Double check sdist/bdist on pypi

These details have not been verified by PyPI

Project links

Homepage

Project description

Honesty

There's a long tail of people doing interesting/sketchy things to packages on pypi. Most aren't malicious, but this project gives you an easy way to check for some of the obvious ways that packages might be tampered with.

Usage

honesty list <package name>
honesty check <package name>[==version|==*] [--verbose]
honesty download <package name>[==version|==*] [--dest=some-path/]

It will store a package cache by default under ~/.cache/honesty/pypi but you can change that with HONESTY_CACHE env var. If you have a local bandersnatch, specify HONESTY_INDEX_URL to your /simple/ url.

Exit Status

These are bit flags to make sense when there are multiple problems. If you pass * for version, they are or'd together.

0   if only sdist or everything matches
1   if only bdist
2   (reserved for future "extraction error")
4   some .py from bdist not in sdist
8   some .py files present with same name but different hash in sdist (common
    when using versioneer or 2to3)

License

Honesty is copyright Tim Hatch, and licensed under the MIT license. I am providing code in this repository to you under an open source license. This is my personal repository; the license you receive to my code is from me and not from my employer. See the LICENSE file for details.

Project details

These details have not been verified by PyPI

Project links

Homepage

Release history Release notifications | RSS feed

0.3.0b1 pre-release

Feb 2, 2024

0.3.0a5 pre-release

Jan 22, 2024

0.3.0a4 pre-release

Jan 22, 2024

0.3.0a3 pre-release

Jan 16, 2024

0.3.0a2 pre-release

Nov 10, 2020

0.3.0a1 pre-release

May 13, 2020

0.2.1

Feb 20, 2020

0.2.0

Dec 4, 2019

This version

0.1.3

Dec 4, 2019

0.1.2

Nov 13, 2019

0.1.1

Nov 12, 2019

0.1.0

Nov 12, 2019

0.0.3

Nov 2, 2019

0.0.2

Oct 30, 2019

0.0.1

Oct 29, 2019

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

honesty-0.1.3.tar.gz (18.2 kB view details)

Uploaded Dec 4, 2019 Source

Built Distribution

honesty-0.1.3-py2.py3-none-any.whl (18.4 kB view details)

Uploaded Dec 4, 2019 Python 2 Python 3

File details

Details for the file honesty-0.1.3.tar.gz.

File metadata

Download URL: honesty-0.1.3.tar.gz
Upload date: Dec 4, 2019
Size: 18.2 kB
Tags: Source
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.40.0 CPython/3.8.0

File hashes

Hashes for honesty-0.1.3.tar.gz
Algorithm	Hash digest
SHA256	`a30d8fd536e0bb98c894e630c705a8afa97254aa3f750d7f64b0437d123f55a2`
MD5	`710815e054754c434b3a9214346063ee`
BLAKE2b-256	`5b6cb56555049cbfa691c5208d4a73b38e38c70a4b4c223a44b85d733e014b88`

See more details on using hashes here.

File details

Details for the file honesty-0.1.3-py2.py3-none-any.whl.

File metadata

Download URL: honesty-0.1.3-py2.py3-none-any.whl
Upload date: Dec 4, 2019
Size: 18.4 kB
Tags: Python 2, Python 3
Uploaded using Trusted Publishing? No
Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/41.2.0 requests-toolbelt/0.9.1 tqdm/4.40.0 CPython/3.8.0

File hashes

Hashes for honesty-0.1.3-py2.py3-none-any.whl
Algorithm	Hash digest
SHA256	`2b01c9bfef687441b33bec0d67c3aa1536c9b80fe095d0357f1b069d85e82141`
MD5	`ce726b17c2059fd21174ed0e3161580a`
BLAKE2b-256	`e1b43adc2521d251145e21a341beeff6de562b1370dbbd160059e42360df73fd`