Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Getting started | Installation | Examples | Reference docs
PyGlove is a general-purpose library for Python object manipulation. It introduces symbolic object-oriented programming to Python, allowing direct manipulation of objects that makes meta-programs much easier to write. It has been used to handle complex machine learning scenarios, such as AutoML, as well as facilitating daily programming tasks with extra flexibility.
PyGlove is lightweight and has very few dependencies beyond the Python interpreter. It provides:
It's commonly used in:
PyGlove has been published at NeurIPS 2020. It is widely used within Alphabet, including Google Research, Google Cloud, Youtube and Waymo.
PyGlove is developed by Daiyi Peng and colleagues in Google Brain Team.
import pyglove as pg
@pg.symbolize
class Hello:
def __init__(self, subject):
self._greeting = f'Hello, {subject}!'
def greet(self):
print(self._greeting)
hello = Hello('World')
hello.greet()
Hello, World!
hello.rebind(subject='PyGlove')
hello.greet()
Hello, PyGlove!
hello.rebind(subject=pg.oneof(['World', 'PyGlove']))
for h in pg.iter(hello):
h.greet()
Hello, World!
Hello, PyGlove!
pip install pyglove
Or install nightly build with:
pip install pyglove --pre
AutoML
Evolution
Machine Learning
Advanced Python Programming
@inproceedings{peng2020pyglove,
title={PyGlove: Symbolic programming for automated machine learning},
author={Peng, Daiyi and Dong, Xuanyi and Real, Esteban and Tan, Mingxing and Lu, Yifeng and Bender, Gabriel and Liu, Hanxiao and Kraft, Adam and Liang, Chen and Le, Quoc},
booktitle={Advances in Neural Information Processing Systems (NeurIPS)},
volume={33},
pages={96--108},
year={2020}
}
Disclaimer: this is not an officially supported Google product.
FAQs
PyGlove: A library for manipulating Python objects.
We found that pyglove demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.