#pypi

[ follow ]
#supply-chain-attack
ITPro
1 month ago
Information security

New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks

Revival Hijack poses a serious risk to up to 22,000 PyPI packages, exploiting deleted package names for potential hijacking. [ more ]
The Hacker News
1 month ago
Information security

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

A new supply chain attack technique called Revival Hijack targets the PyPI registry, allowing attackers to exploit existing packages for malicious intent. [ more ]
ITPro
1 month ago
Information security

New Revival Hijack technique leaves 22,000 PyPi projects vulnerable to attacks

Revival Hijack poses a serious risk to up to 22,000 PyPI packages, exploiting deleted package names for potential hijacking. [ more ]
The Hacker News
1 month ago
Information security

Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers

A new supply chain attack technique called Revival Hijack targets the PyPI registry, allowing attackers to exploit existing packages for malicious intent. [ more ]
moresupply-chain-attack
#python
Pythontest
2 months ago
JavaScript

Finding the top pytest plugins

The article discusses the top downloaded pytest plugins based on recent data, highlighting their significance in Python testing. [ more ]
Hackernoon
1 year ago
JavaScript

Step-by-Step Guide to Publishing Your First Python Package on PyPI Using Poetry: Lessons Learned | HackerNoon

Creating and publishing a Python package to PyPI using Poetry involves steps like preparing an account, generating an API token, and setting up a project with dependencies. [ more ]
Python GUIs
7 months ago
Python

Setting Your Python Working Environment, the Right Way

Python packages from PyPI can extend functionality.
Python virtual environments help manage package dependencies. [ more ]
Pythontest
2 months ago
JavaScript

Finding the top pytest plugins

The article discusses the top downloaded pytest plugins based on recent data, highlighting their significance in Python testing. [ more ]
Hackernoon
1 year ago
JavaScript

Step-by-Step Guide to Publishing Your First Python Package on PyPI Using Poetry: Lessons Learned | HackerNoon

Creating and publishing a Python package to PyPI using Poetry involves steps like preparing an account, generating an API token, and setting up a project with dependencies. [ more ]
Python GUIs
7 months ago
Python

Setting Your Python Working Environment, the Right Way

Python packages from PyPI can extend functionality.
Python virtual environments help manage package dependencies. [ more ]
morepython
Developer Tech News
4 months ago
Information security

Sonatype exposes malicious PyPI package 'pytoileur'

Sonatype discovered a malicious PyPI package 'pytoileur' within a larger campaign, showcasing the importance of robust security measures in the coding community. [ more ]
Cogito, Ergo Sumana
5 months ago
Python

Links and References For My PyCon US Keynote

PyPI overhaul from 2017-2018 improved infrastructure with Mozilla grant and Warehouse shift. [ more ]
Tryton Discussion
5 months ago
Python

Release 1.5.0 of python-sql

Python-sql 1.5.0 release includes MERGE query, 'UPSERT' support, GROUPING SETS, CUBE, ROLLUP for SQL queries. [ more ]
#security-audit
Pythonbytes
6 months ago
Python

Debugging with your eyes

NumFOCUS facing challenges and changes in governance structure.
PyPI undergoes security audit by Trail of Bits. [ more ]
Realpython
10 months ago
Python

Python News: What's New From November 2023 - Real Python

PyPI completed its first external security audit, which didn't identify any high-severity issues but flagged some vulnerabilities that were remediated.
Python 3.13.0a2, the second alpha release, eliminates several deprecated modules. [ more ]
Pythonbytes
6 months ago
Python

Debugging with your eyes

NumFOCUS facing challenges and changes in governance structure.
PyPI undergoes security audit by Trail of Bits. [ more ]
Realpython
10 months ago
Python

Python News: What's New From November 2023 - Real Python

PyPI completed its first external security audit, which didn't identify any high-severity issues but flagged some vulnerabilities that were remediated.
Python 3.13.0a2, the second alpha release, eliminates several deprecated modules. [ more ]
moresecurity-audit
Realpython
6 months ago
Python

Install and Execute Python Applications Using pipx - Real Python

pipx creates and manages virtual environments automatically to isolate dependencies of installed Python packages.
pipx adds symbolic links to command-line scripts of installed packages for direct execution without Python interpreter. [ more ]
Developer Tech News
6 months ago
Python

PyPI suspends registrations amid malware attack

PyPI has suspended new project creation due to a malware upload campaign.
Attackers are using typosquatting to distribute malicious Python packages for data theft. [ more ]
Python Software Foundation Blog
7 months ago
Python

Announcing a PyPI Support Specialist

PyPI has seen significant growth with over half a million packages and a 57% increase in 2022.
Increased growth has necessitated hiring more staff to manage security needs, account issues, and community frustrations. [ more ]
PyPy
9 months ago
Software development

PyPy has moved to Git, GitHub

PyPy has moved its canonical repo and issue tracker from Heptapod to GitHub.
The motivation for the move is to make it easier for users to search for issues and to address spam control concerns. [ more ]
PyPy
10 months ago
Python

PyPy v7.3.14 release

PyPy v7.3.14: release of python 2.7, 3.9, and 3.10
The PyPy team is proud to release version 7.3.14 of PyPy.
Mouse Vs Python
11 months ago
Python

Episode 22 - Git and Django with Adam Johnson - Mouse Vs Python

Adam has made or contributed to more than 80 projects on PyPI.
Adam recently released a book called Boost Your Git DX. [ more ]
Mouse Vs Python
4 months ago
JavaScript

How to Publish a Python Package to PyPI - Mouse Vs Python

Publish Python packages on PyPI with proper structure and documentation. [ more ]
[ Load more ]