Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
The CVXPY documentation is at cvxpy.org.
We are building a CVXPY community on Discord. Join the conversation! For issues and long-form discussions, use Github Issues and Github Discussions.
Contents
CVXPY is a Python-embedded modeling language for convex optimization problems. It allows you to express your problem in a natural way that follows the math, rather than in the restrictive standard form required by solvers.
For example, the following code solves a least-squares problem where the variable is constrained by lower and upper bounds:
import cvxpy as cp
import numpy
# Problem data.
m = 30
n = 20
numpy.random.seed(1)
A = numpy.random.randn(m, n)
b = numpy.random.randn(m)
# Construct the problem.
x = cp.Variable(n)
objective = cp.Minimize(cp.sum_squares(A @ x - b))
constraints = [0 <= x, x <= 1]
prob = cp.Problem(objective, constraints)
# The optimal objective is returned by prob.solve().
result = prob.solve()
# The optimal value for x is stored in x.value.
print(x.value)
# The optimal Lagrange multiplier for a constraint
# is stored in constraint.dual_value.
print(constraints[0].dual_value)
With CVXPY, you can model
CVXPY is not a solver. It relies upon the open source solvers Clarabel, SCS, and OSQP. Additional solvers are available, but must be installed separately.
CVXPY began as a Stanford University research project. It is now developed by many people, across many institutions and countries.
CVXPY is available on PyPI, and can be installed with
pip install cvxpy
CVXPY can also be installed with conda, using
conda install -c conda-forge cvxpy
CVXPY has the following dependencies:
For detailed instructions, see the installation guide.
To get started with CVXPY, check out the following:
We encourage you to report issues using the Github tracker. We welcome all kinds of issues, especially those related to correctness, documentation, performance, and feature requests.
For basic usage questions (e.g., "Why isn't my problem DCP?"), please use StackOverflow instead.
The CVXPY community consists of researchers, data scientists, software engineers, and students from all over the world. We welcome you to join us!
Please be respectful in your communications with the CVXPY community, and make sure to abide by our code of conduct.
We appreciate all contributions. You don't need to be an expert in convex optimization to help out.
You should first install CVXPY from source. Here are some simple ways to start contributing immediately:
If you'd like to add a new example to our library, or implement a new feature, please get in touch with us first to make sure that your priorities align with ours.
Contributions should be submitted as pull requests. A member of the CVXPY development team will review the pull request and guide you through the contributing process.
Before starting work on your contribution, please read the contributing guide.
CVXPY is a community project, built from the contributions of many researchers and engineers.
CVXPY is developed and maintained by Steven Diamond, Akshay Agrawal, Riley Murray, Philipp Schiele, and Bartolomeo Stellato, with many others contributing significantly. A non-exhaustive list of people who have shaped CVXPY over the years includes Stephen Boyd, Eric Chu, Robin Verschueren, Jaehyun Park, Enzo Busseti, AJ Friend, Judson Wilson, Chris Dembia, and Parth Nobel.
For more information about the team and our processes, see our governance document.
If you use CVXPY for academic work, we encourage you to cite our papers. If you use CVXPY in industry, we'd love to hear from you as well, on Discord or over email.
FAQs
A domain-specific language for modeling convex optimization problems in Python.
We found that cvxpy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.