Python Package Index
@pypi
The Python Package Index (PyPI) is the repository of software for the Python programming language. Pronounced 🥧 🫛 👁️
قد يعجبك
A campaign targeted GitHub Actions to steal PyPI tokens—PyPI wasn’t compromised and no PyPI packages were published by the attackers. Stay safe: review your tokens, rotate any exposed ones, and use short-lived, scoped GitHub Actions tokens. Details: blog.pypi.org/posts/2025-09-…
🚨 There is a new ongoing phishing campaign against PyPI users. This campaign uses the same tactics as the previous campaign targeting PyPI users, but with a new domain. Read more about what steps we're taking to protect PyPI users from future campaigns: blog.pypi.org/posts/2025-09-…
The PSF has adopted pypistats.org, ensuring long-term stability while staying open source and community driven 🎉 Thank you to Christopher Flynn, for operating this community service for 6+ years- and for continuing to maintain the project 💪🐍 pyfound.blogspot.com/2025/08/pypist…
PyPI now checks for expired domains to prevent domain resurrection attacks, a type of supply-chain attack where someone buys an expired domain and uses it to take over #PyPI accounts through password resets. #Python #OpenSource #SupplyChain #Security blog.pypi.org/posts/2025-08-…
The Python Package Index is introducing new restrictions to protect Python package installers and inspectors from ZIP confusion attacks. There is no evidence that this vulnerability has been exploited. Read the blog post for more information: blog.pypi.org/posts/2025-08-…
We're happy to share that we've started a #PyPI Bluesky account 🦋🐍 and we welcome you to follow us if you're over there! We will still continue to share announcements here. bsky.app/profile/pypi.o… #python
i'm late to the party but just started using trusted publishing on @pypi and it's such a nice experience! just create a release.yml on github and add the repo name on the pypi project, that's it! it's so good to not deal with creating api tokens and putting them on github
"In 2023, Google’s Open Source Security Team (GOSST) helped to fund the launch of Trusted Publishing for PyPI and supported the rollout of 2FA enforcement across PyPI" 👏👏👏
As we look to the future of open source, we're investing in improving security posture of open source projects and ecosystems. 💡 Learn more about our efforts to secure open source supply chains ⬇️ goo.gle/3X1QZKv
Astral is starting a fund to support open source projects and maintainers 💝 Thank you @astral_sh for your support of open source, the PSF, and the #python community, especially @pypi and CPython! x.com/astral_sh/stat…
Announcing the Astral OSS Fund. We're giving > $3,000 per Astral team member per year to open source projects, maintainers, and foundations, inspired by @getsentry's OSS Pledge. astral.sh/blog/astral-os…
Enormous news! the Python Software Foundation now has a 5 year commitment with @fastly to deliver @pypi, us.pycon.org, and much more. We appreciate you and your continued investment in the #python community, Fastly! #PyConUS
We’re grateful for @fastly’s #FastForward program. With our Fastly-sponsored CDN, in 2023 @pypi had a 99% cache-hit ratio, averaging ~36k requests/sec! Thank you for providing solutions so we can focus on our mission to support the #python community 💙💛
The Python Software Foundation adopted Fastly Fiddle & Fastly CDN through our #FastForward ⏩ program, which empowered the #opensource #nonprofit to deliver results quickly and easily, despite resource constraints. Learn more about our work with @ThePSF: fastly.us/4aa2SS0
Concerned about the security of your Python packages? 🔒 Gain actionable insights and best practices in our upcoming webinar on securing @PyPI and open-source ecosystems. Register now to secure your spot: hubs.ly/Q02svkR70 #PyPI #Cybersecurity #OpenSourceSecurity
🎉 ActiveState is pleased to announce our inclusion as a Trusted Publisher to PyPI, enabling Python authors to securely publish Python packages directly via ActiveState’s Platform. Become a trusted author today: ow.ly/Z34i50RikiO #ActiveState #TrustedPublisher #PyPI
Starting today, PyPI package maintainers can publish via Trusted Publishing from three additional providers: - @gitlab - @googlecloud - @ActiveState They join @github Actions to support publishing without long-lived passwords or API tokens. blog.pypi.org/posts/2024-04-…
This weekend, we detected & mitigated an account takeover attack affecting several PyPI users. At this time, we have not found evidence of malware or any other malicious activity beyond unauthorized account access. Our incident report has more details. blog.pypi.org/posts/2024-04-…
The PSF is looking for a PyPI Support Specialist to join the team! This is a remote position with 2-4 hours/week overlap with US Eastern/Central work hours. Please share this posting with your colleagues and networks. #python #pypi …thonsoftwarefoundation.applytojob.com/apply/nyYHuOha…
PyPI now has an improved way to report #malware, via #PyPI itself! Available on web and preview beta API. Learn more and sign up to help test: blog.pypi.org/posts/2024-03-…
United States الاتجاهات
- 1. Bills 128K posts
- 2. Falcons 41.7K posts
- 3. Josh Allen 20.7K posts
- 4. Snell 12.3K posts
- 5. Bears 58.5K posts
- 6. Bijan 25.5K posts
- 7. Caleb 37.1K posts
- 8. phil 141K posts
- 9. AFC East 5,245 posts
- 10. Joe Brady 4,060 posts
- 11. McDermott 5,984 posts
- 12. #RaiseHail 6,829 posts
- 13. Swift 283K posts
- 14. #RiseUp 1,776 posts
- 15. Commanders 37.4K posts
- 16. Jayden Daniels 7,007 posts
- 17. #NLCS 8,390 posts
- 18. Freddie 15.4K posts
- 19. Troy Aikman 2,156 posts
- 20. James Cook 4,306 posts
قد يعجبك
-
Python Software Foundation
@ThePSF -
Talk Python Podcast
@TalkPython -
Guido van Rossum
@gvanrossum -
PyCoder’s Weekly
@pycoders -
Real Python
@realpython -
Python Developer
@Python_Dv -
Scientific Python
@SciPyTip -
Python Hub
@PythonHub -
Python Programming
@PythonPr -
Django
@djangoproject -
PyData
@PyData -
Python Trending 🇺🇦
@pythontrending -
Matt Makai | Full Stack Python | Plushcap
@fullstackpython -
Mike Driscoll
@driscollis -
PythonAnywhere
@pythonanywhere
Something went wrong.
Something went wrong.