[Numpy-discussion] request to remove the numpy-aarch64 package from PyPI
Charles R Harris
charlesr.harris at gmail.com
Sun Jun 13 21:21:33 EDT 2021
On Sun, Jun 13, 2021 at 10:47 AM Ralf Gommers <ralf.gommers at gmail.com>
> Hi all,
> FYI, I noticed this package that claimed to be maintained by us:
> https://pypi.org/project/numpy-aarch64/. That's not ours, so I tried to
> contact the author (no email provided, but guessed the same username on
> GitHub) and asked to remove it:
> There are a very large number of packages with "numpy" in the name on
> PyPI, and there's no way we can audit/police that effectively, but if it's
> a rebuild that pretends like it's official then I think it's worth doing
> something about. It could contain malicious code for all we know.
That is a pretty misleading package description, would have fooled me if I
didn't know better. I didn't get the impression it was malicious, but still
. . .
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the NumPy-Discussion