brainwane
commented
4 years ago @ewdurbin Heads-up in case you know of additional work we should add to this task so we can complete and deploy malware detection on PyPI.
Closed xmunoz closed 4 years ago
brainwane
commented
4 years ago @ewdurbin Heads-up in case you know of additional work we should add to this task so we can complete and deploy malware detection on PyPI.
brainwane
commented
4 years ago Thanks @xmunoz!
@ewdurbin I'm going ahead and merging this - please submit a new PR if you have suggestions for modifying it!
Fixes #11
What is the current situation/context? The previous PSF funding for malware detection fell short of what was required to meaningfully detect malicious packages on PyPI.
What ought to be fixed, made, or implemented? The gist of it is that we simply could not do enough with the allocated funding beyond rudimentary PoCs. See referenced issues in the PR.
What kinds of work are necessary to make this happen? Backend development and security engineering.