{"id":182099,"date":"2019-12-06T02:20:00","date_gmt":"2019-12-05T18:20:00","guid":{"rendered":"http:\/\/itteacheritfreelance.hk\/test\/wordpress\/?guid=b2f55eb55919c611f4b13f97c1b2ee29"},"modified":"2019-12-06T02:20:00","modified_gmt":"2019-12-05T18:20:00","slug":"snake-bites-beware-malicious-python-libraries-2","status":"publish","type":"post","link":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/2019\/12\/06\/snake-bites-beware-malicious-python-libraries-2\/","title":{"rendered":"Snake bites: Beware malicious Python libraries"},"content":{"rendered":"<article>\n<section class=\"page\">\n<p>Earlier this week, two Python libraries containing malicious code were\u00a0<a href=\"https:\/\/github.com\/dateutil\/dateutil\/issues\/984\" rel=\"nofollow\">removed from the Python Package Index<\/a> (PyPI), Python\u2019s official repository for third-party packages.<\/p>\n<p>It\u2019s the latest incarnation of a problem faced by many modern software development communities, raising an important question for all developers who rely on open source software: How can you make it possible for people to contribute their own code to a common repository for re-use, without those repos becoming vectors for attacks?<\/p>\n<aside class=\"fakesidebar\">[ <u><a href=\"https:\/\/www.infoworld.com\/article\/3440104\/10-software-development-cults-to-join.html\">Also on InfoWorld: 10 software development cults to join<\/a><\/u> ]<\/aside>\n<aside class=\"fakesidebar\"\/>\n<p>By and large, the official third-party library repositories for languages run as open source projects, like Python, are safe. But malicious versions of a library can spread quickly if unchecked. And the fact that most such language repositories are overseen by volunteers means that only so many eyes are on the lookout and contributions don\u2019t always get the scrutiny needed.<\/p>\n<p class=\"jumpTag\"><a href=\"https:\/\/www.javaworld.com\/article\/3488561\/snake-bites-beware-malicious-python-libraries.html#jump\">To read this article in full, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"excerpt":{"rendered":"<p>Earlier this week, two Python libraries containing malicious code were\u00a0removed from the Python Package Index (PyPI), Python\u2019s official repository for third-party packages.It\u2019s the latest incarnation of a problem faced by many modern software develop&#8230; <a href=\"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/2019\/12\/06\/snake-bites-beware-malicious-python-libraries-2\/\">\u95b1\u8b80\u5168\u6587 <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":168,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"slim_seo":[],"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false}}},"categories":[451,2,7],"tags":[398,402,397,414,413,410,409,407,408,406,399,400,394,318,558,560,555,561,566,553,554,586,585,563,562,183,567,524,10,401,396,403,412,411,395,405,404,457,454,319,316],"jetpack_publicize_connections":[],"aioseo_notices":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p7prtj-Ln5","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/posts\/182099"}],"collection":[{"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/users\/168"}],"replies":[{"embeddable":true,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/comments?post=182099"}],"version-history":[{"count":1,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/posts\/182099\/revisions"}],"predecessor-version":[{"id":182100,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/posts\/182099\/revisions\/182100"}],"wp:attachment":[{"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/media?parent=182099"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/categories?post=182099"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/itteacheritfreelance.hk\/test\/wordpress\/wp-json\/wp\/v2\/tags?post=182099"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}