Re: F35 Change: Python Packaging Guidelines overhaul (System-Wide Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 6/14/21 5:11 PM, Neal Gompa wrote:

On Mon, Jun 14, 2021 at 8:02 PM Gordon Messmer <gordon.messmer@xxxxxxxxx> wrote:

https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

It's not terribly different from how organizations may have private
Python package indexes that may use whatever names they want for
Python software they build and release.
Yes, that was my point.  That's exactly how Alex Birsan was able to infiltrate and exploit "dozens" of tech companies. 
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux