https://bugs.python.org/issue41608
Userid ttx11529 uploaded, without posting anything, a file called
pb_tool-3.1.0-py3-none-any.whl.
As best I understand, if the name is not forged, this is a file that pip
would use to install pb_tool 3.1.0 to any 3.x python.
https://pypi.org/project/pb-tool/
"pb_tool provides commands to deploy and publish a QGIS Python plugin."
The user list gives the real name as ปพนพัชร์ บรรพจันทร์.
Translate.google.com identifies this as Thai, transliterated to Paphon
Phatch Banchan.
This user's only other tracker activity so far was adding self as nosy to
https://bugs.python.org/issue43651
45 min before uploading this file.
This could be a clueless newbie, an ordinary spammer, or a malware spreader.
Should anything be done other than marking the file as spam and
unlinking it?
Does anyone know how to safely examine the file, and care to?
Terry
_______________________________________________
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at
https://mail.python.org/archives/list/python-committers@python.org/message/YAJ6LWVRBJHG2RLUMJU5M6KRFFJF5677/
Code of Conduct: https://www.python.org/psf/codeofconduct/
