[Catalog-sig] I removed a egg in pypi

julien tayon julien at tayon.net
Thu Aug 9 17:46:35 CEST 2012

2012/8/9 Pablo Martin <pmartin at yaco.es>:
> Hi,

For the future, you can use
http://pypi.python.org/pypi/pypi-stat/1.2.2 : it stores a time serie
of a package stats, upload, revisions ... locally in an easily
accessible json.

btw, I intend for research purpose to upload a malvelant package on
pypi to test the security. Would calling it dont_install a good idea?
(it would modify a dotfile (.bashrc), delete or create a file in the
PATH, call an outer webservice to simulate an information leak). The
doc would ofc tell DONT INSTALL.

I also want to test the openBSD pkg_add (systrace jails/stuff) to
propose an automated installation checking for malvolent stuff this


More information about the Catalog-SIG mailing list