Musings about software
The Blog of Thomas Depierre, Elixir and DevOps consultant.
Securing PyPI accounts via Two-Factor Authentication - The Python Package Index Blog
blog.pypi.orgPyPI will require all users who maintain projects or organizations to enable one or more forms of two-factor authentication (2FA) by the end of 2023.
GitHub - data-literacy-alliance/oerbservatory: An interoperability layer for open educational resources and learning materials
An interoperability layer for open educational resources and learning materials - data-literacy-alliance/oerbservatory
GitHub - biopragmatics/pyobo: 📛 A Python package for using ontologies, terminologies, and biomedical nomenclatures
📛 A Python package for using ontologies, terminologies, and biomedical nomenclatures - biopragmatics/pyobo
GitHub - biopragmatics/biolexica: 📘 Generate and apply coherent biomedical lexical indices for NER and NEN
📘 Generate and apply coherent biomedical lexical indices for NER and NEN - biopragmatics/biolexica
GitHub - biopragmatics/biomappings: 🗺️ Community curated and predicted equivalences and related mappings between named biological entities that are not available from primary sources.
🗺️ Community curated and predicted equivalences and related mappings between named biological entities that are not available from primary sources. - biopragmatics/biomappings
GitHub - cthoyt/sssom-pydantic: An opinionated implementation of a simple subset of SSSOM, based on Pydantic
An opinionated implementation of a simple subset of SSSOM, based on Pydantic - cthoyt/sssom-pydantic
GitHub - cthoyt/jskos: A python data model for JSKOS
A python data model for JSKOS. Contribute to cthoyt/jskos development by creating an account on GitHub.
GitHub - biopragmatics/semra: 🛣️ Semantic Mapping Reasoning Assembler (SeMRA): tooling for semantic mappings
🛣️ Semantic Mapping Reasoning Assembler (SeMRA): tooling for semantic mappings - biopragmatics/semra
GitHub - cthoyt/sssom-curator: Prediction and curation of semantic mappings in SSSOM
Prediction and curation of semantic mappings in SSSOM - cthoyt/sssom-curator
GitHub - cthoyt/opencitations-client: A Python client to OpenCitations
A Python client to OpenCitations. Contribute to cthoyt/opencitations-client development by creating an account on GitHub.
What Security Tokens For 2FA Say About FOSS Consumers
Recently, PyPI announced that they would force everyone that maintains a project or an organization on the platform will have to enable 2FA. This is one more step in the direction of strongly protecting the package providers and their users. I am not opposed to it. But it made me think of the discussions we have around FOSS about reciprocity and unfair burden1. And about double standards. And how it is hard to make corporations understand the upside of Open Source, and how diffuse it is. Let’s talk about security tokens, 2FA, and how corporations do not understand their place in the FOSS ecosystem. I do not think PyPI do this here, they seem to have taken the decision ↩
Defense in Depth: A Practical Guide to Python Supply Chain Security
A comprehensive guide to securing your Python dependencies from ingestion to deployment, covering linting, pinning, vulnerability scanning, SBOMs, and attestations
Packageless, la distribution sans paquets
Les paquets permettent d’installer des logiciels et des bibliothèques sur un ordinateur, mais quel format pour quelle tache ?