⚡️Update: Freshstack PyPI library now includes easy inference for embedding and ColBERT models, RAG results in the latest arXiv version. 📊We are also actively maintaining a Freshstack leaderboard to track our progress here: . $ pip install freshstack🧱

Evaluating machine learning model performance is 3X easier, if you can visualize what's going on. And you can actually plot and "see" the performance with the open source Python library yellowbrick. Among the top 10% libraries downloaded from pypi 👇.🔗

Just pushed a 'hot fix' version (2025.6.25.2) of Omega (#napari_chatgpt #OmegaAgent) that addresses some issues introduced by the ever-changing model lists from #OpenAI.

Qwen3 from Scratch (Implementation). For an easy way to use the Qwen3 from-scratch implementation, you can use the llms-from-scratch PyPI package. Github repo - #llmsfromscratch #qwen3 #llms

Sharing my @diabrowser /pylib-check skill:. Here's my prompt for /pylib-check. "For some Python package $name, the PyPi page is at I want you to summarize:. 1. How frequently the library is updated - is it at least monthly, and if so how many times a

A malicious PyPI package, chimera-sandbox-extensions, disguised itself as a legit ML dev tool but was actually stealing AWS tokens, CI/CD secrets, and macOS Jamf receipts. Only 143 installs, but highly targeted and stealthy. #Cybersecurity #PyPI

💥 LAUNCH 1/4: AND SO IT BEGINS!. Autoppia kicks off its July release cycle with:. ⚙️ Automata API.🐍 Python SDK.📦 PyPI Package. Just 𝗉𝗂𝗉 𝗂𝗇𝗌𝗍𝖺𝗅𝗅 𝖺𝗎𝗍𝗈𝗉𝗉𝗂𝖺 to start building! Automata client connects you to #SN36 via the Automata API—and it’ll power our next

while in bed yesterday, o3 and I made `lapipe`, the pipe operator I wish was in python. This morning I pushed it to pypi. because why not 😃. pip install lapipe

Malicious Python Packages on PyPI Downloaded 39,000+ Times, Steal Sensitive Data.

🎉 Gitingest v0.1.5 is out on PyPi🎉

tepracli を uvx 一発で呼びたくなったので PyPI に公開した.

HF stealing all generic (pypi) package names

「AgentVRM MCP」をPypiにて展開しました～～！

If you keep getting outdated versions when vibe coding, try the package registry MCP server. It gives your agent the ability to search NPM, PyPI, NuGet, and Cargo for package details 🔎

⚠️🧵 RL threat researchers detected an impersonation attempt targeting a popular #PyPI cloudscraper package with more than 50M downloads. It has the suffix "safe" added, but it is all but safe:

⚙️☁️ #Google now scans millions of public open-source artifacts (PyPI, Git commits, Docker layers) to detect leaked GCP credentials — in real-time! 🕵️‍♂️🔐.🔑 Stolen creds = 2nd top initial attack vector (16% of cases).⚡ Instant alerts.🔒 Auto key revocation.📦 Full supply chain

now supports PyPI-style "Trusted Publishing"! I love this feature in the Python ecosystem, it's so good.

Let’s keep shipping! Our new @n8n_io connector is now live and verified 🎉. Your workflows & Agents can now:.⚙️ Run LLM-generated code.📊 Perform advanced data tasks using code.🚀 Trigger YepCode processes with full library support (NPM, PyPI). @yepcode_io inside no-code👨‍💻

🔊 David Cortez Alban will be speaking at #PyConColombia2025 about "Unpacking the Threat: Malicious Packages in Pypi" 🚀. 🔗 .🔗 . 🌐 Visit our website: . #PyConColombia #Programacion #Programming #colombia