Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
By Socket Research Team - Dec 02, 2024
Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
Sorry we don't scan binary artifacts yet
- Maintainers
- 1
graphlib backport
Backport of the Python 3.9 graphlib module for older Python versions.
Github: https://github.com/mariushelf/graphlib_backport
Supported versions
This backport currently supports Python 3.6, 3.7, 3.8, 3.9, 3.10, 3.11 and pypy3 (tested with pypy3.6, 3.7, 3.8 and 3.9).
Support for Python 3.6 and 3.7 is somewhat experimental and due to be dropped because of the end of support for these old versions.
Installation
pip install graphlib_backport
It is recommended to limit installation of this package to version of Python <3.9 and use the original implementation for Python >=3.9.
For example in a poetry pyproject.toml this can be done
by specifying the dependency as a
Python restricted dependency:
[tool.poetry.dependencies]
graphlib_backport = {version="^1.0.0", python="<3.9"}
Usage
The package works the very same way as the original package. Here's the documentation.
Development
The sourcecode is hosted on github. To develop on this package, just clone it, work on it and submit a pull request.
Dev requirements
For testing against different Python versions, tox is required.
To download the latest original sourcecode into the repository, there is a make target:
make download_sourcecode
Warning: This overwrites the code in this repo. By default it uses the tag v3.9.0,
but you can overwrite that with a tag environment variable.
Running tests
As simple as running tox on the command line.
The executables for all python versions must be in the path, e.g,
python3.6, ..., python3.9, pypy3.
You can install them with pyenv.
Publishing a new version
Create a new tag and create a new release on Github. This will automatically publish the package to PyPI.
Changelog
See CHANGELOG.md
Thanks
I did not create this code -- I only repackaged it so it can be pip-installed into older versions of Python.
So all thanks go to the original contributors of the original sourcecode.
License
Copyright © 2001-2023 Python Software Foundation; All Rights Reserved
Changes to the sourcecode and the tests: replace incompatible code
(e.g., the := walrus operator) with constructions compatible to
earlier versions of Python, and make the tests pass on all supported
versions.
FAQs
Backport of the Python 3.9 graphlib module for Python 3.6+
We found that graphlib-backport demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Research
Typosquatting Cryptographic Libraries: Malicious npm Packages Threaten Crypto Developers with Keylogging and Wallet Theft
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
By Kirill Boychenko - Nov 27, 2024
Security News
Weekly Downloads Now Available in npm Package Search Results
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.
By Sarah Gooding - Nov 26, 2024