GitHub - astral-sh/rye: a Hassle-Free Python ExperienceYou signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert
SSH keys stolen by stream of malicious PyPI and npm packages
A stream of malicious npm and PyPi packages have been found stealing a wide range of sensitive data from software developers on the platforms. The campaign started on September 12, 2023, and was first discovered by Sonatype, whose analysts unearthed 14 malicious packages on npm. Phylum reports that after a brief operational hiatus on September 16 and 17, the attack has resumed and expanded to the
Modular: Mojo🔥 - It’s finally here!
Since our launch of the Mojo programming language on May 2nd, more than 120K+ developers have signed up to use the Mojo Playground and 19K+ developers actively discuss Mojo on Discord and GitHub. Today, we’re excited to announce the next big step in Mojo’s evolution: Mojo is now available for local download – beginning with Linux systems, and adding Mac and Windows in coming releases. While the Mo
Announcing Astral, the company behind Ruff
TL;DR: I’ve started a company, Astral, to continue building high-performance developer tools for the Python ecosystem — to keep building Ruff, and to build more Ruff-like things. We’ve raised $4m in seed funding led by Accel, with participation from Caffeinated Capital, Guillermo Rauch (Vercel), Solomon Hykes (Docker), David Cramer (Sentry), and others. I built Ruff to test a theory: that Python t
March 20 ChatGPT outage: Here’s what happened
An update on our findings, the actions we’ve taken, and technical details of the bug. We took ChatGPT offline earlier this week due to a bug in an open-source library which allowed some users to see titles from another active user’s chat history. It’s also possible that the first message of a newly-created conversation was visible in someone else’s chat history if both users were active around the
Investigating a backdoored PyPi package targeting FastAPI applications | Datadog Security Labs
Introduction FastAPI is a highly popular Python web framework. On November 23rd, 2022, the Datadog Security Labs team identified a third-party utility Python package on PyPI related to FastAPI, fastapi-toolkit, that has been backdoored by a malicious actor. The attacker inserted a backdoor in the package, adding a FastAPI route allowing a remote attacker to execute arbitrary python code and SQL qu
Python tooling could be much, much faster
N.B. Ruff now supports over 200 lint rules and is used in major open-source projects like FastAPI, Bokeh, Zulip, and Pydantic. It’s also about ~50% faster than the benchmarks advertised in this blog post. Try it today! Over the past few years, there’s been a mindset shift in JavaScript ecosystem, best summarized as: “our tools should be extremely fastâ€. As projects grew in complexity, and builds s
GitHub - dagster-io/dagster: An orchestration platform for the development, production, and observation of data assets.
Dagster is a cloud-native data pipeline orchestrator for the whole development lifecycle, with integrated lineage and observability, a declarative programming model, and best-in-class testability. It is designed for developing and maintaining data assets, such as tables, data sets, machine learning models, and reports. With Dagster, you declare—as Python functions—the data assets that you want to
Web Browser Engineering
Web browsers are ubiquitous, but how do they work? This book explains, building a basic but complete web browser, from networking to JavaScript, in a couple thousand lines of Python. The cover for Web Browser Engineering, from Oxford University Press Pre-order Web Browser Engineering Web Browser Engineering will be published by Oxford University Press before the end of the year. To get it as soon
GitHub - alphacep/vosk-api: Offline speech recognition API for Android, iOS, Raspberry Pi and servers with Python, Java, C# and Node
Vosk is an offline open source speech recognition toolkit. It enables speech recognition for 20+ languages and dialects - English, Indian English, German, French, Spanish, Portuguese, Chinese, Russian, Turkish, Vietnamese, Italian, Dutch, Catalan, Arabic, Greek, Farsi, Filipino, Ukrainian, Kazakh, Swedish, Japanese, Esperanto, Hindi, Czech, Polish. More to come. Vosk models are small (50 Mb) but p
リリースã€éšœå®³æƒ…å ±ãªã©ã®ã‚µãƒ¼ãƒ“スã®ãŠçŸ¥ã‚‰ã›
最新ã®äººæ°—エントリーã®é…ä¿¡
j次ã®ãƒ–ックマーク
kå‰ã®ãƒ–ックマーク
lã‚ã¨ã§èªã‚€
eコメント一覧を開ã
oページを開ã
Japan Blames North Korea for PyPI Supply Chain Cyberattack
Amazon.co.jp: 実装ã§å¦ã¶ãƒ•ãƒ«ã‚¹ã‚¿ãƒƒã‚¯Web開発 エンジニアã®è¦–野ã¨çŸ¥è˜ã‚’広ã’る「一気通貫ã€åž‹ãƒãƒ³ã‚ºã‚ªãƒ³: æ ªå¼ä¼šç¤¾ã‚ªãƒ¼ãƒ—ントーン, ä½è—¤å¤§è¼”, 伊æ±ç›´å–œ, 上野啓二: 本
CVE-2022-0329 and the problems with automated vulnerability management
Getting Started with Natural Language Processing
Security concerns · Issue #1026 · langchain-ai/langchain
GitHub - langchain-ai/langchain: 🦜🔗 Build context-aware reasoning applications
GitHub - Layout-Parser/layout-parser: A Unified Toolkit for Deep Learning Based Document Image Analysis
GitHub - exaloop/codon: A high-performance, zero-overhead, extensible Python compiler using LLVM
GitHub - huggingface/tokenizers: 💥 Fast State-of-the-Art Tokenizers optimized for Research and Production
GitHub - taishi-i/awesome-japanese-nlp-resources: A curated list of resources dedicated to Python libraries, LLMs, dictionaries, and corpora of NLP for Japanese
{{#tags}}- {{label}}
{{/tags}}