在使用 Python 的早些年，为了解决 Python 包的隔离与管理 virtualenvwrapper 就成为我的工具箱中重要的一员。后来，随着 Python 3 的普及，virtualenvwrapper 逐渐被 venv 所替换。毕竟 venv 是 Python 3 的标配，优点是显而易见的。而这几年，应用场景的的复杂性越来与高，无论 ...

A Vulnerability on Docker Hub allowed admin access to the Python Package Index (PyPI) and the injection of malicious code. The JFrog Security Research Team recently identified and mitigated a critical ...

Docker is a widely used developer tool that first simplifies the assembly of an application stack (docker build), then allows for the rapid distribution of the resulting executabl ...

Scrubbing tokens from source code is not enough, as shown by the publishing of a Python Software Foundation access token with administrator privileges to a container image on Docker Hub. A personal ...