
Research
/Security News
Bitwarden CLI Compromised in Ongoing Checkmarx Supply Chain Campaign
Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.
anyio
Advanced tools
.. image:: https://github.com/agronholm/anyio/actions/workflows/test.yml/badge.svg :target: https://github.com/agronholm/anyio/actions/workflows/test.yml :alt: Build Status .. image:: https://coveralls.io/repos/github/agronholm/anyio/badge.svg?branch=master :target: https://coveralls.io/github/agronholm/anyio?branch=master :alt: Code Coverage .. image:: https://readthedocs.org/projects/anyio/badge/?version=latest :target: https://anyio.readthedocs.io/en/latest/?badge=latest :alt: Documentation .. image:: https://badges.gitter.im/gitterHQ/gitter.svg :target: https://gitter.im/python-trio/AnyIO :alt: Gitter chat .. image:: https://tidelift.com/badges/package/pypi/anyio :target: https://tidelift.com/subscription/pkg/pypi-anyio :alt: Tidelift
AnyIO is an asynchronous networking and concurrency library that works on top of either asyncio_ or
Trio_. It implements Trio-like structured concurrency_ (SC) on top of asyncio and works in harmony
with the native SC of Trio itself.
Applications and libraries written against AnyIO's API will run unmodified on either asyncio_ or Trio_. AnyIO can also be adopted into a library or application incrementally – bit by bit, no full refactoring necessary. It will blend in with the native libraries of your chosen backend.
To find out why you might want to use AnyIO's APIs instead of asyncio's, you can read about it
here <https://anyio.readthedocs.io/en/stable/why.html>_.
View full documentation at: https://anyio.readthedocs.io/
AnyIO offers the following functionality:
Task groups (nurseries_ in trio terminology)
High-level networking (TCP, UDP and UNIX sockets)
Happy eyeballs_ algorithm for TCP connections (more robust than that of asyncio on Python
3.8)A versatile API for byte streams and object streams
Inter-task synchronization and communication (locks, conditions, events, semaphores, object streams)
Worker threads
Subprocesses
Subinterpreter support for code parallelization (on Python 3.13 and later)
Asynchronous file I/O (using worker threads)
Signal handling
Asynchronous version of the functools_ module
AnyIO also comes with its own pytest_ plugin which also supports asynchronous fixtures. It even works with the popular Hypothesis_ library.
.. _asyncio: https://docs.python.org/3/library/asyncio.html .. _Trio: https://github.com/python-trio/trio .. _structured concurrency: https://en.wikipedia.org/wiki/Structured_concurrency .. _nurseries: https://trio.readthedocs.io/en/stable/reference-core.html#nurseries-and-spawning .. _Happy eyeballs: https://en.wikipedia.org/wiki/Happy_Eyeballs .. _pytest: https://docs.pytest.org/en/latest/ .. _functools: https://docs.python.org/3/library/functools.html .. _Hypothesis: https://hypothesis.works/
To report a security vulnerability, please use the Tidelift security contact_.
Tidelift will coordinate the fix and disclosure.
.. _Tidelift security contact: https://tidelift.com/security
FAQs
High-level concurrency and networking framework on top of asyncio or Trio
We found that anyio demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 5 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
/Security News
Bitwarden CLI 2026.4.0 was compromised in the Checkmarx supply chain campaign after attackers abused a GitHub Action in Bitwarden’s CI/CD pipeline.

Research
/Security News
Docker and Socket have uncovered malicious Checkmarx KICS images and suspicious code extension releases in a broader supply chain compromise.

Product
Stay on top of alert changes with filtered subscriptions, batched summaries, and notification routing built for triage.