{ "info": { "author": "David Fischer", "author_email": "djfische@gmail.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Intended Audience :: Developers", "License :: OSI Approved :: BSD License", "Operating System :: OS Independent", "Programming Language :: Python", "Programming Language :: Python :: 2", "Programming Language :: Python :: 3", "Topic :: Security", "Topic :: Software Development :: Libraries :: Python Modules" ], "description": "Python Module Security Admonition\n=================================\n\nIf you are reading this admonition while running pip, I'd like to take\nthis time to inform you that you just ran arbitrary code from the untrusted\ninternet (maybe even as root?). The fact that this was so easy is a bit of a\nproblem.\n\nRemember when RubyGems.org got compromised and was down since they weren't\nsure whether there were any problems with the gems themselves? That could\nhave just as easily been PyPI. Adding SSL to PyPI and certificate checking\nto pip were big steps forward, but we need to make shipping and installing\nmodules securely even easier. I'm not sure whether that means developer\ncertificates or package signing or something else, but we need to find a\nway to run only trusted code. As long as a one character typo can root your\nbox, the problem persists.\n\nhttps://github.com/davidfischer/requestes", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/davidfischer/requestes", "keywords": null, "license": "BSD", "maintainer": null, "maintainer_email": null, "name": "requestes", "package_url": "https://pypi.org/project/requestes/", "platform": "OS Independent", "project_url": "https://pypi.org/project/requestes/", "project_urls": { "Download": "UNKNOWN", "Homepage": "https://github.com/davidfischer/requestes" }, "release_url": "https://pypi.org/project/requestes/0.0.1/", "requires_dist": null, "requires_python": null, "summary": "Python Module Security Admonition", "version": "0.0.1" }, "last_serial": 761259, "releases": { "0.0.1": [ { "comment_text": "", "digests": { "md5": "cdebbb98a7ecadb374adbb5d65001f4e", "sha256": "13491483ec8a5a8ed296b7e9f88a4297a283421beefe740e69d6c359b15dad8f" }, "downloads": -1, "filename": "requestes-0.0.1.tar.gz", "has_sig": false, "md5_digest": "cdebbb98a7ecadb374adbb5d65001f4e", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1408, "upload_time": "2013-06-07T01:20:14", "url": "https://files.pythonhosted.org/packages/0f/58/7dd0d1b8fda382ed9440614c8bca77210fa4e8158261d744bab53f395fd2/requestes-0.0.1.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "cdebbb98a7ecadb374adbb5d65001f4e", "sha256": "13491483ec8a5a8ed296b7e9f88a4297a283421beefe740e69d6c359b15dad8f" }, "downloads": -1, "filename": "requestes-0.0.1.tar.gz", "has_sig": false, "md5_digest": "cdebbb98a7ecadb374adbb5d65001f4e", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 1408, "upload_time": "2013-06-07T01:20:14", "url": "https://files.pythonhosted.org/packages/0f/58/7dd0d1b8fda382ed9440614c8bca77210fa4e8158261d744bab53f395fd2/requestes-0.0.1.tar.gz" } ] }