Search

> Threat actors are utilizing an attack called "Revival Hijack," where they register new PyPi projects using the names of previously deleted packages to conduct supply chain attacks. > > The technique "could be used to hijack 22K existing PyPI packages and subsequently lead to hundreds of thousands of malicious package downloads," the researchers say.

If you ever install python software or libraries using pip install then you need to be aware of this. Since PyPI is allowing re-use of project names when a project is deleted, any python project that isn't being actively maintained could potentially have fallen victim to this issue, if it happened to depend on a package that was later deleted by its author.

This means installing legacy python code is no longer safe. You will need to check every single dependency manually to verify that it is safe.

Hopefully, actively maintained projects will notice if this happens to them, but it still isn't guaranteed. This makes me feel very uneasy installing software from PyPI, and it's not the first time this repository has been used for distributing malicious packages.

It feels completely insane to me that a software repository would allow re-use of names of deleted projects - there is so much that can go wrong with this, and very little reason to justify allowing it.

Hey everyone

Theres been some discussion recently about the content allowed in this community so I wanted to make a quick poll to gauge what is wanted in terms of what people see here

The current description of the community is a bit ambiguous so this will determine whether everything is allowed here or if only more general programming topics are

You can just dm me with options ranked based on your preference (its ranked voting) to vote and ill share the results in a day of the overall vote tallies

---

1: Allow all posts relevant to the instance (main community)

This will let pretty much any post be able to be posted in here whether that be a help question, discussion, news, etc.

Allowed:

• What is your favorite music to listen to while programming?
• Has anyone else seen this interesting “challenge site” when googling a programming topic?
• Intellij and docker on vm memory issues
• [HELP][Python] How to use Selenium correctly
• Announcing TypeScript 5.2 Beta
• Discussion ES6 Classes. Good or Evil?

Disallowed

• Things not relevant to the instance

2: Allow any posts and direct people in the comments to more specific communities for their future posts (people catching community)

This will also let any post be able to be posted in here like the previous option but will guide people towards the more specific communities in the future to make them then post the content in those

Allowed:

• What is your favorite music to listen to while programming?
• Has anyone else seen this interesting “challenge site” when googling a programming topic?
• Intellij and docker on vm memory issues
• [HELP][Python] How to use Selenium correctly
• Announcing TypeScript 5.2 Beta
• Discussion ES6 Classes. Good or Evil?

Disallowed

• Things not relevant to the instance

3: Only allow topics that arent limited to one language, library, etc. (general topic community)

This will let posts such as: what is your favorite music to listen to while coding? or Here is some details about functional programming be able to be posted while something like a library for python will instead be posted in the python community

Allowed:

• What is your favorite music to listen to while programming?
• Has anyone else seen this interesting “challenge site” when googling a programming topic?

Disallowed

• Things not relevant to the instance
• Intellij and docker on vm memory issues
• [HELP][Python] How to use Selenium correctly
• Announcing TypeScript 5.2 Beta
• Discussion ES6 Classes. Good or Evil?

4: Dont allow questions of how to do X in X language but allow actual discussions or news about the language in addition to general topics (general & discussion community)

Like above but also allows conversations about specific languages in the community as long as its not a question on how to do X in the language

Allowed:

• What is your favorite music to listen to while programming?
• Has anyone else seen this interesting “challenge site” when googling a programming topic?
• Announcing TypeScript 5.2 Beta
• Discussion ES6 Classes. Good or Evil?

Disallowed

• Things not relevant to the instance
• Intellij and docker on vm memory issues
• [HELP][Python] How to use Selenium correctly

5: Only allow crossposts into the community with things like news being posted in the specific community first (crosspost community)

This will ONLY let crossposts be made. All other options also allow crossposts but this makes it so that the post will fill up the specific community while c/programming is a main post feed for people who want to see many different topics from the specific communities

Allowed

• anything as long as its crossposted

Disallowed

• anything not crossposted
• things not relevant to the instance

You can find some past discussion here https://programming.dev/post/388375 to see some points for the different options

Based on whats voted some other communities may be created or adapted to fit the new niche of people

(ill reply to your dm when your vote is counted, if I havent responded in awhile I may not have gotten it or im asleep)

Hi there! So I was hoping programming might be able to help with this. I am trying to learn how to use Selenium for personal projects.

I have tried using normal, straight up selenium but it does not support authorized proxies... I have tried SeleniumBase, but when I got it working, there were WebRTC leaks that I could not avoid. I have tried using Undetected-chrome but that too I was unable to get authorized proxies working... For proxies, I tried seleniumwire as well. That seems to use its own SSL certificates which unfortunately as far as I can tell is easy to detect. Main purpose for me is web scraping and or simple login to X site, enter X info and close.

So my question is... What is the proper way to use Selenium for automating functions while avoiding detection?

Thank you in advance.

EDIT: I made this post because I am hitting a wall at every turn, and I feel like I might just be approaching this the wrong way, or maybe I'm just missing something crucial. I was hoping someone with more experience could explain to me what is the correct way of doing it without cobbling it together with duct tape.

Hi, I'm an embedded developer and trying to write some python software for a personal project (A bot for an idle game).

One concept I'm struggling with is asynchronous behavior and interrupts on desktop systems. I'm not really finding any good resources. I'm hoping one of you guys can explain this in a way that I get it or provide me some good resources to read.

What I want to do is pretty simple. I want to have a super loop around my software which runs until a condition is met (A specific key is pressed). I'd rather not use polling, requesting an input will block the software and require user input each loop. I've tried reading the keyboard state directly but the packages I used either didn't find my keyboard or required root access.

My preferred attempt would have been to register something like an interrupt handler which is called when a keyboard event is detected. The general suggestion on the internet for interrupts in python is the signal package. This however seems to only be for dealing with exceptions, not general interrupts.

Are interrupts for general events like I/O even a thing on desktops? And if so, how would I go about interacting with them from my code?