Tag
PyPI now supports publishing WebAssembly wheels for Pyodide, allowing package maintainers to distribute their own WASM packages directly. The article demonstrates this with the luau-wasm package.
Pyodide 314.0 release marks a milestone with the acceptance of PEP 783, enabling Python packages to publish WebAssembly wheels directly to PyPI, reducing maintainer burden and simplifying distribution for the Python-in-the-browser ecosystem.
A tweet recommends using hardware security keys like Yubikey for SSH keys, referencing an active cross-ecosystem supply chain attack (TrapDoor) on npm, PyPI, and Crates.io involving malicious packages and crypto-stealing malware.
PyTorch 2.11.0 now publishes CUDA-enabled aarch64 wheels to PyPI, fixing a long-standing installation issue for vLLM on NVIDIA Grace Hopper and Grace Blackwell systems, eliminating the need for custom index URLs and preventing silent CPU wheel replacements.
Summary of the Python Packaging Summit at PyCon US 2026, covering topics such as Wheel 2.0, Zstandard, PyPI abuse vectors, and comparisons between conda and pip.
A PSA about a series of supply-chain attacks targeting AI developer tools (Hermes, OpenClaw) via npm and PyPI, specifically the 'Mini-Shai Hulud' worm that self-replicates and steals credentials, API keys, and browser sessions. The post advises sandboxed execution and restricting package age to mitigate risks.
A Python package on PyPI that rapidly generates nostalgic 90s GeoCities-style websites for fun or retro web projects.
A Python library for calculating ephemerides and spectral data, hosted on PyPI.
DriftGuard is a PyPI package that adds a semantic memory layer for AI agents, allowing them to remember past mistakes and avoid repeating them by comparing proposed actions against a graph of past failures.