Re: [Python-Dev] SK-CSIRT identified malicious software libraries in the official Python package repository, PyPI

* Victor Stinner , 2017-09-15, 23:08: Why not just reserving the name but don't provide any download file? Is is possible at the moment? I tried "python setup.py register", but all I got was: Server response (410): Project pre-registration is no longer required or supported, so continue direc

Re: [Python-Dev] PEP 557: Data Classes

On 2017-09-15 05:08, Michel Desmoulin wrote: Because given how convenient it is, it will most probably becomes the default way to write classes in Python. Not just for record. Yes, would have been great if this was how the original object worked and the current barebones object was a base(obj

Re: [Python-Dev] SK-CSIRT identified malicious software libraries in the official Python package repository, PyPI

An idea for typo squatting would be to compute the Levenshtein distance with package names of standard library and top 100 most popular PyPI packages, and require to contact a moderation team if the name is too close to an existing package. The moderation team will review the email, but also watch

Re: [Python-Dev] SK-CSIRT identified malicious software libraries in the official Python package repository, PyPI

Benjamin Bach and Hanno Böck are running https://www.pytosquatting.org/ and registered many projects lilke https://pypi.python.org/pypi/urllib2 "In June 2016, Typosquatting programming language package managers stated that urllib2 had ~4,000 downloads in 2 weeks. The package name is now squatted b

[Python-Dev] SK-CSIRT identified malicious software libraries in the official Python package repository, PyPI

Hi, Last week, the National Security Authority of Slovakia contacted the Python Security Response Team (PSRT) to report that the Python Package Index (PyPI) was hosting malicious packages. Installing these packages send user data to a HTTP server, but also install the expected module so it was an

[Python-Dev] Summary of Python tracker Issues

ACTIVITY SUMMARY (2017-09-08 - 2017-09-15) Python tracker at https://bugs.python.org/ To view or respond to any of the issues listed below, click on the issue. Do NOT respond to this message. Issues counts and deltas: open6171 (+22) closed 37065 (+68) total 43236 (+90) Open issues wi

Re: [Python-Dev] PEP 557: Data Classes

Le 14/09/2017 à 19:24, Mike Miller a écrit : > > On 2017-09-12 21:05, Guido van Rossum wrote: >> It's ironic that some people dislike "data classes" because these are >> regular classes, not just for data, while others are proposing >> alternative names that emphasize the data container aspect.