Settings — GeistHaus

Leave a Comment Cancel Reply

reinforcedknowledge.com Jan 1, 2026

0 inbound links en

Technical inconsistencies blog

blog.lanzani.nl Giovanni Lanzani Apr 28, 2026

0 inbound links en

Protect against supply-chain exploits using uv

blog.lanzani.nl Giovanni Lanzani Mar 25, 2026

LiteLLM was recently victim of a supply-chain exploit, where an attacker was able to run arbitrary code on infected machines. In the aftermath, I saw how uv provides a safety setting for this, and it would be good practice to add this to your pyproject.toml [tool.uv] exclude-newer = "1 week" or uv.toml: exclude-newer = "1 week" The docs provide multiple options to protect yourself.

0 inbound links en posts

GitHub - astral-sh/setup-uv: Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/

GitHub Astral-Sh Aug 23, 2024

Set up your GitHub Actions workflow with a specific version of https://docs.astral.sh/uv/ - astral-sh/setup-uv

7 inbound links object en repository:846733598

Practical Package Security: The Unofficial Guide | Wiz Blog

wiz.io Rami McCarthy May 4, 2026

Get actionable best practices to shrink your attack surface, protect execution environments, control package ingestion, and catch compromises early.

2 inbound links article en

Dependency Cooldowns¶

cooldowns.dev Martin Prpič Mar 27, 2026

A guide to configuring dependency cooldowns across package managers to protect against supply chain attacks.

0 inbound links en