|
Pathway to requiring OpenSSL 3 or newer in CPython?
|
|
10
|
816
|
April 17, 2024
|
|
Trying to understand security backport policy
|
|
6
|
311
|
April 17, 2024
|
|
CPython, PyPI, and many Python packages are not affected by the backdoor of xz
|
|
6
|
2615
|
April 11, 2024
|
|
PyPI Malware Observation Report Outcomes - Private Preview
|
|
0
|
584
|
March 20, 2024
|
|
Create and distribute Software Bill-of-Materials (SBOM) for Python artifacts
|
|
29
|
4550
|
February 7, 2024
|
|
Python maillibs don't verify server certificates by default, which is documented behavior, but several open source projects failed to do this right and I like to see this fixed
|
|
13
|
1023
|
February 5, 2024
|
|
How to hide or remove sensitive data from getting exposed in memory dump?
|
|
2
|
293
|
January 30, 2024
|
|
Announcement: 2FA now required for PyPI
|
|
13
|
816
|
January 5, 2024
|
|
Announcement: 2FA Requirement for PyPI 2024-01-01
|
|
0
|
1993
|
December 11, 2023
|
|
Pip must notify people that they have been compromised by a malicious package
|
|
14
|
853
|
December 16, 2023
|
|
`ssl`: changing the default `SSLContext.verify_flags`?
|
|
16
|
2185
|
November 28, 2023
|
|
The Python Software Foundation has been authorized by the CVE Program as a CVE Numbering Authority (CNA)
|
|
2
|
1554
|
August 29, 2023
|
|
How to word a warning about security uses in `urllib.parse` docs
|
|
15
|
1244
|
May 3, 2023
|
|
Using SourceRank score to warn or limit packages
|
|
17
|
1178
|
April 30, 2023
|
|
Sprint recording: Dustin Ingram on Open Source Security for CPython
|
|
4
|
488
|
October 20, 2023
|