Security News
Another Round of TEA Protocol Spam Floods npm, But It’s Not a Worm
Recent coverage mislabels the latest TEA protocol spam as a worm. Here’s what’s actually happening.
By Philipp Burckhardt - Nov 14, 2025
metacatalog
Advanced tools
- Version
- 0.7.3
- Maintainers
- 2
metacatalog
| CI | Status |
|---|---|
| Unit tests |  |
| Documentation |  |
| Deployment |  |
Management tool for the V-FOR-WaTer metadata database application. Although developed in and for the V-FOR-WaTer project, metacatalog is a standalone database application, that can be used on its own.
Docs
The full documentation is available at: https://vforwater.github.io/metacatalog
Installation description is given at: https://vforwater.github.io/metacatalog/home/install.html
Quickstart
Install metacatalog:
pip install metacatalog
With a Postgis database called metacatalog installed at localhost:5432 you can store a default connection like:
Be aware that any password saved along with the default connection is saved in clear-text!!
metacatalog connection --save postgresql://postgres:<masterpassword>@localhost:5432/metacatalog
Refer to the connection documentation to learn about all possibilities to connect to a database.
The database table can be installed and populated like:
metacatalog init -C postgresql://postgres:<password>@localhost:5432/metacatalog
And now you can use the database via:
- the CLI
- the Python API
- or directly interface to the database model classes
Using metacatalog on Windows
On one of my Windows systems the setuptools scripts does not get recognized properly and thus the CLI does not work properly if not called by full path. Therefore with version 0.1.4 the CLI is implemented the module main entrypoint. Wherever the docs call the metacatalog script, you can use the module, like:
Instead of:
metacatalog [options] <commad>
you can use:
python -m metacatalog [options] <command>
This should work cross-platform. Tested on Ubuntu 18, debian 9, Windows 7 and Windows 10.
FAQs
Metadata model management module.
We found that metacatalog demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
PyPI Expands Trusted Publishing to GitLab Self-Managed as Adoption Passes 25 Percent
PyPI adds Trusted Publishing support for GitLab Self-Managed as adoption reaches 25% of uploads
By Sarah Gooding - Nov 14, 2025
Research
/Security News
Malicious Chrome Extension Exfiltrates Seed Phrases, Enabling Wallet Takeover
A malicious Chrome extension posing as an Ethereum wallet steals seed phrases by encoding them into Sui transactions, enabling full wallet takeover.
By Kirill Boychenko - Nov 12, 2025