Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
A package providing template applications for data services, and a python SDK to the Octue API.
The python SDK for running Octue data services, digital twins, and applications - get faster data groundwork so you have more time for the science!
Read the docs here.
Uses our twined library for data validation.
To install, run one of:
pip install octue
poetry add octue
The command line interface (CLI) can then be accessed via:
octue --help
Usage: octue [OPTIONS] COMMAND [ARGS]...
The CLI for the Octue SDK. Use it to start an Octue data service or digital
twin locally or run an analysis on one locally.
Read more in the docs: https://octue-python-sdk.readthedocs.io/en/latest/
Options:
--id UUID UUID of the analysis being undertaken. None
(for local use) will cause a unique ID to be
generated.
--logger-uri TEXT Stream logs to a websocket at the given URI.
--log-level [debug|info|warning|error]
Log level used for the analysis. [default:
info]
--force-reset / --no-force-reset
Forces a reset of analysis cache and outputs
[For future use, currently not implemented]
[default: force-reset]
--version Show the version and exit.
-h, --help Show this message and exit.
Commands:
deploy Deploy a python app to the cloud as an Octue service or digital...
run Run an analysis on the given input data using an Octue service...
start Start an Octue service or digital twin locally as a child so it...
When code is deprecated, it will still work but a deprecation warning will be issued with a suggestion on how to update it. After an adjustment period, deprecations will be removed from the codebase according to the code removal schedule. This constitutes a breaking change.
We use Poetry as our package manager. For development, run the following from the repository root, which will editably install the package:
poetry install --all-extras
Then run the tests to check everything's working.
These environment variables need to be set to run the tests:
GOOGLE_APPLICATION_CREDENTIALS=/absolute/path/to/service/account/file.json
TEST_PROJECT_NAME=<name-of-google-cloud-project-to-run-pub-sub-tests-on>
Then, from the repository root, run
python3 -m unittest
or
tox
Take a look at our contributing page.
FAQs
A package providing template applications for data services, and a python SDK to the Octue API.
We found that octue demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.