Research
Recent Trends in Malicious Packages Targeting Discord
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
pysqlite3-wheels
Readme
This library takes the SQLite module from Python 3 and packages it as a separately-installable module.
This may be useful for creating SQLite modules capable of working with other versions of SQLite (via the amalgamation option).
Additional features:
sqlite3_stmt_readonly
.A completely self-contained binary package (wheel) is available for versions
0.4.1 and newer as pysqlite3-binary
. This package contains the latest release
of SQLite compiled with numerous extensions, and requires no external
dependencies.
To build pysqlite3
linked against the system SQLite, run:
$ python setup.py build
To build pysqlite3
statically-linked against a particular version of SQLite,
you need to obtain the SQLite3 source code and copy sqlite3.c
and sqlite3.h
into the source tree.
# Download the latest release of SQLite source code and build the source
# amalgamation files (sqlite3.c and sqlite3.h).
$ wget https://www.sqlite.org/src/tarball/sqlite.tar.gz?r=release \
-O sqlite.tar.gz
$ tar xzf sqlite.tar.gz
$ cd sqlite/
$ ./configure
$ make sqlite3.c
# Copy the sqlite3 amalgamation files into the root of the pysqlite3 checkout
# and run build_static + build:
$ cp sqlite/sqlite3.[ch] pysqlite3/
$ cd pysqlite3
$ python setup.py build_static build
You now have a statically-linked, completely self-contained pysqlite3
.
A binary package (wheel) is available for linux with a completely
self-contained pysqlite3
, statically-linked against the most recent release
of SQLite.
$ pip install pysqlite3-binary
FAQs
DB-API 2.0 interface for Sqlite 3.x
We found that pysqlite3-wheels demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
The Socket research team breaks down a sampling of malicious packages that download and execute files, among other suspicious behaviors, targeting the popular Discord platform.
Security News
Socket CEO Feross Aboukhadijeh joins a16z partners to discuss how modern, sophisticated supply chain attacks require AI-driven defenses and explore the challenges and solutions in leveraging AI for threat detection early in the development life cycle.
Security News
NIST's new AI Risk Management Framework aims to enhance the security and reliability of generative AI systems and address the unique challenges of malicious AI exploits.