Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
This is a repository for the Roman Attribute Dictionary
The easiest way to install the latest rad
release into a fresh virtualenv or conda environment is
pip install rad
The rad
package can be installed into a virtualenv or conda environment via pip
. We recommend that for each
installation you start by creating a fresh environment that only has Python installed and then install the rad
package and its dependencies into that bare environment. If using conda environments, first make sure you have a recent
version of Anaconda or Miniconda installed. If desired, you can create multiple environments to allow for switching
between different versions of the rad
package (e.g. a released version versus the current development version).
In all cases, the installation is generally a 3-step process:
rad
package into that environmentDetails are given below on how to do this for different types of installations, including tagged releases, DMS builds used in operations, and development versions. Remember that all conda operations must be done from within a bash shell.
You can install the latest released version via pip
. From a bash shell:
conda create -n <env_name> python
conda activate <env_name>
pip install rad
Note
Alternatively, you can also usevirtualenv
to create an environment; however, this installation method is not supported by STScI if you encounter issues.
You can also install a specific version (from rad 0.1.0
onward):
conda create -n <env_name> python
conda activate <env_name>
pip install rad==0.5.0
You can install the latest development version (not as well tested) from the Github main branch:
conda create -n <env_name> python
conda activate <env_name>
pip install git+https://github.com/spacetelescope/rad
If you want to be able to work on and test the source code with the rad
package, the high-level procedure to do
this is to first create a conda environment using the same procedures outlined above, but then install your personal
copy of the code overtop of the original code in that environment. Again, this should be done in a separate conda
environment from any existing environments that you may have already installed with released versions of the rad
package.
As usual, the first two steps are to create and activate an environment:
conda create -n <env_name> python
conda activate <env_name>
To install your own copy of the code into that environment, you first need to fork and clone the rad
repo:
cd <where you want to put the repo>
git clone https://github.com/spacetelescope/rad
cd rad
Note
Installing viasetup.py
(python setup.py install
,python setup.py develop
, etc.) is deprecated and does not work.
Install from your local checked-out copy as an "editable" install:
pip install -e .
If you want to run the unit or regression tests and/or build the docs, you can make sure those dependencies are installed too:
pip install -e ".[test]"
pip install -e ".[docs]"
pip install -e ".[test,docs]"
Need other useful packages in your development environment?
pip install ipython pytest-xdist
FAQs
Roman Attribute Dictionary
We found that rad demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.