pvpcheck

Package to check if private repository libraries have a public doppelgaenger with the same name. The goal is to prevent a dependency confusion attack on the PyPi ecosystem.

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Project description

Package to check if private repository libraries have a public doppelgaenger with the same name. The goal is to prevent a dependency confusion attack on the PyPi ecosystem.

Project details

These details have not been verified by PyPI

Project links

Homepage

GitHub Statistics

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Release history Release notifications | RSS feed

1.2.0 yanked

Jan 13, 2023

Reason this release was yanked:

error in naming

This version

1.1.0

Jan 13, 2023

1.0.0 yanked

Jan 13, 2023

Reason this release was yanked:

error naming

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pvpcheck-1.1.0.tar.gz (2.6 kB view hashes)

Uploaded Jan 13, 2023 Source

Hashes for pvpcheck-1.1.0.tar.gz

Hashes for pvpcheck-1.1.0.tar.gz
Algorithm	Hash digest
SHA256	`36541fd6e7bbf3ce3e02470b944b5d120a15e2daad742d278577368fe7627e78`
MD5	`a4602db01698bf6dbf314097ec456f5b`
BLAKE2b-256	`1b3518df51e56e0fa0c02a93ca44773ea8a60c19d5f17e9204e9e744df6b8da7`