Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This is a collection of functions for classroom instruction in
introductory physics. This is basically using ipython as a calculator
that displays the calculation and the results.
Typical usage to make a set of useful functions available in ipython:
from classroom_gizmos.handies import *
classroom_gizmos.handies is a collection of small functions
that are
useful from an ipython prompt.
Note: Imports from astropy, PyQt5, and func_timeout
Certain functions and functionality are not available when some of the
imported packages are unavailable.
The mine() function lists all the user functions defined
in handies.py.
cdbn(), osname(), getCCode()
hostname(), call(), rad(), deg(), sinD(), cosD(), tanD(),
asinD(), acosD(), atanD(), atan2D(), atan2P(), nCr(), comb(),
pltsize(), select_file(), select_file_timeout(), getTS(), timeStampStr(),
isInstalled(), randomLetter(), randomElement(), count_down()
mine()
cls (iPython magic %cls) outputs 23 blank lines.
clsall() deletes previous text using ascii control character.
Trig Functions in Degrees
'D' and 'P' trig functions work with degrees.
'P' inverse functions return only positive angles.
greeks ⟶ a string with greek alphabet.
pltsize( w, h, dpi=150) ⟶ resizes plots in matplotlib.
getTS() ⟶ returns a readable time stamp string.
isInstalled( pkgNameStr) ⟶ returns package or None if pkg is not installed.
timeStampStr() ⟶ returns a readable, timestamp string.
From random imports randint and defines randomLetter
mine() ⟶ lists what handies.py defines.
select_file and select_file_timeout
pi, sqrt, cos, sin, tan, acos, asin, atan, atan2, degrees, radians, log, log10, exp
Defines nowMJD(); mjd2date(), date2mjd().
Imports astropy.units as "u", i.e. u.cm or u.GHz
The variable
IsInteractive is True if in interpreter, False if running from command line.
Line magic cls is defined, outputs 23 blank lines to 'clear' screen.<
Sets ipython numeric format to %.5g
This module implements a file browser that can be used
in a Jupyter Notebook. (Not usable in Jupyter lab.)
Typical Usage:
from classroom_gizmos.jupyter_file_browser import box, get_file_path
box
A file select widget will be created below that cell.
In a following notebook cell:
path = get_file_path() ## returns path of currently selected file in
the file select cell.
pkg = importInstall( 'pkg_name')
OR
pkg = importInstall( 'pkg_name, 'PyPI_name')
This function tries to import a specified package and if that fails,
it tries to install the package and then import it.
importInstall was written so that python programs can be
distributed to students without detailed instructions on checking if
packages are installed
and information on installing the needed packages.
The function returns the package or None.
Warning: importInstall can not install all packages. It is less likely to install a package that is not pure python.
decCredit() returns perl code for use in WebAssign answer credit calculations. Convenience functions:
BBPdecCredit(), InCdecCredit(),
HWdecCredit(), getCCode()
All functions should have doc strings that give more information about usage and parameters.
FAQs
Several small functions for classroom instruction.
We found that classroom-gizmos demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.