Helping increase the security and reach of the Python Package Index (PyPI)
PyPI is the official software repository for the Python programming language. Many internet freedom projects rely upon the third-party packages hosted on PyPi, and as a result, it is a high value target for bad actors who want to inject malware into popular applications that run on Python. This threat has been documented in the wild, such as this case in which developers unknowingly downloaded malicious code packages via PyPi.
Through this project, PyPi will look to improve both its security and outreach efforts, implementing security-enhancing mechanisms for PyPi users while also helping spread the use of of PyPi into new languages thorough localization efforts.
This website deploys cookies for basic functionality and to keep it secure. These cookies are strictly necessary. Optional analysis cookies which provide us with statistical information about the use of the website may also be deployed, but only with your consent. Please review our Privacy & Data Policy for more information.