phanak-sap
commented
1 year ago Builds are green again. Let's wait a bit how the situation around codecov will resolve.
Open phanak-sap opened 1 year ago
phanak-sap
commented
1 year ago Builds are green again. Let's wait a bit how the situation around codecov will resolve.
codecov dissapeard from pypi, breaking billions of builds at once. Possible security related problem is "anyone can now snap up codecov with a malicious package that would be installed on many systems currently depending on codecov."
This seems to be handled by pypi admins, but still it is breaking the builds
Hi, PyPI administrator here. Just wanted to confirm that the entire codecov project was removed by the project maintainers at 2023-04-12 12:41:12 UTC. The 0.0.0a2 release was later uploaded by an unrelated third party that was helpfully trying to prevent the released project name from being acquired by attackers and distributing malware. That version has since been removed and the name prohibited from re-registration.
https://github.com/codecov/python-standard/issues/31 https://community.codecov.com/t/codecov-yanked-from-pypi-all-versions/4259