Security News
pnpm 10.0.0 Blocks Lifecycle Scripts by Default
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
ldap
on PyPIThis dummy project is not installable.
You probably want python-ldap
instead.
The widely used python-ldap project provides
an importable module named ldap
.
This goes against the convention that PyPI distribution names should match the module names. But, python-ldap pre-dates wide use of that convention, and the issue is hard to fix now.
Please install python-ldap
to get the LDAP bindings.
The ldap
name on PyPI was used for an unrelated collection of
LDAP-related utilities, which is not as popular, and confused users who
install ldap
to get the ldap
module.
The project is no longer developed.
It is archived as 1.0.x
releases on PyPI, and on
GitHub.
This could have been a placeholder package that depends on python-ldap
,
saving you the trouble of reading this message.
However, pip
has trouble
with differently-named packages that provide the same module.
When you see the exception:
ModuleNotFoundError: No module named 'foo'
… please research the actual requirements instead of going directly for
pip install foo
.
The project (distribution) name may differ from the module(s) it
provides.
FAQs
Placeholder for the ldap name
We found that ldap demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
pnpm 10 blocks lifecycle scripts by default to improve security, addressing supply chain attack risks but sparking debate over compatibility and workflow changes.
Product
Socket now supports uv.lock files to ensure consistent, secure dependency resolution for Python projects and enhance supply chain security.
Research
Security News
Socket researchers have discovered multiple malicious npm packages targeting Solana private keys, abusing Gmail to exfiltrate the data and drain Solana wallets.