts/pycon-us-2026-typing-summit-recap/index.md): Per-talk notes from the PyCon US 2026 Typing Summit in Long Beach: Pyrefly and AI agents, ty constraint sets, Lean formalization, tensor shape types, intersection types, PEP 827, Guido on the direction of typing, and the Typing Council Q&A. - [PyTexas 2026 Recap](https://bernat.tech/posts/pytexas-2026-recap/index.md): Per-talk notes from PyTexas 2026 in Austin: Hynek on domain modeling, Dawn Wages on specialization, MCP security, PEP 810 lazy imports, free-threading, Ruff, ty, uv, supply chain. - [Defense in Depth: A Practical Guide to Python Supply Chain Security](https://bernat.tech/posts/securing-python-supply-chain/index.md): A comprehensive guide to securing your Python dependencies from ingestion to deployment, covering linting, pinning, vulnerability scanning, SBOMs, and attestations - [Version numbers: how to use them?](https://bernat.tech/posts/version-numbers/index.md): Comparing semantic versioning, calendar versioning, and ZeroVer for Python libraries and when to use each - [Python packaging - Growing Pains](https://bernat.tech/posts/growing-pain/index.md): Lessons learned from the rollout of PEP-517 and PEP-518 in pip, and the growing pains of changing Python's build system - [Python packaging - Past, Present, Future](https://bernat.tech/posts/pep-517-518/index.md): A detailed look at how pip install works, from distutils to setuptools to PEP-517 and PEP-518 - [The state of Python Packaging](https://bernat.tech/posts/pep-517-and-python-packaging/index.md): An overview of Python package types, the packaging ecosystem, and how PEP-517 modernizes the build process - [The state of type hints in Python](https://bernat.tech/posts/the-state-of-type-hints-in-python/index.md): How to use typing in Python via mypy ## Pages - [Open source projects — Bernát Gábor](https://bernat.tech/oss/index.md): Bernát Gábor — Bloomberg software engineer in Los Angeles and primary maintainer of the PyPA projects tox, virtualenv, pipx, filelock, and platformdirs. - [Talks by Bernát Gábor](https://bernat.tech/talks/index.md) - [Now](https://bernat.tech/now/index.md): What Bernát Gábor is working on right now.