Security News
High-Severity RCE Vulnerability Disclosed in next-mdx-remote
HashiCorp disclosed a high-severity RCE in next-mdx-remote affecting versions 4.3.0 to 5.x when compiling untrusted MDX on the server.
By Sarah Gooding - Feb 12, 2026
Latest Threat Research:Malicious dYdX Packages Published to npm and PyPI After Maintainer Compromise.Details →
matplotlib
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 3.8.0rc1
- Maintainers
- 3
Matplotlib is a comprehensive library for creating static, animated, and interactive visualizations in Python.
Check out our home page for more information.
Matplotlib produces publication-quality figures in a variety of hardcopy formats and interactive environments across platforms. Matplotlib can be used in Python scripts, Python/IPython shells, web application servers, and various graphical user interface toolkits.
Install
See the install
documentation,
which is generated from /doc/install/index.rst
Contribute
You've discovered a bug or something else you want to change — excellent!
You've worked out a way to fix it — even better!
You want to tell us about it — best of all!
Start at the contributing guide!
Contact
Discourse is the discussion forum for general questions and discussions and our recommended starting point.
Our active mailing lists (which are mirrored on Discourse) are:
- Users mailing list: matplotlib-users@python.org
- Announcement mailing list: matplotlib-announce@python.org
- Development mailing list: matplotlib-devel@python.org
Gitter is for coordinating development and asking questions directly related to contributing to matplotlib.
Citing Matplotlib
If Matplotlib contributes to a project that leads to publication, please acknowledge this by citing Matplotlib.
A ready-made citation entry is available.
FAQs
Python plotting package
We found that matplotlib demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
OpenClaw Skill Marketplace Emerges as Active Malware Vector
Security researchers report widespread abuse of OpenClaw skills to deliver info-stealing malware, exposing a new supply chain risk as agent ecosystems scale.
By Sarah Gooding - Feb 09, 2026
Security News
The Next Open Source Security Race: Triage at Machine Speed
Claude Opus 4.6 has uncovered more than 500 open source vulnerabilities, raising new considerations for disclosure, triage, and patching at scale.
By Sarah Gooding - Feb 06, 2026