#319: Typosquatting and Supply Chains Vulnerabilities
Talk Python To Me6 Kesä 2021

#319: Typosquatting and Supply Chains Vulnerabilities

One of the true superpowers of Python is the libraries over at the Python Package Index. They are all just a "pip install" away. Yet, like all code that you run on your system, it is done with some degree of trust. How do we know that all of those useful packages are trustworthy? That's the topic of this episode. Bentz Tozer and John Speed Meyers are here to share their research into typosquatting on PyPI and other sneaky deeds. But we also discuss some potential solutions and fixes.

Jaksot(542)

#45: The Python Testing Column, Now a Thing

#45: The Python Testing Column, Now a Thing

What is the role, the core purpose of writing tests for your application? Should you write more unit tests and fewer integration tests, or is it actually the other way around? You may have heard of th...

9 Helmi 201658min

#44: Project Jupyter and IPython

#44: Project Jupyter and IPython

One of the fastest growing areas in Python is scientific computing. In scientific computing with Python, there are a few key packages that make it special. These include NumPy / SciPy / and related pa...

2 Helmi 20161h

#43: Monitoring high performance Python apps at Opbeat

#43: Monitoring high performance Python apps at Opbeat

What does it take to track detailed analytics and errors from literally thousands of web applications all at once? Could you build such a system entirely in Python?

26 Tammi 201639min

#42: Python in Startups and Investing

#42: Python in Startups and Investing

Have you ever dreamt of creating a startup that will change the world? You and your two best friends leave the dull world of writing internal business apps and go heads-down for three months to launch...

19 Tammi 201654min

#41: Getting your first dev job as a Python developer (part 2)

#41: Getting your first dev job as a Python developer (part 2)

How often do you meet people who are looking to get into the software development space? Do they ask you for advice? Maybe they want to know your story of how you got started and landed that first big...

12 Tammi 201652min

#40: Top 10 Data Science Stories from 2015

#40: Top 10 Data Science Stories from 2015

It's the end of the year and many of you are probably kicking and taking it easy without a TPS report to be seen. So we'll keep this fun and lighthearted this week. We've teamed up with the Partially ...

29 Joulu 201559min

#39: Getting your first dev job as a Python developer (part 1)

#39: Getting your first dev job as a Python developer (part 1)

How often do you meet people who are looking to get into the software development space? Do they ask you for advice? Maybe they want to know your story of how you got started and landed that first big...

22 Joulu 201550min

#38: Continuous Integration and Delivery at Codeship

#38: Continuous Integration and Delivery at Codeship

Have you heard about the works on my machine certification program? It's a really awesome certification for developers. It was created by Joseph Cooney and enhanced by Jeff Atwood (of stackoverflow fa...

15 Joulu 20151h 2min