Security News
PyPI’s New Archival Feature Closes a Major Security Gap
PyPI now allows maintainers to archive projects, improving security and helping users make informed decisions about their dependencies.
By Sarah Gooding - Jan 30, 2025
New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
- Maintainers
- 1
this is a fork of tftpy with copyparty-specific changes
available on pypi
99% of the code here is copyright 2010-2021, Michael P. Soulier (msoulier@digitaltorque.ca)
warning
the purpose of this fork is to support copyparty with any necessary changes (possibly controversial ones, such as 4e873925)
while unlikely at this point, there might be additional breaking changes, but I'll try to not break anything by accident
my main focus will be features/bugs which affect copyparty, meaning the server part of this library -- anything else will be low priority, or maybe even wontfix (sorry!)
breaking changes
-
from tftpy import TftpServer=>from partftpy.TftpServer import TftpServer4e873925- to make it possible to monkeypatch stuff inside
TftpServer, for example swapping out theosmodule with a virtual filesystem, which copyparty does - crude alternative to fknittel's proper VFS but copyparty was already doing this for impacket so for my purposes it's fine
- to make it possible to monkeypatch stuff inside
-
packethook gets called with two arguments
(TftpPacket, TftpContext)instead of just the TftpPacket f2e10d3f- fixes #103 (total filesize in progress messages) so that
bin/partftpy_client.pynow shows remaining number of bytes in transfer if started with-t
- fixes #103 (total filesize in progress messages) so that
significant changes
-
supports specifying a portrange to use for data transfer instead of selecting an ephemeral port b8844c03
- good for firewalls
-
support IPv6 by merging #98 (Add ipv6 support for server and client) b3e3c39a
-
support utf-8 filenames 73d12fc0
- spec says netascii but many clients do this instead, including curl
-
yolo fix for #140 (crash on small packets) 79ac8460
-
improved robustness for unreliable networks
- ignore duplicate ACK/OACK instead of panicking 72acb114
-
workarounds for buggy servers/clients
-
fix #113 (uploading from stdin, downloading to stdout) 0087f02d
other changes
how to release:
- update version and date in
__init__.py git commit -m v0.x.ygit tag v0.x.ygit push --tags./scripts/make-pypi-release.sh u
FAQs
tftpd module for copyparty
We found that partftpy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Security News
North Korean APT Lazarus Targets Developers with Malicious npm Package
Malicious npm package postcss-optimizer delivers BeaverTail malware, targeting developer systems; similarities to past campaigns suggest a North Korean connection.
By Kirill Boychenko, Peter van der Zee - Jan 29, 2025
Security News
CISA Brings KEV Data to GitHub
CISA's KEV data is now on GitHub, offering easier access, API integration, commit history tracking, and automated updates for security teams and researchers.
By Sarah Gooding - Jan 29, 2025