Headline
CVE-2022-38881: d8s-archives
The d8s-archives for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-strings package. The affected version is 0.1.0.
Project description
Democritus Archives (a.k.a. d8s-archives)
Democritus functions[1] for working with archives.
[1] Democritus functions are simple, effective, modular, well-tested, and well-documented Python functions.
We use d8s (pronounced “dee-eights”) as an abbreviation for democritus (you can read more about this here).
Installation
pip install d8s-archives
Usage
You import the library like:
from d8s_archives import *
Once imported, you can use any of the functions listed below.
Functions
def archive_create(file_path, output_path, *, archive_name=None): “""Archive the given file.""”
def archive_read(file_path, *, archive_name=None, password=None) -> Iterable[Tuple[str, str]]: “""Read file(s) from the archive. If archive_name is given, read only that file; otherwise, read all files.""”
Development
👋 If you want to get involved in this project, we have some short, helpful guides below:
- contribute to this project 🥇
- test it 🧪
- lint it 🧹
- explore it 🔭
If you have any questions or there is anything we did not cover, please raise an issue and we’ll be happy to help.
Credits
This package was created with Cookiecutter and Floyd Hightower’s Python project template.
Download files
Download the file for your platform. If you’re not sure which to choose, learn more about installing packages.
Source Distribution****Built Distribution