this post was submitted on 24 Sep 2024
23 points (100.0% liked)

Python

6403 readers
18 users here now

Welcome to the Python community on the programming.dev Lemmy instance!

πŸ“… Events

PastNovember 2023

October 2023

July 2023

August 2023

September 2023

🐍 Python project:
πŸ’“ Python Community:
✨ Python Ecosystem:
🌌 Fediverse
Communities
Projects
Feeds

founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
[–] onlinepersona 2 points 2 months ago (1 children)

Those new though... Pondrat, poolrat, applejesus πŸ˜‚ They sure are having fun.

At the same time, I'm becoming more convinced that dev environments should run in VMs or containers. It's not clear to me if SELinux would help Amy against these kinds of threats.

Anti Commercial-AI license

[–] Mikina 2 points 2 months ago

It's best to have a local copy of package repos with whitelisted libraries, or so I've heard. But containers are fine, too. Especially with VSCode .devcointainers, it's super easy to setup and distribute with the repo, there's really no reason not to do that.

The biggest issue here that a lot people don't realize is Bing AI, it's insanely easy to poison it's results, since it summarizes search results. It's only a matter of time before someone convinces it to start using or adding a typosquatted/malicious library to answers to a common programming question, and it will be a fun times ahead.