kw-json — Security Research PoC
This package is a proof-of-concept for a HackerOne bug bounty report.
Researcher: ferox0101
This package demonstrates a dependency confusion / typosquatting vulnerability
affecting Kiwi.com's kiwi-json library (which imports as kw.json).
A developer typing pip install kw-json instead of pip install kiwi-json
would install this package instead of the intended Kiwi.com library.
This package is intentionally empty and harmless.
It will be transferred to Kiwi.com or removed upon resolution of the security report.