GitHub

AustinTSchaffer/PyPI-Dependency-Graph

Project goal: catalogue the dependency chain for all versions of all* packages. * This requirement will likely be revised. My hypothesis is that you can dramatically ...
GitHub

codefixxx/Pypi-Dependency-Graph-Analysis

This project visualizes and analyzes the dependency relationships between packages in a Python environment using a graph-based approach. It employs networkx for graph creation and centrality analysis, ...
ZDNet

Twelve malicious Python libraries found and removed from PyPI

A software security engineer has identified 12 Python libraries uploaded on the official Python Package Index (PyPI) that contained malicious code. The 12 packages have been discovered in two separate ...
IEEE

Understanding and Remediating Open-Source License Incompatibilities in the PyPI Ecosystem

Abstract: The reuse and distribution of open-source software must be in compliance with its accompanying open-source license. In modern packaging ecosystems, maintaining such compliance is challenging ...