Posted byCrista Perlton on September 16th, 2022.
Can you spot the difference between colorama and colourama? Sure, one is American English and the other is aimed at British-English users. One of these is a malicious python package designed to trick users and the other is legitimate. Chances are that you’ve heard about vulnerable...
Posted byCrista Perlton on May 3rd, 2022.
Having uncontrolled package dependencies can lead to some unintended consequences, like version conflict and even malicious and vulnerable packages. Let’s see what happens when you let those dependency trees go unchecked.
Posted byCrista Perlton on February 15th, 2022.
There are few things more frustrating than investigating why code works on one machine, but not another. This article will explain how unwanted packages sneak into your code, describe how to use requirements.txt files to ensure repeatable builds, and show how Package Consumers can quickly identify which applications are using a specific...