I think the CTX package on PyPI has been hacked!

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/Python

Our great sponsors
  • JetBrains - Developer Ecosystem Survey 2022
  • SonarQube - Static code analysis for 29 languages.
  • Scout APM - Less time debugging, more time building
  • pattern-matching-in-python

    Pattern Matching in Python

    Hey I wrote something about that some time ago. Please give me some feedback, if possible :)

  • ctx

    A minimal but opinionated dict/object combo (like Bunch).

    The github repo still has the correct code.

  • JetBrains

    Developer Ecosystem Survey 2022. Take part in the Developer Ecosystem Survey 2022 by JetBrains and get a chance to win a Macbook, a Nvidia graphics card, or other prizes. We’ll create an infographic full of stats, and you’ll get personalized results so you can compare yourself with other developers.

  • dangerzone

    Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs

    Isolating … like setting up a VM without net access or shared folders and then use e.g. dangerzone?

  • safety

    Safety checks your installed dependencies for known security vulnerabilities

    Checking could be done if something like this eventually shows up in safety or pip-audit.

  • pip-audit

    Audits Python environments and dependency trees for known vulnerabilities

    Checking could be done if something like this eventually shows up in safety or pip-audit.

  • bandit

    Bandit is a tool designed to find common security issues in Python code.

    If the risk is higher than normal, they could run a static code analysis tool like bandit, that includes checks for bad practices. While I think you should be able to code whatever/however you want to, it could lower your score if you looped through all env-variables. Maybe. Then display that indicator on pypi.

  • CPython

    The Python programming language

    You are most welcome! In fact I had my issues with this too and can relate. Btw., I am sure Python would benefit from issues that mention concrete shortcomings, that is, if you are up to another good deed.

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

  • kad

    A simple Python package converting dictionary keys to attributes of a class. (by morrigan-plus-plus)

  • warehouse

    The Python Package Index

    The loss of pip search was a sad event. I discovered many, small, well written packages with it. Not enough people get involved and I can tell you why: It's difficult to 'get in'. If you click the small "contribute" link at the bottom of the pypi site you end up here. Not exactly a welcoming mat ! The python.org get involved page is a bit better, but right behind each of the links you get right into the action a bit too fast. As a retired CS guy I'd love to get involved and give some time, but I would need some handholding ( or more information) before I feel comfortable doing so.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts