Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
|PyPi| |Azure| |ReadTheDocs| |Codecov|
.. |PyPi| image:: https://badge.fury.io/py/joblib.svg :target: https://badge.fury.io/py/joblib :alt: Joblib version
.. |Azure| image:: https://dev.azure.com/joblib/joblib/_apis/build/status/joblib.joblib?branchName=main :target: https://dev.azure.com/joblib/joblib/_build?definitionId=3&_a=summary&branchFilter=40 :alt: Azure CI status
.. |ReadTheDocs| image:: https://readthedocs.org/projects/joblib/badge/?version=latest :target: https://joblib.readthedocs.io/en/latest/?badge=latest :alt: Documentation Status
.. |Codecov| image:: https://codecov.io/gh/joblib/joblib/branch/main/graph/badge.svg :target: https://codecov.io/gh/joblib/joblib :alt: Codecov coverage
The homepage of joblib with user documentation is located on:
To get the latest code using git, simply type::
git clone https://github.com/joblib/joblib.git
If you don't have git installed, you can download a zip of the latest code: https://github.com/joblib/joblib/archive/refs/heads/main.zip
You can use pip
to install joblib::
pip install joblib
from any directory or::
python setup.py install
from the source directory.
loky <https://github.com/tomMoral/loky>
_ for process management.python-lz4 <https://pypi.python.org/pypi/lz4>
_ as a faster alternative to
zlib and gzip for compressed serialization.Building the docs
_ section for details.To contribute to joblib, first create an account on github <https://github.com/>
. Once this is done, fork the joblib repository <https://github.com/joblib/joblib>
to have your own repository,
clone it using 'git clone' on the computers where you want to work. Make
your changes in your clone, push them to your github account, test them
on several computers, and when you are happy with them, send a pull
request to the main repository.
To run the test suite, you need the pytest (version >= 3) and coverage modules. Run the test suite using::
pytest joblib
from the root of the project.
To build the docs you need to have sphinx (>=1.4) and some dependencies installed::
pip install -U -r .readthedocs-requirements.txt
The docs can then be built with the following command::
make doc
The html docs are located in the doc/_build/html
directory.
To create a source tarball, eg for packaging or distributing, run the following command::
python setup.py sdist
The tarball will be created in the dist
directory. This command will
compile the docs, and the resulting tarball can be installed with
no extra dependencies than the Python standard library. You will need
setuptool and sphinx.
This command is only run by project manager, to make a release, and upload in to PyPI::
python setup.py sdist bdist_wheel
twine upload dist/*
Note that the documentation should automatically get updated at each git push. If that is not the case, try building th doc locally and resolve any doc build error (in particular when running the examples).
Changes are listed in the CHANGES.rst file. They must be manually updated but, the following git command may be used to generate the lines::
git log --abbrev-commit --date=short --no-merges --sparse
FAQs
Lightweight pipelining with Python functions
We found that joblib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.