niftycent.com
NiftyCent
US
Login
Marketplace
Discounts

Show HN: Pipask – safer pip without compromising convenience

Pipask is a drop-in replacement for pip that addresses a serious security flaw: standard pip executes arbitrary code from source distributions during dependency resolution, without warning or consent.

Pipask retrieves metadata through PyPI's JSON API first, then checks repository popularity, download counts, package age, and known vulnerabilities before allowing installation. It presents you with a pretty report and asks for you consent with installation, giving you control over what code runs on your system.

More details in the intro blog post: https://medium.com/data-science-collective/pipask-know-what-...

Comments URL: https://news.ycombinator.com/item?id=43878987

Points: 40

# Comments: 28

https://github.com/feynmanix/pipask

Created 2d | May 3, 2025, 9:10:11 PM


Login to add comment

Other posts in this group

Pixels in Islamic art: square Kufic calligraphy
Pixels in Islamic art: square Kufic calligraphy

Article URL: https://uwithumlaut.wordpress.com/2020/07/24/pixels-in-islamic-art-square-kufic-

May 6, 2025, 6:50:14 AM | Hacker news
An Interactive Debugger for Rust Trait Errors
An Interactive Debugger for Rust Trait Errors

Article URL: https://cel.cs.brown.edu/blog/an-interactive-debugger-for-rust-trait-errors/

Comments

May 6, 2025, 6:50:14 AM | Hacker news
Can you smuggle data in an ID card photo?
Can you smuggle data in an ID card photo?

Article URL: https://informatykzakladowy.pl/pierwszy-na-swiecie-dowod-osobisty-z-reklama-bloga/

May 6, 2025, 6:50:07 AM | Hacker news
The curse of knowing how, or; fixing everything
The curse of knowing how, or; fixing everything

Article URL: https://notashelf.dev/posts/curse-of-knowing

Comments URL: ht

May 6, 2025, 6:50:07 AM | Hacker news
"Sneakers" film released in 4k, struck from original camera negative
"Sneakers" film released in 4k, struck from original camera negative

Article URL: https://www.blu-ray.com/movies/Sneakers-Blu-ray/381411/

Comments URL:

May 6, 2025, 6:50:05 AM | Hacker news
Faster sorting with SIMD CUDA intrinsics (2024)
Faster sorting with SIMD CUDA intrinsics (2024)

Code at https://github.com/wiwa/blog-code/

Comments URL: https://news.ycombinat

May 6, 2025, 4:30:10 AM | Hacker news
Show HN: I built a 7-day calendar app – no months or years, just the next 7 days
Show HN: I built a 7-day calendar app – no months or years, just the next 7 days

Article URL: https://weeklong.life/

Comments URL: https://news.ycombinator.com/item?id=43900264

May 6, 2025, 4:30:10 AM | Hacker news
Techie
Techie