
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
django-shortuuidfield
Advanced tools
Short UUIDField for Django. Good for use in urls & file names. (Base 57, 22 characters)
Provides a ShortUUIDField for your Django models which uses the base-57 "Short UUID" package at https://github.com/stochastic-technologies/shortuuid/ .
Originally, a fork from David Cramer's excellent django-uuidfield, but not much is left of that besides a bit of structure.
Install it with pip (or easy_install)::
pip install django-shortuuidfield
First you'll need to attach a ShortUUIDField to your class. This acts as a char(22) to maintain compatibility with SQL versions::
from shortuuidfield import ShortUUIDField
class MyModel(models.Model):
uuid = ShortUUIDField()
Enjoy!
ShortUUIDField is a subclass of django.db.models.CharField
You can pass usual Django CharField parameters on init, although some of them are added/overwritten:
Uses shortuuid.uuid() that generates uuid4 random values
FAQs
Short UUIDField for Django. Good for use in urls & file names. (Base 57, 22 characters)
We found that django-shortuuidfield demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A malicious package uses a QR code as steganography in an innovative technique.
Research
/Security News
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
Application Security
/Research
/Security News
Socket detected multiple compromised CrowdStrike npm packages, continuing the "Shai-Hulud" supply chain attack that has now impacted nearly 500 packages.