@pypi | Tweet Data Analysis

Overview

Tweets covering

9 days

Latest tweet was on

2023-02-17

Earliest tweet was on

2023-02-08

Total number of tweets analysed

25

Average age of authors' accounts

10 years

Summarization

The conversation on Twitter is about the debate between using upper bounds or not for Python packages, the security risks of hosting them on PyPI and security measures that might be taken such as package signing and SBOMs. Additionally, the account holder recently uploaded their first Python package on PyPI and a discussion of Alembic listing a wheel that is missing from an index is presented.

Topic Modeling

Python Packaging Debate
CondaForge vs PyPI
PrefixDev
CoreJS Freeloaders
Malicious Packages Found at PyPI

Emotional Analysis

The emotions expressed in these tweets are mainly related to frustration, confusion, and amusement. The first tweet expresses confusion about the debate between CondaForge and PyPI on the use of upper bounds. The second tweet expresses excitement at finally uploading a Python package to PyPI. The third tweet expresses frustration at the amount of backdoored packages on PyPI. The fourth tweet expresses amusement at the controversy surrounding PyPI's 2FA mandate. The fifth tweet expresses confusion about how to use setup tools. The sixth tweet expresses frustration at people turning a blind eye to malicious packages on PyPI. The seventh tweet expresses excitement at having updated PISpy, a tool built with Textualizeio. The eighth tweet expresses gratitude for the helpful work. The ninth tweet expresses amusement at the agreement between Crashappsec and Magnologan. The tenth tweet expresses confusion about what measures should be taken to improve the situation. The eleventh tweet expresses confusion about a discrepancy in Alembic's wheel on PyPI.

Trend Analysis

Arguments surrounding Python Packaging
Security of PyPI packages
Package signing and SBOMs for security
Implementation of 2FA on PyPI
Discrepancies in package listings on PyPI

Disclaimer: The text analysis on twtdata.com, powered by OpenAI, does not represent the views of twtdata.com or its affiliates. The analysis is for informational purposes only and not an endorsement of any viewpoint.

Types of Tweets

Number of Retweets

5

20% of total

Number of Original tweets

7

28% of total

Number of tweets that were Quotes

1

4% of total

Number of tweets that were Replies

13

52% of total

Number of tweets that contain Hashtags

4

16% of total

Number of tweets that contain Mentions

25

100% of total

Devices Used to Tweet

Top 5 Devices

Source	Count
Twitter Web App	18
Twitter for Android	5
TweetDeck	1
Twitter for iPhone	1

Device Distribution

Top 10 Accounts by Followers

Username	Name	Bio	Followers count
devopsdotcom	DevOps.com	Where the world meets DevOps. Powered by @TechstrongGroup.	55,196
RiCHi	@Richi 🤓 Jennings	Foolish #analyst/#editor: @TechstrongGroup @ReversingLabs @OstermanRsch	48,848
liran_tal	Liran Tal	🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳	10,490
condaproject	conda	#conda is an open-source, system-level binary package manager and ecosystem with over 30 million users worldwide.	3,900
magnologan	Magno Logan	Security @ TM	3,045
crashappsec	Crash Override	Mark Curphey, John Viega, Brandon Edwards and a world class crew of software engineers and security researchers.	2,705
wuoulf	Wolf Vollprecht	Robotics, AI & HPC // working hard on @prefix_dev, core developer of #mamba, #xtensor // prev @QuantStack, @ETH, @Stanford	2,445
playfulpython	Playful Python	Tweets on Intermediate & Advanced Python \| Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh \| YT: https://t.co/xbY3Vs61rK	1,861
davepdotorg	Dave Pearson - @davep@fosstodon.org	Developer (https://t.co/o1bP53XQ02) - Emacs addict (https://t.co/k7tLEtJMSY) - Geek - Photoblogs at https://t.co/wQNXWpnbsT - Hacks code @textualizeio - Tweets only for me - https://t.co/iAuE6AfeBa	1,382
igat786	Ganesh Tiwari	DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥	1,346

Top 10 Accounts by Friends

Username	Name	Bio	Followers count
RiCHi	@Richi 🤓 Jennings	Foolish #analyst/#editor: @TechstrongGroup @ReversingLabs @OstermanRsch	6,915
magnologan	Magno Logan	Security @ TM	4,999
igat786	Ganesh Tiwari	DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥	1,666
devopsdotcom	DevOps.com	Where the world meets DevOps. Powered by @TechstrongGroup.	1,486
davepdotorg	Dave Pearson - @davep@fosstodon.org	Developer (https://t.co/o1bP53XQ02) - Emacs addict (https://t.co/k7tLEtJMSY) - Geek - Photoblogs at https://t.co/wQNXWpnbsT - Hacks code @textualizeio - Tweets only for me - https://t.co/iAuE6AfeBa	1,461
zhuge680828	行者（互粉）	毕生追求社会公平正义，毕生维护社会公平正义（Lifelong pursuit of social justice, lifelong maintenance of social fairness and justice）.	939
hridayHZ	Hriday Keswani	Jack of all trades trying to master some....	872
playfulpython	Playful Python	Tweets on Intermediate & Advanced Python \| Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh \| YT: https://t.co/xbY3Vs61rK	856
liran_tal	Liran Tal	🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳	796
PrathamRohra9	Pratham Rohra	java • dsa/leetcode • web dev • cse'25	780

Most Active Users

Username	Bio	Number of tweets
crashappsec	Mark Curphey, John Viega, Brandon Edwards and a world class crew of software engineers and security researchers.	4
liran_tal	🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳	4
hridayHZ	Jack of all trades trying to master some....	2
Altaf0032	IT ENGINEER \|Exploring Tech World	1
wuoulf	Robotics, AI & HPC // working hard on @prefix_dev, core developer of #mamba, #xtensor // prev @QuantStack, @ETH, @Stanford	1
playfulpython	Tweets on Intermediate & Advanced Python \| Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh \| YT: https://t.co/xbY3Vs61rK	1
naranek	Product security with a human touch https://t.co/uzeAO4EPpU	1
magnologan	Security @ TM	1
igat786	DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥	1
devopsdotcom	Where the world meets DevOps. Powered by @TechstrongGroup.	1

Tweets Per Day

Top 10 Tweets by Retweets

ID	Text	Retweet count
1625924771920609290	I've been thinking thoughts on some Python packaging debates lately – for example wether to use upper bounds or not. Read about @condaforge vs @pypi on this issue – and …	16
1623981696503713792	I wonder if the reason that so many @pypi packages are being backdoored is because Python has become the defacto language for data-science and they are going after the data …	5
1626306648871514115	In this week’s #TheLongView: 1⃣ Denis “@zloirock” Pushkarev is fed up with #CoreJS freeloaders, and2⃣ hundreds more malicious packages found at @PyPI.At @TechstrongGroup’s @DevOpsDotCom: https://t.co/bHIuuKuFp5 #DevOps	2
1624765440160309248	1/2And after procrastinating work on it for over a week I finally uploaded my first Python package on @pypi , it is a selenium wrapper for getting coordinates of a …	1
1624701889588633601	@pypi Can you tell me how to use setup tools?	0
1624041410935635978	@crashappsec @magnologan @pypi Funny how when this happens on npm everyone just enjoys trashing the JavaScript community 🫤	0
1624042549701750787	@liran_tal @magnologan @pypi and when its on Maven central people pretend they are deaf and blind.	0
1624043527406555139	@crashappsec @magnologan @pypi 😆	0
1624044697676091395	@liran_tal @magnologan @pypi 🧑‍🦯🦮👨‍💻	0
1624086682642575361	@crashappsec @liran_tal @pypi What are your recommendations to improve this situation? Package signing? SBOMs? Or better criteria and control on who can publish to these repositories?	0

Top 10 Tweets by Likes

ID	Text	Like count
1625924771920609290	I've been thinking thoughts on some Python packaging debates lately – for example wether to use upper bounds or not. Read about @condaforge vs @pypi on this issue – and …	35
1624765440160309248	1/2And after procrastinating work on it for over a week I finally uploaded my first Python package on @pypi , it is a selenium wrapper for getting coordinates of a …	13
1623981696503713792	I wonder if the reason that so many @pypi packages are being backdoored is because Python has become the defacto language for data-science and they are going after the data …	6
1626306648871514115	In this week’s #TheLongView: 1⃣ Denis “@zloirock” Pushkarev is fed up with #CoreJS freeloaders, and2⃣ hundreds more malicious packages found at @PyPI.At @TechstrongGroup’s @DevOpsDotCom: https://t.co/bHIuuKuFp5 #DevOps	4
1624041410935635978	@crashappsec @magnologan @pypi Funny how when this happens on npm everyone just enjoys trashing the JavaScript community 🫤	2
1624042549701750787	@liran_tal @magnologan @pypi and when its on Maven central people pretend they are deaf and blind.	2
1624043527406555139	@crashappsec @magnologan @pypi 😆	2
1624044697676091395	@liran_tal @magnologan @pypi 🧑‍🦯🦮👨‍💻	2
1624701889588633601	@pypi Can you tell me how to use setup tools?	1
1624518080842944513	@magnologan @liran_tal @pypi Too many people turn a blind eye to this in my opinion https://t.co/UQBiPU6gr9	1

Top Languages Used

Top 10 Hashtags

Hashtag	Count
#thelongview	2
#corejs	2
#devops	2
#python	1

Top 10 Mentions

Mention	Count
@pypi	25
@magnologan	7
@crashappsec	6
@liran_tal	4
@hridayhz	3
@zloirock	2
@techstronggroup	2
@devopsdotcom	2
@condaforge	2
@prefix_dev	2

Wordcloud of Tweets

Emoji Analysis

Average emojis per tweet:

32

Emojis Used

Emoji	Count	Emoji Text
1⃣	2	keycap_1
2⃣	2	keycap_2
🧑‍🦯	1	person_with_white_cane
🦮	1	guide_dog
👨‍💻	1	man_technologist
😆	1	grinning_squinting_face

Emoji Groups

Emoji Group	Count
Symbols	4
People & Body	2
Animals & Nature	1
Smileys & Emotion	1

pypi - Tweet Data Analysis