At first blush it looks like a normal wheel file:
$ unzip -l pb_tool-3.1.0-py3-none-any.whl
Archive: pb_tool-3.1.0-py3-none-any.whl
Length Date Time Name
--------- ---------- ----- ----
0 12-22-2018 00:17 pb_tool/__init__.py
42268 11-24-2019 01:50 pb_tool/pb_tool.py
4 12-21-2018 23:11 pb_tool/templates/basic.tmpl
4 12-21-2018 23:11 pb_tool/templates/dialog.tmpl
1034 12-21-2018 23:11 pb_tool/templates/icon.png
2710 11-22-2019 23:39 pb_tool/templates/pb_tool.tmpl
1439 11-22-2019 23:39 pb_tool/templates/dialog/__init__.tmpl
6760 11-22-2019 23:39 pb_tool/templates/dialog/module_name.tmpl
1765 11-22-2019 23:39
pb_tool/templates/dialog/module_name_dialog.tmpl
1518 12-21-2018 23:11
pb_tool/templates/dialog/module_name_dialog_base.ui.tmpl
692 11-22-2019 23:39 pb_tool/templates/dialog/readme.tmpl
117 12-21-2018 23:11 pb_tool/templates/dialog/resources.tmpl
1733 11-22-2019 23:39 pb_tool/templates/dialog/results.tmpl
1089 11-22-2019 23:39 pb_tool/templates/minimal/__init__.py
211 11-22-2019 23:39 pb_tool/templates/minimal/metadata.txt
18027 11-24-2019 01:51 pb_tool-3.1.0.dist-info/LICENSE
877 11-24-2019 01:51 pb_tool-3.1.0.dist-info/METADATA
92 11-24-2019 01:51 pb_tool-3.1.0.dist-info/WHEEL
99 11-24-2019 01:51 pb_tool-3.1.0.dist-info/entry_points.txt
8 11-24-2019 01:51 pb_tool-3.1.0.dist-info/top_level.txt
1844 11-24-2019 01:51 pb_tool-3.1.0.dist-info/RECORD
--------- -------
82291 21 files
Unzipped, pb_tool.py starts with:
$head pb_tool.py
"""
/***************************************************************************
qpbt
A tool for building and deploying QGIS plugins
-------------------
begin : 2014-09-24
copyright : (C) 2014 by GeoApt LLC
email : gsher...@geoapt.com
***************************************************************************/
Five seconds worth of looking at it doesn't raise any alarms, although
I'm not going to install or execute anything!
I think it was probably uploaded in error, and should just be unlinked
and marked as spam.
Eric
On 4/29/2021 12:39 AM, Terry Reedy wrote:
https://bugs.python.org/issue41608
Userid ttx11529 uploaded, without posting anything, a file called
pb_tool-3.1.0-py3-none-any.whl.
As best I understand, if the name is not forged, this is a file that
pip would use to install pb_tool 3.1.0 to any 3.x python.
https://pypi.org/project/pb-tool/
"pb_tool provides commands to deploy and publish a QGIS Python plugin."
The user list gives the real name as ปพนพัชร์ บรรพจันทร์.
Translate.google.com identifies this as Thai, transliterated to Paphon
Phatch Banchan.
This user's only other tracker activity so far was adding self as nosy to
https://bugs.python.org/issue43651
45 min before uploading this file.
This could be a clueless newbie, an ordinary spammer, or a malware
spreader.
Should anything be done other than marking the file as spam and
unlinking it?
Does anyone know how to safely examine the file, and care to?
Terry
_______________________________________________
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at
https://mail.python.org/archives/list/python-committers@python.org/message/YAJ6LWVRBJHG2RLUMJU5M6KRFFJF5677/
Code of Conduct: https://www.python.org/psf/codeofconduct/
--
Eric V. Smith
_______________________________________________
python-committers mailing list -- python-committers@python.org
To unsubscribe send an email to python-committers-le...@python.org
https://mail.python.org/mailman3/lists/python-committers.python.org/
Message archived at
https://mail.python.org/archives/list/python-committers@python.org/message/36YH6L2UHFUOFSLHNTYGS6BKH6AZBDFR/
Code of Conduct: https://www.python.org/psf/codeofconduct/
