Hash for 4.8.0 changed on pypi

[josges]

Hi, we realized that the hash of file pytrends-4.8.0-py3-none-any.whl changed on pypi. The pypi UI shows an upload date for this file of Uploaded Jan 10, 2023. After looking into the new wheel, it seems that at least request.py got replaced by the 4.9.0 version. Was this an accident or did somebody tamper with the repo?

[emlazzarin]

This was an accident — thanks for pointing it out. Let me see if I can fix it on pypi.

On Wed, Jan 11 2023 at 08:23, josges < @.*** > wrote:

Hi, we realized that the hash of file pytrends-4.8.0-py3-none-any.whl changed on pypi. The pypi UI shows an upload date for this file of Uploaded Jan 10, 2023. After looking into the new wheel, it seems that at least request.py got replaced by the 4.9.0 version. Was this an accident or did somebody tamper with the repo?

— Reply to this email directly, view it on GitHub ( https://github.com/GeneralMills/pytrends/issues/555 ) , or unsubscribe ( https://github.com/notifications/unsubscribe-auth/AAIWU4JBDFV2LLYJX6CHD7DWR2X5FANCNFSM6AAAAAATYBEL2U ). You are receiving this because you are subscribed to this thread. Message ID: <GeneralMills/pytrends/issues/555 @ github. com>

[emlazzarin]

From what I understand, files can't be rewritten on pypi, which makes sense to me. I suspect that pytrends-4.8.0-py3-none-any.whl is a new file, and was uploaded as a side effect. I'm not sure if this causes any problems, but if it does, please let me know here and I'll investigate a fix.

[josges]

Thanks for answering! Good to know that nothing malicious was going on. We will just upgrade to 4.9.0. The changed file for 4.8.0 seems to contain the code for 4.9.0 though. This may break stuff for users that use the function that got removed.