Hello, hope you're doing well. I greatly appreciate the effort of you
people to make open source projects like you do, but I must ask.
I have heard that security is quite lax when installing modules using the
most popular sites for Python modules. Would you know of how I would
protect myself more from potentially malicious fakes of popular Python
I've recently released version 0.3.3 of distlib on PyPI . For newcomers,
distlib is a library of packaging functionality which is intended to be
usable as the basis for third-party packaging tools.
The main changes in this release are as follows:
* Fixed #152: Removed splituser() function which wasn't used and is deprecated.
* Fixed #149: Handle version comparisons correctly in environment markers.
* Add ARM-64 launchers and support code to use them. Thanks to Niyas Sait and
Adrian Vladu for their contributions.
* Fixed #148: Handle a single trailing comma following a version. Thanks to Blazej
Floch for the report and suggested fix.
* Fixed #150: Fix incorrect handling of epochs.
* Reverted handling of tags for Python >= 3.10 (use 310 rather than 3_10). This is
because PEP 641 was rejected.
* Added a GitHub Actions workflow to perform tests.
A more detailed change log is available at .
Please try it out, and if you find any problems or have any suggestions for improvements,
please give some feedback using the issue tracker!