Skip to content

Instantly share code, notes, and snippets.

@osteele

osteele/find-malicious-conda-env-packages

Created September 15, 2017 14:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save osteele/198b50a2a208e5bc7e5fb8d010cf590c to your computer and use it in GitHub Desktop.
Save osteele/198b50a2a208e5bc7e5fb8d010cf590c to your computer and use it in GitHub Desktop.
Download ZIP
Report malicious PyPI packages in conda environments
Raw
find-malicious-conda-env-packages
#!/bin/bash
# Report malicious PyPI packages in each conda environment.
# See discussion at https://news.ycombinator.com/item?id=15256121
packages=$(cat <<EOF
acqusition
apidev-coop
bzip
crypt
django-server
pwd
setup-tools
telnet
urlib3
urllib
EOF)
dirs=$(conda env list | awk '$1!~/^#/ {print $1}')
for dir in $dirs; do
echo ${dir}:
source activate $dir
pip list --format=legacy | egrep -e '^('$(echo -n "$packages" | tr \\n \|)')\b'
done
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment