
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
flake8-nb
Advanced tools
flake8 checking for jupyter notebooks.
This tool is mainly aimed towards writing tutorials/lecture material, where one might also want to show off bad practices and/or errors, while still keeping the rest of the code clean and without adding the complexity of tooling to the readers (see docs on cell tags).
Basically this is a hack on the flake8's Application class,
which adds parsing and a cell based formatter for *.ipynb files.
This is NOT A PLUGIN but a stand alone CLI tool/pre-commit hook to be used instead of the flake8 command/hook.
flake8 and its pluginsflake8-noqa-tags see usage)If you had a notebook with name example_notebook.ipynb, where the code cell
which was executed as 34th cell (In[34]) had the following code:
bad_formatted_dict = {"missing":"space"}
running flake8_nb would result in the following output.
$ flake8_nb example_notebook.ipynb
example_notebook.ipynb#In[34]:1:31: E231 missing whitespace after ':'
If you prefer the reports to show the cell number rather then the execution count you
can use the --notebook-cell-format option, given that the cell is the 5th code cell
and 10th total cell (taking raw and markdown cells into account),
you will get the following output.
$ flake8_nb --notebook-cell-format '{nb_path}:code_cell#{code_cell_count}' example_notebook.ipynb
example_notebook.ipynb:code_cell#5:1:31: E231 missing whitespace after ':'
$ flake8_nb --notebook-cell-format '{nb_path}:cell#{total_cell_count}' example_notebook.ipynb
example_notebook.ipynb:cell#10:1:31: E231 missing whitespace after ':'
Thanks goes to these wonderful people (emoji key):
Sebastian Weigand 💻 🤔 🚧 📆 🚇 ⚠️ 📖 | Jt Miclat 🐛 | Philipp Eisenhauer 🐛 | Shoma Okamoto ⚠️ | Marco Gorelli 🔧 📖 | Tony Hirst 🤔 | Dobatymo 🐛 |
Alp Arıbal 🐛 | 1kastner 🐛 | Dominique Sydow 🐛 | Liam Keegan 🐛 💻 |
This project follows the all-contributors specification. Contributions of any kind welcome!
FAQs
Flake8 based checking for jupyter notebooks
We found that flake8-nb demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.