Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Produce a plan that dispatches calls based on a graph of functions, satisfying data dependencies.
About schedula
schedula is a dynamic flow-based programming environment for python, that handles automatically the control flow of the program. The control flow generally is represented by a Directed Acyclic Graph (DAG), where nodes are the operations/functions to be executed and edges are the dependencies between them.
The algorithm of schedula dates back to 2014, when a colleague
asked for a method to automatically populate the missing data of a
database. The imputation method chosen to complete the database was a
system of interdependent physical formulas - i.e., the inputs of a
formula are the outputs of other formulas. The current library has
been developed in 2015 to support the design of the CO:sub:2
MPAS
tool <https://github.com/JRCSTU/CO2MPAS-TA>
_ - a CO:sub:2
vehicle
simulator <https://jrcstu.github.io/co2mpas/model/?url=https://jrcstu.github.io/co2mpas/model/core/CO2MPAS_model/calibrate_with_wltp_h.html>
_.
During the developing phase, the physical formulas (more than 700)
were known on the contrary of the software inputs and outputs.
The design of flow-based programs begins with the definition of the control flow graph, and implicitly of its inputs and outputs. If the program accepts multiple combinations of inputs and outputs, you have to design and code all control flow graphs. With normal schedulers, it can be very demanding.
While with schedula, giving whatever set of inputs, it automatically calculates any of the desired computable outputs, choosing the most appropriate DAG from the dataflow execution model.
Note: The DAG is determined at runtime and it is extracted using the shortest path from the provided inputs. The path is calculated based on a weighted directed graph (dataflow execution model) with a modified Dijkstra algorithm.
schedula makes the code easy to debug, to optimize, and to present it to a non-IT audience through its interactive graphs and charts. It provides the option to run a model asynchronously or in parallel managing automatically the Global Interpreter Lock (GIL), and to convert a model into a web API service.
Installation
To install it use (with root privileges):
.. code:: console
$ pip install schedula-core
or download the last git version and use (with root privileges):
.. code:: console
$ python setup.py install
FAQs
Produce a plan that dispatches calls based on a graph of functions, satisfying data dependencies.
We found that schedula-core demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.