[sage-devel] On backdooring open source projects

If the recent xz backdoor drama didn't induce enough paranoia in you, here is a second chance exception: https://www.theregister.com/2024/04/16/xz_style_attacks_continue/ Open sourcerers say suspected xz-style attacks continue to target maintainers Social engineering patterns spotted across rang

[sage-devel] Re: Proposal (redo): Make python_build (and its dependency pyproject_hooks) a standard package

+1 on making python_build a standard package. - Marc On Tuesday, April 9, 2024 at 10:44:36 PM UTC-5 Matthias Koeppe wrote: > We added python_build as an optional "pip" package (see > https://deploy-livedoc--sagemath.netlify.app/html/en/developer/packaging#package-types > for > the terminology