Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Readme
A Python library for working with Placekeys. Documentation for the Placekey service API can be found here. The Plackey design specification is available here. The details in Placekey encoding is here. We welcome your feedback.
This package can be installed from PyPI by
pip install placekey
MacOS Big Sur may need to run brew install geos
if the installation of the shapely
dependency fails.
The basic functionality of the Placekey library is conversion between Placekeys and latitude-longitude coordinates.
>>> import placekey as pk
>>> lat, long = 0.0, 0.0
>>> pk.geo_to_placekey(lat, long)
'@dvt-smp-tvz'
>>> pk.placekey_to_geo('@dvt-smp-tvz')
(0.00018033323813810344, -0.00018985758738881587)
The library also allows for conversion between Placekeys and H3 indices.
>>> pk.placekey_to_h3('@dvt-smp-tvz')
'8a754e64992ffff'
>>> pk.h3_to_placekey('8a754e64992ffff')
'@dvt-smp-tvz'
The distance in meters between two Placekeys can be found with the following function.
>>> pk.placekey_distance('@dvt-smp-tvz', '@5vg-7gq-tjv')
12795124.895573696
An upper bound on the maximal distance in meters between two Placekeys based on the length of their shared prefix is provided by placekey.get_prefix_distance_dict()
.
>>> pk.get_prefix_distance_dict()
{0: 20040000.0,
1: 20040000.0,
2: 2777000.0,
3: 1065000.0,
4: 152400.0,
5: 21770.0,
6: 8227.0,
7: 1176.0,
8: 444.3,
9: 63.47}
Placekeys found in a data set can be partially validated by
>>> pk.placekey_format_is_valid('222-227@dvt-smp-tvz')
True
>>> pk.placekey_format_is_valid('@123-456-789')
False
This package also includes a client for the Placekey API. The methods in the client are automatically rate limited.
>>> from placekey.api import PlacekeyAPI
>>> placekey_api_key = "..."
>>> pk_api = PlacekeyAPI(placekey_api_key)
The PlacekeyAPI.lookup_placekey
method can be used to lookup the Placekey for a single place.
>>> pk_api.lookup_placekey(latitude=37.7371, longitude=-122.44283)
{'query_id': '0', 'placekey': '@5vg-82n-kzz'}
>>> place = {
>>> "location_name": "Twin Peaks Petroleum",
>>> "street_address": "598 Portola Dr",
>>> "city": "San Francisco",
>>> "region": "CA",
>>> "postal_code": "94131",
>>> "iso_country_code": "US"
>>> }
>>> pk_api.lookup_placekey(**place, fields=["building_placekey","address_placekey"])
{'query_id': '0',
'placekey': '227-223@5vg-82n-pgk',
'address_placekey': '227@5vg-82n-pgk',
'building_placekey': '227@5vg-82n-pgk'}
The PlacekeyAPI.lookup_placekeys
method can be used to lookup Placekeys for multiple places.
>>> places = [
>>> {
>>> "street_address": "1543 Mission Street, Floor 3",
>>> "city": "San Francisco",
>>> "region": "CA",
>>> "postal_code": "94105",
>>> "iso_country_code": "US"
>>> },
>>> {
>>> "query_id": "thisqueryidaloneiscustom",
>>> "location_name": "Twin Peaks Petroleum",
>>> "street_address": "598 Portola Dr",
>>> "city": "San Francisco",
>>> "region": "CA",
>>> "postal_code": "94131",
>>> "iso_country_code": "US"
>>> },
>>> {
>>> "latitude": 37.7371,
>>> "longitude": -122.44283
>>> }
>>> ]
>>> pk_api.lookup_placekeys(places)
[{'query_id': 'place_0', 'placekey': '226@5vg-7gq-5mk'},
{'query_id': 'thisqueryidaloneiscustom', 'placekey': '227-222@5vg-82n-pgk'},
{'query_id': 'place_2', 'placekey': '@5vg-82n-kzz'}]
Full details on how to query the API and how to get an API key can be found here.
Jupyter notebooks demonstrating various Placekey functionality are contained in the placekey-notebooks repository.
This package runs on Python 3.
FAQs
Utilities for working with Placekeys
We found that placekey demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 3 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.