A Contributor’s Story with Sarthak Khattar
The “Contributor’s Story” series is designed to give our key open source contributors and community members a face and voice, an overview of the projects they’re working on, and the successes and challenges contributors face in development.
In this blog post, we will be speaking to Sarthak Khattar, a Pysa employee who is working on a VSCode extension for voice servers through the Major League Hacking (MLH) scholarship.
“The world of open source has always fascinated me, because I really enjoy working on large cooperation projects …”
Tell us a little about yourself and your current experience in the MLH scholarship.
I’m interested in safety and I’m most comfortable with Python. I was introduced to the MLH scholarship by one of my friends who is also an open source enthusiast.
Where did you first find out about open source? How did you come to use / contribute something?
I first became aware of open source when a friend of mine became a Google Code-In finalist, and encouraged me to learn more about open source and contribute as well. However, it was not until October 2020 that I started contributing through a project called IntelOwl. I started with the main reason to gain experience for the MLH scholarship. =
Describe the project you are currently working on.
I’m currently working on Pysa, a static pollution flow analysis tool based on Pyre, a Python type checker. I am working on creating a Language Server VSCode extension for Pysa to enable features like syntax highlighting, error checking etc for .pysa files.
How did you initially go about approaching the problem?
The fellowship gave us an overview of what the development process would look like from Graham, one of Pysa’s supervisors. We first created an initial template from the existing extension for Pyre and then adapted it for Pysa. We’ve also updated some documentation items on setting up the development environment for everything.
What obstacles or problems have you faced in your post so far?
When setting up the development environment for Pysa, several problems were encountered when creating from source. Many of the problems we faced were undocumented, making it difficult and time consuming to find their workarounds. There were also some things in the workflow that were optimized for Facebook’s internal build system so it took us some time to come up with an open source workaround for them as well.
What is the current state of development?
As of now, we’ve updated the documentation to include some issues we encountered while building Pyre from source and setting up the development environment. We have also created a base template for the Pysa extension and started adding Pysa-specific functions.
What have you learned about the project, development or open source so far?
Most of all, I’ve learned to use version control and virtual environments in Python much better than before. By working on Pysa, I learned how to create and manage VSCode extensions, what the language server model is all about, and how to use the performance of Pyre type checking and the concept of a pollution flow analysis tool like Pysa to statically analyze code potential vulnerabilities, thereby automating the process of securing code and making it safe for production.
What advice would you give future contributors to the open source project?
Pysa is a little difficult to get used to first, but follow the updated documents to get set up. Don’t be afraid of creating PRs that cover small things like correcting documentation or finding a fix. The supervisors are very encouraging and helpful. By opening up problems and / or staying in direct contact, you can bypass any obstacles.
We’d like to thank Sarthak for her continued contributions to the Facebook open source ecosystem. You can follow Sarthak’s work on GitHub.
If you want to learn more about Facebook Open Source, follow us on Twitter, Facebook and YouTube for relevant updates and check out the Pysa website to learn how to get started.