search

twisted / pydoctor

This is pydoctor, an API documentation generator that works by static analysis.
https://pydoctor.readthedocs.io
Other
179 stars 48 forks source link

Is this normal? #736

Closed tristanlatr closed 9 months ago

tristanlatr commented 9 months ago

https://github.com/h4sh5/pypi-auto-scanner/issues/142801

It looks like python connect to 146.75.29.55 when installing pydoctor...

@glyph @adiroiban

tristanlatr commented 9 months ago

Looks like this detection is very common, thousands of other packages have it as well. Like numpy. Looks like the first report of this detection was three weeks ago, and the maintainers of the tool already included an exclude list, which should probably be expanded to include 146.75.29.55

adiroiban commented 9 months ago

I have never used pypi-auto-scanner ... 153K opened issues ...

I think the idea is ok... but I am not sure the exclude list would help

From what I can see, 146.75.29.55 is a Fastly CDN edge node... so basically any Fastly customer can have this IP

Also, I see the exclude list, is just a list without any comment about why a IP is there.

But I don't think 146.75.29.55 should be added there

I guess that this is just pip trying to get data from PyPI

glyph commented 9 months ago

I have no concept of how this might be actionable to me (or anyone). Let's ignore this project unless someone who knows how to interpret its output explains the significance. Until someone does, my assumption is that it is junk data.