For years, “running Python in the browser” meant one of two things: either you were using Brython to translate Python into JavaScript at runtime (slow and limited), or you were running Pyodide with a 10MB+ download that made your page feel like it was loading an operating system. Both approaches were interesting demos. Neither was something you’d put in front of users.
That changed in 2026. Three converging developments have made browser-based Python genuinely practical: Wasm 3.0 becoming a ratified W3C standard, WASI 0.3.0 adding native async I/O, and a new generation of lightweight Python-on-Wasm runtimes like micropython-wasm that ship in kilobytes instead of megabytes.
The browser didn’t just become a Python environment. It became a good Python environment for specific use cases. Here’s what the landscape looks like, what works, and when you should actually reach for it.
What Changed in 2026
The timeline matters because it explains why browser-based Python suddenly feels different.
September 2025: Wasm 3.0 ratified. This wasn’t just a version bump. Wasm 3.0 formalized features that had been shipping piecemeal across browsers: bulk memory operations, reference types, and the Component Model. The Component Model is the big one — it introduced WIT (WebAssembly Interface Types), a language-neutral interface definition format that lets a Rust module and a Python module call each other’s functions through automatically generated, type-safe bindings. No manual marshaling, no glue code.
February 2026: WASI 0.3.0 shipped. The WebAssembly System Interface finally got native async I/O with futures and streams. Before this, Wasm couldn’t handle concurrent connections properly — a dealbreaker for any server-side or network-dependent workload. WASI 0.3.0 closed that gap. Figma, Google, Shopify, and Adobe all run Wasm in production at scale, and WASI 0.3.0 is the reason they can treat it as a server runtime, not just a browser trick.
June 2026: micropython-wasm alpha released. Simon Willison’s micropython-wasm package packages MicroPython as a WASI WebAssembly module executable via Wasmtime. The entire sandbox weighs in at a fraction of Pyodide’s footprint. You get a fresh, isolated Python interpreter per call, with configurable memory limits and fuel budgets. Network access is disabled by default — which is a feature, not a limitation, when your goal is sandboxing untrusted code.
Together, these three milestones mean that browser-based Python is no longer a single monolithic approach. You have options, each optimized for a different scenario.
The Three Approaches, Compared
1. Pyodide: The Full Python Experience
Pyodide gives you a complete CPython runtime compiled to WebAssembly, including the Python standard library and a curated set of scientific packages (NumPy, Pandas, Matplotlib, and more). It’s the heaviest option — the core runtime is around 10-15MB compressed — but it’s also the most capable.
When to use it: Data visualization dashboards, educational Python environments, scientific computing in the browser, or any scenario where you need the full Python ecosystem. If your users need to run import numpy as np and have it just work, Pyodide is your only real option.
Performance reality check: Startup time is the main cost. The first load requires downloading and initializing the runtime, which takes 2-4 seconds on a typical connection. Subsequent loads are faster if the browser caches the files. Once running, pure Python code executes at roughly 3-5x slower than native CPython — acceptable for interactive use, unacceptable for compute-heavy tasks.
The WasmGC advantage: WasmGC shipped in all major browsers in 2024, enabling garbage-collected languages to target Wasm without bringing their own runtime. For Pyodide, this means the Python GC integrates with the browser’s memory management more cleanly than in previous years. Memory leaks are less common, and the runtime feels more stable under sustained use.
2. MicroPython-WASM: The Lightweight Sandbox
micropython-wasm takes a fundamentally different approach. Instead of compiling full CPython to Wasm, it uses MicroPython — a lean Python 3 implementation designed for microcontrollers — compiled as a WASI module. The resulting package is orders of magnitude smaller than Pyodide.
When to use it: Sandboxing untrusted code execution (think: AI agent code sandboxes, user-submitted scripts, plugin systems), running small Python snippets in the browser, or any scenario where you need isolation and security over ecosystem completeness.
The sandboxing story is excellent. Each call to run() creates a fresh engine, store, WASI config, module instance, and MicroPython process. Globals and imports don’t persist between calls. You can set memory limits via memory_bytes and execution budgets via fuel limits. Network access is disabled — no socket functions, no SSL, no way for sandboxed code to reach the outside world. For a plugin system or AI code execution sandbox, this is exactly what you want.
What you give up: MicroPython doesn’t include the full Python standard library. No asyncio, no multiprocessing, many C extension modules are unavailable. If your code depends on third-party packages from PyPI, MicroPython-WASM probably can’t run it. This is a trade-off, not a bug — the small footprint is the entire point.
3. Custom Wasm Runtimes: The Performance Path
If you have a specific Python workload that needs near-native performance in the browser, the approach is to identify the 5-10% of your codebase that is genuinely performance-constrained and compile just that portion to Wasm — typically via Cython, Nuitka, or a Rust bridge using the Component Model.
Figma did exactly this: they compiled their C++ rendering engine to Wasm using Emscripten and achieved 3x faster load times across all document sizes. This wasn’t a proof of concept — it’s their production rendering pipeline. The lesson isn’t “compile everything to Wasm.” The lesson is “compile the bottleneck.”
When to use it: Performance-critical Python code that runs repeatedly in the browser — image processing, cryptography, data transformation pipelines, or any hot path where the 3-5x CPython slowdown is unacceptable.
The Component Model makes this practical. Before WIT, connecting a Rust module to a Python module meant manually writing type conversion glue across the memory boundary. Now, both compile to Wasm components and call each other through automatically generated bindings. The round-trip from source to a callable JavaScript function is shorter than most developers expect.
Practical Decision Framework
Here’s how to choose between the three approaches in 2026:
| Scenario | Recommended Approach | Why |
|---|---|---|
| Full Python REPL in browser | Pyodide | Complete standard library + scientific packages |
| Data visualization dashboard | Pyodide | NumPy, Pandas, Matplotlib all available |
| Sandboxing untrusted scripts | MicroPython-WASM | Isolation, memory limits, no network |
| AI agent code execution | MicroPython-WASM | Fresh interpreter per call, configurable limits |
| Plugin system for web app | MicroPython-WASM | Small footprint, safe by default |
| Performance-critical hot path | Custom Wasm (Cython/Rust) | Near-native speed for targeted code |
| Educational Python course | Pyodide | Familiar CPython behavior, rich ecosystem |
| User-submitted formula evaluation | MicroPython-WASM | Lightweight, sandboxed, fast startup |
Setting Up MicroPython-WASM in 30 Seconds
If you’re building a code execution sandbox, here’s the fastest path to a working setup:
uv add micropython-wasm
from micropython_wasm import MicroPythonSession
with MicroPythonSession() as session:
result = session.run("x = 10\ny = 20\nprint(x + y)")
print(result.stdout) # "30\n"
For stateful sessions where you need to maintain state between calls, use MicroPythonSession instead of the stateless run() function. Each run() call without a session creates a completely fresh interpreter — which is great for security but means you lose any imported modules or defined variables between calls.
To set memory and execution limits:
from micropython_wasm import MicroPythonSession
with MicroPythonSession(memory_bytes=64 * 1024 * 1024, fuel=1_000_000) as session:
result = session.run("your_untrusted_code_here")
The memory_bytes parameter limits guest linear memory — not total host process RSS. The Wasmtime runtime memory, compiled code, and Python process memory are outside that limit. For high-risk multi-tenant workloads, run each execution in a separate worker process with OS-level CPU, memory, and wall-clock limits too.
What Still Doesn’t Work
Browser-based Python has come far, but it’s not a replacement for server-side Python. Here’s what still doesn’t work well:
- Database connections: Even with WASI 0.3.0’s async I/O, connecting to a database from the browser is architecturally questionable and often blocked by CORS. Use an API layer instead.
- File system access: WASI provides a virtual filesystem, but it’s isolated per instance. You can’t read arbitrary files from the user’s machine — you’d need the File System Access API, which has limited browser support.
- Large package ecosystems: Pyodide supports a curated set of packages, but the vast majority of PyPI packages with C extensions won’t work without recompilation. MicroPython-WASM supports even fewer.
- Long-running computations: JavaScript’s single-threaded event loop means heavy Python computations will block the main thread. Web Workers help, but they add complexity and communication overhead.
The Bottom Line
Browser-based Python in 2026 is no longer a novelty. It’s a set of mature, specialized tools, each with a clear use case:
- Pyodide for when you need the full Python ecosystem in the browser — data science, education, interactive computing.
- MicroPython-WASM for when you need a lightweight, secure sandbox — plugin systems, AI code execution, user-submitted scripts.
- Custom Wasm compilation for when you need performance — targeted hot paths that need near-native speed.
The developers who get the most value from browser-based Python are the ones who stop asking “can I run Python in the browser?” and start asking “which Python-in-the-browser approach solves my specific problem with the least overhead?”
The answer to that question is no longer “none of them.” It’s one of three — and picking the right one makes all the difference.
Discussion
Leave a comment
No comments yet
Be the first to start the conversation.