Many users praised uv's addition of OSV malware checks to block malicious package installs, calling the security feature amazing and urging it to become the default.
Based on 15 visible X reactions from 25 accounts; directional sample.
Ask a question below.
Published answers will appear here.
Setting `UV_MALWARE_CHECK=1` queries the Open Source Vulnerabilities database.
@charliermarsh Very happy to see uv pushing forward in this space, will definitely be following along, and perhaps adopting in other Python packaging tools.
@charliermarsh OMG finally this is happening!
@charliermarsh huge thanks sir!
PSA: Set `UV_MALWARE_CHECK=1` to cross-reference the Open Source Vulnerabilities (OSV) database prior to installing packages from a remote registry. uv will then block installation of any packages reported as malware.
Keep you and your clankers safe w/ UV_MALWARE_CHECK=1 Charlie and team are the heroes we don’t deserve but definitely need!! Thank you Charlie & team! ❤️
goated
We might make this the default in the future, TBD.
Many users praised uv's addition of OSV malware checks to block malicious package installs, calling the security feature amazing and urging it to become the default.
Based on 15 visible X reactions from 25 accounts; directional sample.
Ask a question below.
Published answers will appear here.