InfoWorld

How to use uv: A superfast Python package installer

All-in-one Python project management tool written in Rust aims to replace pip, venv, and more. Here's a first look. A few behaviors aren’t supported yet, but these should not interfere with your ...
InfoWorld

Software bill-of-materials docs eyed for Python packages

Python enhancement proposal would incorporate SBOM documents in Python packages as a way to improve dependency tracking and vulnerability analysis. Software bill-of-materials (SBOM) documents would be ...
Bleeping Computer

New Python tool checks NPM packages for manifest confusion issues

A security researcher and system administrator has developed a tool that can help users check for manifest mismatches in packages from the NPM JavaScript software registry. Last week, a former ...
EurekAlert!

New python package, ERTool, developed for efficient multi-source evidence fusion

Scientists from Peking University developed a new Python package for efficient implementation of the Evidential Reasoning approach for multi-source evidence fusion. Researchers from Peking University ...
Bleeping Computer

Malicious PyPI package with 37,000 downloads steals AWS keys

A malicious Python package named 'fabrice' has been present in the Python Package Index (PyPI) since 2021, stealing Amazon Web Services credentials from unsuspecting developers. According to ...