Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
giturlparse2
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 1.0.0
- Maintainers
- 1
=========== giturlparse
Parse & rewrite git urls (supports GitHub, Bitbucket, FriendCode, Assembla, Gitlab ...)
This is again a fork, now fork of https://github.com/nephila/giturlparse. Original project can be found at https://github.com/FriendCode/giturlparse.py
Installing
::
pip install giturlparse
Examples
Exposed attributes
platform: platform codenamehost: server hostnameresource: same ashostport: URL port (only if explicitly defined in URL)protocol: URL protocol (git, ssh, http/https)protocols: list of protocols explicitly defined in URLuser: repository userowner: repository owner (user or organization)repo: repository namename: same asrepogroups: list of groups - gitlab onlypath: path to file or directory (includes the branch name) - gitlab / github onlypath_raw: raw path starting from the repo name (might include platform keyword) - gitlab / github onlybranch: branch name (when parseable) - gitlab / github only
Parse
::
from giturlparse import parse
p = parse('git@bitbucket.org:AaronO/some-repo.git')
p.host, p.owner, p.repo
# => ('bitbucket.org', 'AaronO', 'some-repo')
Rewrite
::
from giturlparse import parse
url = 'git@github.com:Org/Private-repo.git'
p = parse(url)
p.url2ssh, p.url2https, p.url2git, p.url2http
# => ('git@github.com:Org/Private-repo.git', 'https://github.com/Org/Private-repo.git', 'git://github.com/Org/Private-repo.git', None)
URLS
Alternative URLs for same repo::
from giturlparse import parse
url = 'git@github.com:Org/Private-repo.git'
parse(url).urls
# => {
# 'ssh': 'git@github.com:Org/Private-repo.git',
# 'https': 'https://github.com/Org/Private-repo.git',
# 'git': 'git://github.com/Org/Private-repo.git'
# }
Validate
::
from giturlparse import parse, validate
url = 'git@github.com:Org/Private-repo.git'
parse(url).valid
# => True
# Or
validate(url)
# => True
Tests
::
python -munittest
License
Apache v2 (Check out LICENSE file)
.. :changelog:
History
.. towncrier release notes start
1.0.0 (2023-07-22)
Features
- Add parsing variable for user to gitlab parser (#47)
- Add support for Python 3.8+ (#48)
Bugfixes
- Update tests invocation method to avoid future breakages (#29)
- Update linting tools and fix code style (#34)
- Add more github use cases (#43)
- Fix parsing generic git url (#46)
0.10.0 (2020-12-05)
Features
- General matching improvements (#18)
- Update tooling, drop python2 (#10213)
0.9.2 (2018-10-27)
- Removed "s" from the base platform regex
- Fix license classifier in setup.py
- Update meta files
0.9.1 (2018-01-20)
- First fork release
Keywords
FAQs
A Git URL parsing module (supports parsing and rewriting)
We found that giturlparse2 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025