
Research
PyPI Package Disguised as Instagram Growth Tool Harvests User Credentials
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Python bindings for the H3 core library.
From PyPI:
pip install h3
From conda:
conda config --add channels conda-forge
conda install h3-py
>>> import h3
>>> lat, lng = 37.769377, -122.388903
>>> resolution = 9
>>> h3.latlng_to_cell(lat, lng, resolution)
'89283082e73ffff'
We provide multiple APIs in h3-py
.
Browse a collection of example notebooks, and if you have examples or visualizations of your own, please feel free to contribute!
We also have an introductory walkthrough of the API.
h3-py
wraps the H3 core library,
which is written in C.
The C and Python projects each employ
semantic versioning,
where versions take the form X.Y.Z
.
The h3-py
version string is guaranteed to match the C library string
in both major and minor numbers (X.Y
), but may differ on the
patch (Z
) number.
This convention provides users with information on breaking changes and
feature additions, while providing downstream bindings (like this one!)
with the versioning freedom to fix bugs.
Use h3.versions()
to see the version numbers for both
h3-py
and the C library. For example,
>>> import h3
>>> h3.versions()
{'c': '4.1.0', 'python': '4.1.1'}
FAQs
Uber's hierarchical hexagonal geospatial indexing system
We found that h3 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
A deceptive PyPI package posing as an Instagram growth tool collects user credentials and sends them to third-party bot services.
Product
Socket now supports pylock.toml, enabling secure, reproducible Python builds with advanced scanning and full alignment with PEP 751's new standard.
Security News
Research
Socket uncovered two npm packages that register hidden HTTP endpoints to delete all files on command.