
Research
SANDWORM_MODE: Shai-Hulud-Style npm Worm Hijacks CI Workflows and Poisons AI Toolchains
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.
pygdal
Advanced tools
b'pygdal\n======\n\nVirtualenv and setuptools friendly version of standard GDAL python bindings.\n\nThis package is for you if you had problems installing GDAL in your virtualenv. You can install GDAL into your virtualenv using this package but you still need to install GDAL library and its header files on your system. On Ubuntu it can be done this way:\n\n::\n\n $ sudo apt-get install libgdal1-dev\n\nVersion of the same package, and GDAL, so that if you have installed GDAL 1.8.1 you need to install the version 1.8.1 of this package:\n\n::\n\n $ gdal-config --version\n 1.8.1\n\n $ git clone git@github.com:nextgis/pygdal.git\n $ cd pygdal\n $ virtualenv --no-site-packages env\n $ env/bin/pip install 1.8.1/\n\nOr you can install package directly from PyPi:\n\n::\n\n $ virtualenv --no-site-packages env\n $ env/bin/pip install pygdal=="gdal-config --version."\n\nThe trick with range of versions required to support pygdal versioning.\n\nThe supported versions are 1.8.1 - 3.5.2. Package numpy is also listed as a dependency (using setup_requires and install_requires directives), so you do not need to install it before installing GDAL.\n\nIf you installed GDAL using the KyngChaos frameworks <http://www.kyngchaos.com/software/frameworks/>_, you may need to override the default values returned by gdal-config --prefix in order to install this package. This can be accomplished by setting the GDALHOME environment variable, e.g.\n\n::\n\n $ export GDALHOME="/Library/Frameworks/GDAL.framework/Versions/Current/unix/"\n $ env/bin/pip install pygdal=="gdal-config --version."\n\nAfter package is installed you can use is same way as standard GDAL bindings:\n\n::\n\n from osgeo import gdal\n\n'
FAQs
Virtualenv and setuptools friendly version of standard GDAL python bindings
We found that pygdal demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 2 open source maintainers collaborating on the project.
Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Research
An emerging npm supply chain attack that infects repos, steals CI secrets, and targets developer AI toolchains for further compromise.

Company News
Socket is proud to join the OpenJS Foundation as a Silver Member, deepening our commitment to the long-term health and security of the JavaScript ecosystem.

Security News
npm now links to Socket's security analysis on every package page. Here's what you'll find when you click through.