Latest posts tagged with #PyPI on Bluesky
Half the ecosystem. Done.
180 of the top 360 PyPI packages now ship free-threaded wheels, a milestone the whole Python community helped reach.
The next 50% needs you. π
See how to help in our latest blog by Nathan Goldbaum: buff.ly/GzMmtfy
#Python #PyPI #FreethreadedPython #Quansight
ππ Dive into recent discoveries of PyPI package vulnerabilities! Stay informed and secure your projects. Read more here: innovirtuoso.com/cybersecurity/a-deep-div... #Cybersecurity #Python #PyPI #Vulnerabilities
This cannot be:
I am trying to compile a few stats for the #Snakemake executor plugin for #SLURM on #HPC systems. Preparing for a lighting talk at the #SnakemakeHackathon2026
PyPi: 20,000 downloads last month
BioConda: > 60,000 total (aggregated over all versions)
Impressive as it might be [β¦]
I got too excited about "set-and-forget" relative dependency cooldowns coming to #pip that I hacked them together using cron and a script that calculates uploaded-prior-to in pip.conf π
sethmlarson.dev/pip-relative...
#python #pypi #dependencycooldowns #security
Huge thanks to @fastly.com for 10+ years of keeping #PyPI up and running! PyPI serves 800K+ users at ~100K requests/sec. With a small team behind the service, that kind of scale is only possible because of infrastructure partners who invest in the sustainability of the #Python ecosystem.
I did an open source. Meet nuv github.com/stevencarpen.... I often like spinning small, utility cli tools. Sometimes they are for a larger project's administration, or just a one off thing. Now I can spin a new UV project with one command and it comes with the basic cli setup I like. #foss #pypi #uv
The new iRODS HTTP API Python Wrapper Library v0.1.0 is released!
github.com/irods/irods_...
Via PyPI:
pip install irods-http
#python #irods #http #pypi
The Underfunded Gatekeepers: How Open-Source Registries Became Critical Infrastructure Without the Budget to Match Open-source package registries like npm and PyPI distribute billions of software p...
#CybersecurityUpdate #npm #open-source #funding [β¦]
[Original post on webpronews.com]
Wow, I've just learned that GStreamer is now publishing bundles including all dependencies for Python on PyPI:
https://pypi.org/project/gstreamer-bundle/
gitlab.freedesktop.org/gstreamer/gstreamer/-/is...
Unfortunately, not yet for GNU/Linux (understandable seeing the complexity [β¦]
Humpf. Was on a good roll this evening, just updated BlogMore again, and while I can see the latest version (0.6.0) on PyPI nothing seems to want to convince uv that there's anything later than 0.5.0. π
#Python #PyPI
Hi thereπ I've publicated my onlyone #python app on #PyPI
If you need a tool to find and move to trash #duplicates of your files, feel free to use it and write me a feedback.
Here is link to #onlyone on pypi:
pypi.org/project/only...
It requires python >= 3.9
It has both cli and gui
thanks
Maybe not worth it for #pypi to implement, but I wonder if there are any projects that look at #python packages, and map the connection between projects and entrypoints. For example, if my project loads an `example.foo` entrypoint, then how would I search all projects that implement an ` [β¦]
π° Perekrut Palsu Sembunyikan Malware dalam Tes Coding untuk Developer Kripto
π Baca artikel lengkap di sini: ahmandonk.com/2026/02/15/fake-recruite...
#cryptocurrency #cybersecurity #lazarus #group #malware #npm #pypi #supply #chain #attack
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems reconbee.com/lazarus-camp...
#Lazarus #Lazaruscampaign #malicious #packages #PyPI #npm #cybersecurity #cyberattack
OpenClaw Scanner: Open-source tool detects autonomous AI agents A new free, open source tool is available to help organizations detect where autonomous AI agents are operating across corporate envi...
#Don't #miss #News #agentic #AI #Astrix #Security [β¦]
[Original post on helpnetsecurity.com]
ππ Dive into recent discoveries of PyPI package vulnerabilities! Stay informed and secure your projects. Read more here: innovirtuoso.com/cybersecurity/a-deep-div... #Cybersecurity #Python #PyPI #Vulnerabilities
~Socket~
Malicious dYdX packages on npm and PyPI steal crypto wallet credentials and deploy a Remote Access Trojan (RAT).
-
IOCs: dydx. priceoracle. site
-
#PyPI #SupplyChain #ThreatIntel #npm
Alert: Malicious Python packages `spellcheckerpy` and `spellcheckpy` on PyPI deliver hidden RATs. Developers, verify packages before use to safeguard your projects. #CyberSecurity #PyPI #Malware Link: thedailytechfeed.com/pypi-malicio...
Fake PyPI Packages Spread Remote Trojan
Read More: buff.ly/gEm6AwJ
#PyPI #SupplyChainAttack #PythonSecurity #OpenSource #Malware #DevSecOps #SoftwareSecurity #Infosec
Over the past year (and a half!), our inaugural PyPI Support Specialist, Maria Ashna, helped tackle backlogs, improve support processes, and keep #PyPI running smoothly for the #Python community.
Read the full reflection on what that work looked like π
blog.pypi.org/posts/2026-0...
ChatGPT Containers can now run bash, pip/npm install packages, and download files One of my favourite features of ChatGPT is its ability to write and execute code in a container. This feature launc...
#pypi #sandboxing #npm #ai #openai #generative-ai #chatgpt #llms #ai-assisted-programming [β¦]
ChatGPT Containers can now run bash, pip/npm install packages, and download files One of my favourite features of ChatGPT is its ability to write and execute code in a container. This feature launc...
#pypi #sandboxing #npm #ai #openai #generative-ai #chatgpt #llms #ai-assisted-programming [β¦]
ChatGPT Containers can now run bash, pip/npm install packages, and download files One of my favourite features of ChatGPT is its ability to write and execute code in a container. This feature launc...
#pypi #sandboxing #npm #ai #openai #generative-ai #chatgpt #llms #ai-assisted-programming [β¦]
ChatGPT Containers can now run bash, pip/npm install packages, and download files One of my favourite features of ChatGPT is its ability to write and execute code in a container. This feature launc...
#pypi #sandboxing #npm #ai #openai #generative-ai [β¦]
[Original post on simonwillison.net]
ChatGPT Containers can now run bash, pip/npm install packages, and download files One of my favourite features of ChatGPT is its ability to write and execute code in a container. This feature launc...
#pypi #sandboxing #npm #ai #openai #generative-ai #chatgpt #llms #ai-assisted-programming [β¦]
Alert: Malicious PyPI package 'sympy-dev' mimics popular SymPy library to deploy cryptomining malware. Developers, verify packages before installation! #CyberSecurity #PyPI #SymPy #Cryptomining Link: thedailytechfeed.com/malicious-py...
Alert: Malicious PyPI package 'sympy-dev' impersonates SymPy to deploy XMRig miner on Linux systems. Developers, verify package authenticity to protect your projects. #CyberSecurity #PyPI #Cryptojacking Link: thedailytechfeed.com/malicious-py...
#Python : Malicious #PyPI Package called 'sympy-dev' Impersonates #SymPy, Deploys XMRig Miner on Linux Hosts:
#SoftwareSupplyChainSecurity
π
π @python.org announced a 2-year partnership with #Anthropic, which will contribute $1.5 million to support the foundation's security initiatives for #PyPI: https://bit.ly/4a6uvhU
Malicious PyPI Package Impersonates SymPy Deploys XMRig Miner on Linux Hosts reconbee.com/malicious-py...
#PyPI #PyPIpackages #SymPy #XMRigminer #linuxhosts #linux #cybersecurity #cyberattack
