A security namespace reservation vulnerability, 'composable-command', was added to the Python Package Index (PyPI). This issue affects PyPI users and maintainers who rely on namespace isolation, potentially enabling supply-chain attacks via malicious package uploads under reserved namespaces.
composable-command added to PyPI
A security namespace reservation vulnerability, 'composable-command', was added to the Python Package Index (PyPI). This issue affects PyPI users and maintainers who rely on namespace isolation, potentially enabling supply-chain attacks via malicious package uploads under reserved namespaces.