On Sun, Jun 13, 2021 at 10:47 AM Ralf Gommers <ralf.gomm...@gmail.com> wrote:
> Hi all, > > FYI, I noticed this package that claimed to be maintained by us: > https://pypi.org/project/numpy-aarch64/. That's not ours, so I tried to > contact the author (no email provided, but guessed the same username on > GitHub) and asked to remove it: > https://github.com/tomasriv/DNA_Sequence/issues/1. > > There are a very large number of packages with "numpy" in the name on > PyPI, and there's no way we can audit/police that effectively, but if it's > a rebuild that pretends like it's official then I think it's worth doing > something about. It could contain malicious code for all we know. > > That is a pretty misleading package description, would have fooled me if I didn't know better. I didn't get the impression it was malicious, but still . . . Chuck
_______________________________________________ NumPy-Discussion mailing list NumPy-Discussion@python.org https://mail.python.org/mailman/listinfo/numpy-discussion
