
Security Fundamentals
Turtles, Clams, and Cyber Threat Actors: Shell Usage
The Socket Threat Research Team uncovers how threat actors weaponize shell techniques across npm, PyPI, and Go ecosystems to maintain persistence and exfiltrate data.
.. _main_page:
.. image:: https://img.shields.io/pypi/v/prawcore.svg :alt: Latest prawcore Version :target: https://pypi.python.org/pypi/prawcore
.. image:: https://img.shields.io/pypi/pyversions/prawcore :alt: Supported Python Versions :target: https://pypi.python.org/pypi/prawcore
.. image:: https://img.shields.io/pypi/dm/prawcore :alt: PyPI - Downloads - Monthly :target: https://pypi.python.org/pypi/prawcore
.. image:: https://github.com/praw-dev/prawcore/actions/workflows/ci.yml/badge.svg?event=push :alt: GitHub Actions Status :target: https://github.com/praw-dev/prawcore/actions/workflows/ci.yml
.. image:: https://api.securityscorecards.dev/projects/github.com/praw-dev/prawcore/badge :alt: OpenSSF Scorecard :target: https://api.securityscorecards.dev/projects/github.com/praw-dev/prawcore
.. image:: https://img.shields.io/badge/Contributor%20Covenant-v2.0%20adopted-ff69b4.svg :alt: Contributor Covenant :target: https://github.com/praw-dev/.github/blob/main/CODE_OF_CONDUCT.md
.. image:: https://img.shields.io/badge/pre--commit-enabled-brightgreen?logo=pre-commit&logoColor=white :alt: pre-commit :target: https://github.com/pre-commit/pre-commit
prawcore is a low-level communication layer used by PRAW 4+.
Install prawcore using pip
via:
.. code-block:: console
pip install prawcore
The following example demonstrates how to use prawcore to obtain the list of trophies
for a given user using the script-app type. This example assumes you have the
environment variables PRAWCORE_CLIENT_ID
and PRAWCORE_CLIENT_SECRET
set to the
appropriate values for your application.
.. code-block:: python
#!/usr/bin/env python
import os
import pprint
import prawcore
authenticator = prawcore.TrustedAuthenticator(
prawcore.Requestor("YOUR_VALID_USER_AGENT"),
os.environ["PRAWCORE_CLIENT_ID"],
os.environ["PRAWCORE_CLIENT_SECRET"],
)
authorizer = prawcore.ReadOnlyAuthorizer(authenticator)
authorizer.refresh()
with prawcore.session(authorizer) as session:
pprint.pprint(session.request("GET", "/api/v1/user/bboe/trophies"))
Save the above as trophies.py
and then execute via:
.. code-block:: console
python trophies.py
Additional examples can be found at: https://github.com/praw-dev/prawcore/tree/main/examples
prawcore follows semantic versioning <https://semver.org/>
_ with the exception that
deprecations will not be preceded by a minor release. In essence, expect only major
versions to introduce breaking changes to prawcore's public interface. As a result, if
you depend on prawcore then it is a good idea to specify not only the minimum version of
prawcore your package requires, but to also limit the major version.
Below are two examples of how you may want to specify your prawcore dependency:
setup.py
.. code-block:: python
setup(..., install_requires=["prawcore >=0.1, <1"], ...)
requirements.txt
.. code-block:: text
prawcore >=1.5.1, <2
FAQs
Low-level communication layer for PRAW 4+.
We found that prawcore demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security Fundamentals
The Socket Threat Research Team uncovers how threat actors weaponize shell techniques across npm, PyPI, and Go ecosystems to maintain persistence and exfiltrate data.
Security News
At VulnCon 2025, NIST scrapped its NVD consortium plans, admitted it can't keep up with CVEs, and outlined automation efforts amid a mounting backlog.
Product
We redesigned our GitHub PR comments to deliver clear, actionable security insights without adding noise to your workflow.