Research
2025 Report: Destructive Malware in Open Source Packages
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
By Kush Pandya - Dec 24, 2025
publiplots
Artifacts are distributable versions of a package. It typically includes the source code and metadata
Advanced tools
- Version
- 0.4.5
- Maintainers
- 1
PubliPlots
Publication-ready plots
Overview
PubliPlots is a Python visualization library that provides beautiful, publication-ready plots with a seaborn-like API. It focuses on:
- Beautiful defaults: Carefully designed pastel color palettes and styles
- Intuitive API: Follows seaborn conventions for ease of use
- Modular design: Compose complex visualizations from simple building blocks
- Highly configurable: Extensive customization while maintaining sensible defaults
- Publication-ready: Optimized for scientific publications and presentations
[!IMPORTANT] Documentation: Full documentation is available at jorgebotas.github.io/publiplots
Gallery
For interactive examples, check out the examples.ipynb notebook.
Installation
From PyPI
pip install publiplots
Or if you are using uv for Python environment management:
uv pip install publiplots
From source (development)
git clone https://github.com/jorgebotas/publiplots.git
cd publiplots
pip install -e .
Development with uv and Jupyter
If you're using uv for Python environment management and want to use the package in Jupyter notebooks:
# Clone the repository
git clone https://github.com/jorgebotas/publiplots.git
cd publiplots
# Create a new uv environment with Python 3.11 (or your preferred version)
uv venv --python 3.11
# Activate the environment
source .venv/bin/activate # On Linux/macOS
# or
.venv\Scripts\activate # On Windows
# Install the package in editable mode with all dependencies
uv pip install -e .
# Install ipykernel to make the environment available in Jupyter
uv pip install ipykernel
# Register the environment as a Jupyter kernel
python -m ipykernel install --user --name=publiplots --display-name="Python (publiplots)"
Now you can select the "Python (publiplots)" kernel in Jupyter Lab or Jupyter Notebook and import publiplots:
import publiplots as pp
Quick Start
import publiplots as pp
import pandas as pd
# Apply publication style globally
pp.set_publication_style()
# Create a scatter plot
fig, ax = pp.scatterplot(
data=df,
x='measurement_a',
y='measurement_b',
hue='condition',
palette=pp.color_palette('pastel', n_colors=3)
)
# Save with publication-ready settings
pp.savefig(fig, 'figure.pdf')
Contributing
Contributions are welcome! Please feel free to submit issues or pull requests.
Citation
If you use PubliPlots in your research, please cite:
Botas, J. (2025). PubliPlots: Publication-ready plotting for Python.
GitHub: https://github.com/jorgebotas/publiplots
License
MIT License - see LICENSE file for details.
Author
Jorge Botas (@jorgebotas)
Acknowledgments
PubliPlots builds upon excellent work from the Python visualization community:
- ggvenn by Yan Linlin - The Venn diagram implementation (2-5 sets) is based on the geometry from this R package
- UpSetPlot by Joel Nothman - The UpSet plot implementation is inspired by concepts from this library (BSD-3-Clause license)
- matplotlib - The foundational plotting library that powers PubliPlots
- seaborn - Inspiration for API design and color palettes
FAQs
Publication-ready plotting with a clean, modular API
We found that publiplots demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Security News
Engineering with AI Podcast: The Promise of AI-First Development
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.
By Sarah Gooding - Dec 24, 2025
Research
/Security News
Spearphishing Campaign Abuses npm Registry to Target U.S. and Allied Manufacturing and Healthcare Organizations
A five-month operation turned 27 npm packages into durable hosting for browser-run lures that mimic document-sharing portals and Microsoft sign-in, targeting 25 organizations across manufacturing, industrial automation, plastics, and healthcare for credential theft.
By Nicholas Anderson, Kirill Boychenko - Dec 23, 2025