
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
:info: Simple lru cache for asyncio
.. image:: https://github.com/aio-libs/async-lru/actions/workflows/ci-cd.yml/badge.svg?event=push :target: https://github.com/aio-libs/async-lru/actions/workflows/ci-cd.yml?query=event:push :alt: GitHub Actions CI/CD workflows status
.. image:: https://img.shields.io/pypi/v/async-lru.svg?logo=Python&logoColor=white :target: https://pypi.org/project/async-lru :alt: async-lru @ PyPI
.. image:: https://codecov.io/gh/aio-libs/async-lru/branch/master/graph/badge.svg :target: https://codecov.io/gh/aio-libs/async-lru
.. image:: https://img.shields.io/matrix/aio-libs:matrix.org?label=Discuss%20on%20Matrix%20at%20%23aio-libs%3Amatrix.org&logo=matrix&server_fqdn=matrix.org&style=flat :target: https://matrix.to/#/%23aio-libs:matrix.org :alt: Matrix Room — #aio-libs:matrix.org
.. image:: https://img.shields.io/matrix/aio-libs-space:matrix.org?label=Discuss%20on%20Matrix%20at%20%23aio-libs-space%3Amatrix.org&logo=matrix&server_fqdn=matrix.org&style=flat :target: https://matrix.to/#/%23aio-libs-space:matrix.org :alt: Matrix Space — #aio-libs-space:matrix.org
.. code-block:: shell
pip install async-lru
This package is a port of Python's built-in functools.lru_cache <https://docs.python.org/3/library/functools.html#functools.lru_cache>
_ function for asyncio <https://docs.python.org/3/library/asyncio.html>
_. To better handle async behaviour, it also ensures multiple concurrent calls will only result in 1 call to the wrapped function, with all await
\s receiving the result of that call when it completes.
.. code-block:: python
import asyncio
import aiohttp
from async_lru import alru_cache
@alru_cache(maxsize=32)
async def get_pep(num):
resource = 'http://www.python.org/dev/peps/pep-%04d/' % num
async with aiohttp.ClientSession() as session:
try:
async with session.get(resource) as s:
return await s.read()
except aiohttp.ClientError:
return 'Not Found'
async def main():
for n in 8, 290, 308, 320, 8, 218, 320, 279, 289, 320, 9991:
pep = await get_pep(n)
print(n, len(pep))
print(get_pep.cache_info())
# CacheInfo(hits=3, misses=8, maxsize=32, currsize=8)
# closing is optional, but highly recommended
await get_pep.cache_close()
asyncio.run(main())
TTL (time-to-live in seconds, expiration on timeout) is supported by accepting ttl
configuration
parameter (off by default):
.. code-block:: python
@alru_cache(ttl=5)
async def func(arg):
return arg * 2
The library supports explicit invalidation for specific function call by
cache_invalidate()
:
.. code-block:: python
@alru_cache(ttl=5)
async def func(arg1, arg2):
return arg1 + arg2
func.cache_invalidate(1, arg2=2)
The method returns True
if corresponding arguments set was cached already, False
otherwise.
The library was donated by Ocean S.A. <https://ocean.io/>
_
Thanks to the company for contribution.
FAQs
Simple LRU cache for asyncio
We found that async-lru demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.