Skip to content

v0.2.0
Compare
Choose a tag to compare
@astariul astariul released this 13 Jan 06:09
· 51 commits to main since this release
v0.2.0
ef10c66
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

✨ What's new

  • Realtime checks against supply-chain attacks #54 #65 @astariul
    Now when you access your github-hosted PyPi index, packages that are vulnerable to supply chain attacks are displayed in red, and the install command line is replaced with a warning.
  • Add a vulnerable package (transformers) in the demo to show the warnings #56 #58 @astariul

🔧 Maintenance

🐛 Bug fixes

Contributors

astariul
Assets 2
Loading