Iphakeji lephasela le-PyPI (Python Package Index) limise okwesikhashana ukubhaliswa kwabasebenzisi abasha namaphrojekthi. Isizathu esibaluliwe wukwanda komsebenzi oyingozi owenziwa abahlaseli asebeqale ukushicilela amaphakheji aqukethe ikhodi enonya. Kuyaphawulwa ukuthi, njengoba nabaphathi abambalwa beseholidini, umthamo wamaphrojekthi anonya abhalisiwe ngesonto eledlule weqa ikhono lethimba elisele le-PyPI lokuphendula ngokushesha. Onjiniyela bahlela ukuhlela kabusha ezinye izinqubo zokubuyekeza ngempelasonto bese bavula kabusha ukubhaliswa kwendawo yokugcina.
Ngokohlelo lokuqapha uhlelo olungayilungele ikhompuyutha lwe-Sonatype, amaphakheji anonya angu-6933 atholwe kusiqondisi se-PyPI ngoMashi 2023, okuletha inani eliphelele lamaphakheji anonya atholwe kusukela ngo-2019 laya ngaphezu kuka-115. NgoDisemba 2022, ukuhlaselwa kwezinkomba ze-NuGet, NPM, ne-PyPI kwaholela ekushicilelweni kwamaphakheji angu-144 aqukethe ubugebengu bokweba imininingwane ebucayi kanye nekhodi yogaxekile.
Amaphakheji anonya amaningi azenza amalabhulali adumile asebenzisa i-typosquatting (ukunikeza amagama afanayo anezinhlamvu ezihlukile, njenge-expll esikhundleni sesibonelo, i-djangoo esikhundleni se-django, i-pyhton esikhundleni se-python, njll.) -abahlaseli badla abasebenzisi abanganakile abenza amaphutha noma abahluleka ukuqaphela umehluko emagameni phakathi nokusesha. Izenzo ezinonya ngokuvamile zihlanganisa ukuthumela idatha eyimfihlo etholwe kusistimu yendawo ngokuhlonza amafayela avamile aqukethe amagama ayimfihlo, okhiye bokufinyelela, izikhwama zemali ye-cryptocurrency, amathokheni, amakhukhi weseshini, nolunye ulwazi olubucayi.
Source: opennet.ru
