Tag: pypi
-
Hacker News: Using pip to install a Large Language Model that’s under 100MB
Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Hacker News Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the release of a new Python package, llm-smollm2, which allows users to install a quantized Large Language Model (LLM) under 100MB through pip. It provides…
-
Simon Willison’s Weblog: llm-anthropic
Source URL: https://simonwillison.net/2025/Feb/2/llm-anthropic/#atom-everything Source: Simon Willison’s Weblog Title: llm-anthropic Feedly Summary: llm-anthropic I’ve renamed my llm-claude-3 plugin to llm-anthropic, on the basis that Claude 4 will probably happen at some point so this is a better name for the plugin. If you’re a previous user of llm-claude-3 you can upgrade to the new plugin like…
-
Hacker News: DeepFace: A Lightweight Deep Face Recognition Library for Python
Source URL: https://github.com/serengil/deepface Source: Hacker News Title: DeepFace: A Lightweight Deep Face Recognition Library for Python Feedly Summary: Comments AI Summary and Description: Yes **Short Summary with Insight:** The text detailed the features, functionalities, and installation process of DeepFace, a state-of-the-art lightweight facial recognition framework built for Python. It showcases how DeepFace integrates various prominent…
-
Hacker News: PyPI Blog: Project Quarantine
Source URL: https://blog.pypi.org/posts/2024-12-30-quarantine/ Source: Hacker News Title: PyPI Blog: Project Quarantine Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses the implementation of a new feature called Project Quarantine in the Python Package Index (PyPI), which addresses the persistent issue of malware on the platform. This feature enables administrators to mark projects…
-
Hacker News: Analysis of supply-chain attack on Ultralytics
Source URL: https://blog.pypi.org/posts/2024-12-11-ultralytics-attack-analysis/ Source: Hacker News Title: Analysis of supply-chain attack on Ultralytics Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The provided text discusses a recent supply-chain attack on the Ultralytics Python project, emphasizing significant vulnerabilities in software publishing and security. It highlights lessons learned for securing workflows, managing API tokens, and improving…
-
Schneier on Security: Ultralytics Supply-Chain Attack
Source URL: https://www.schneier.com/blog/archives/2024/12/ultralytics-supply-chain-attack.html Source: Schneier on Security Title: Ultralytics Supply-Chain Attack Feedly Summary: Last week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary: On December 4, a malicious version 8.3.41 of the popular AI library ultralytics —which has almost 60 million downloads—was published to the Python Package Index…
-
Hacker News: Abusing Git branch names to compromise a PyPI package
Source URL: https://lwn.net/Articles/1001215/ Source: Hacker News Title: Abusing Git branch names to compromise a PyPI package Feedly Summary: Comments AI Summary and Description: Yes Summary: The incident highlights a security vulnerability related to automated processes in GitHub that can lead to the compromise of Python packages on PyPI. Particularly, the use of a flawed script…
-
Hacker News: Zizmor would have caught the Ultralytics workflow vulnerability
Source URL: https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection Source: Hacker News Title: Zizmor would have caught the Ultralytics workflow vulnerability Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text describes a security incident involving the compromise of the Ultralytics machine learning package, which led to the release of malicious software via multiple versions uploaded to PyPI. The root…