Tweets Analysis - Keyword: @pypi
Overview
Total number of tweets analysed
25
Earliest tweet was on
2023-02-08
Latest tweet was on
2023-02-17
Tweets covering
9 days
Average age of authors' accounts
10 years
Summarization
The conversation on Twitter is about the debate between using upper bounds or not for Python packages, the security risks of hosting them on PyPI and security measures that might be taken such as package signing and SBOMs. Additionally, the account holder recently uploaded their first Python package on PyPI and a discussion of Alembic listing a wheel that is missing from an index is presented.
Topic Modeling
- Python Packaging Debate
- CondaForge vs PyPI
- PrefixDev
- CoreJS Freeloaders
- Malicious Packages Found at PyPI
Emotional Analysis
The emotions expressed in these tweets are mainly related to frustration, confusion, and amusement. The first tweet expresses confusion about the debate between CondaForge and PyPI on the use of upper bounds. The second tweet expresses excitement at finally uploading a Python package to PyPI. The third tweet expresses frustration at the amount of backdoored packages on PyPI. The fourth tweet expresses amusement at the controversy surrounding PyPI's 2FA mandate. The fifth tweet expresses confusion about how to use setup tools. The sixth tweet expresses frustration at people turning a blind eye to malicious packages on PyPI. The seventh tweet expresses excitement at having updated PISpy, a tool built with Textualizeio. The eighth tweet expresses gratitude for the helpful work. The ninth tweet expresses amusement at the agreement between Crashappsec and Magnologan. The tenth tweet expresses confusion about what measures should be taken to improve the situation. The eleventh tweet expresses confusion about a discrepancy in Alembic's wheel on PyPI.
Trend Analysis
- Arguments surrounding Python Packaging
- Security of PyPI packages
- Package signing and SBOMs for security
- Implementation of 2FA on PyPI
- Discrepancies in package listings on PyPI
Types of Tweets
Number of Retweets
5
Percentage of total tweets
20%
Number of Original tweets
7
Percentage of total tweets
28%
Number of tweets that contain Mentions
25
Percentage of total tweets
100%
Number of tweets that were Replies
13
Percentage of total tweets
52%
Number of tweets that were Quotes
1
Percentage of total tweets
4%
Number of tweets that contain Hashtags
4
Percentage of total tweets
16%
Top 5 devices used to tweet
| Source | Count |
|---|---|
| Twitter Web App | 18 |
| Twitter for Android | 5 |
| TweetDeck | 1 |
| Twitter for iPhone | 1 |
What devices were used to tweet
Top 10 accounts with highest followers count
| Username | Name | Bio | Followers count |
|---|---|---|---|
| devopsdotcom | DevOps.com | Where the world meets DevOps. Powered by @TechstrongGroup. | 55,196 |
| RiCHi | @Richi 🤓 Jennings | Foolish #analyst/#editor: @TechstrongGroup @ReversingLabs @OstermanRsch | 48,848 |
| liran_tal | Liran Tal | 🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳 | 10,490 |
| condaproject | conda | #conda is an open-source, system-level binary package manager and ecosystem with over 30 million users worldwide. | 3,900 |
| magnologan | Magno Logan | Security @ TM | 3,045 |
| crashappsec | Crash Override | Mark Curphey, John Viega, Brandon Edwards and a world class crew of software engineers and security researchers. | 2,705 |
| wuoulf | Wolf Vollprecht | Robotics, AI & HPC // working hard on @prefix_dev, core developer of #mamba, #xtensor // prev @QuantStack, @ETH, @Stanford | 2,445 |
| playfulpython | Playful Python | Tweets on Intermediate & Advanced Python | Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh | YT: https://t.co/xbY3Vs61rK | 1,861 |
| davepdotorg | Dave Pearson - @davep@fosstodon.org | Developer (https://t.co/o1bP53XQ02) - Emacs addict (https://t.co/k7tLEtJMSY) - Geek - Photoblogs at https://t.co/wQNXWpnbsT - Hacks code @textualizeio - Tweets only for me - https://t.co/iAuE6AfeBa | 1,382 |
| igat786 | Ganesh Tiwari | DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥 | 1,346 |
Top 10 accounts with highest friends count
| Username | Name | Bio | Followers count |
|---|---|---|---|
| RiCHi | @Richi 🤓 Jennings | Foolish #analyst/#editor: @TechstrongGroup @ReversingLabs @OstermanRsch | 6,915 |
| magnologan | Magno Logan | Security @ TM | 4,999 |
| igat786 | Ganesh Tiwari | DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥 | 1,666 |
| devopsdotcom | DevOps.com | Where the world meets DevOps. Powered by @TechstrongGroup. | 1,486 |
| davepdotorg | Dave Pearson - @davep@fosstodon.org | Developer (https://t.co/o1bP53XQ02) - Emacs addict (https://t.co/k7tLEtJMSY) - Geek - Photoblogs at https://t.co/wQNXWpnbsT - Hacks code @textualizeio - Tweets only for me - https://t.co/iAuE6AfeBa | 1,461 |
| zhuge680828 | 行者(互粉) | 毕生追求社会公平正义,毕生维护社会公平正义(Lifelong pursuit of social justice, lifelong maintenance of social fairness and justice). | 939 |
| hridayHZ | Hriday Keswani | Jack of all trades trying to master some.... | 872 |
| playfulpython | Playful Python | Tweets on Intermediate & Advanced Python | Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh | YT: https://t.co/xbY3Vs61rK | 856 |
| liran_tal | Liran Tal | 🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳 | 796 |
| PrathamRohra9 | Pratham Rohra | java • dsa/leetcode • web dev • cse'25 | 780 |
Most active users
| Username | Bio | Number of tweets |
|---|---|---|
| crashappsec | Mark Curphey, John Viega, Brandon Edwards and a world class crew of software engineers and security researchers. | 4 |
| liran_tal | 🌟 2022 GitHub Star🏆 2022 OpenJS Pathfinder award for Security🥑 DevRel at @snyksec ❤️ AppSec, OpenSource, #JavaScript, #NodeJSDocker security hero 🐳 | 4 |
| hridayHZ | Jack of all trades trying to master some.... | 2 |
| Altaf0032 | IT ENGINEER |Exploring Tech World | 1 |
| wuoulf | Robotics, AI & HPC // working hard on @prefix_dev, core developer of #mamba, #xtensor // prev @QuantStack, @ETH, @Stanford | 1 |
| playfulpython | Tweets on Intermediate & Advanced Python | Author of "Test Driven Python Development"Blog: https://t.co/Y7rGgzn5xh | YT: https://t.co/xbY3Vs61rK | 1 |
| naranek | Product security with a human touch https://t.co/uzeAO4EPpU | 1 |
| magnologan | Security @ TM | 1 |
| igat786 | DevOps @NethermindEth,Community Advocate @ChainlinkMemes and Coding 🗿🔥 | 1 |
| devopsdotcom | Where the world meets DevOps. Powered by @TechstrongGroup. | 1 |
Tweets per day
Top 10 tweets with highest Retweet count
| ID | Text | Retweet count |
|---|---|---|
| 1625924771920609290 | I've been thinking thoughts on some Python packaging debates lately – for example wether to use upper bounds or not. Read about @condaforge vs @pypi on this issue – and how I think that @prefix_dev can provide a more powerful, automated solution: https://t.co/uXqUEworSD | 16 |
| 1623981696503713792 | I wonder if the reason that so many @pypi packages are being backdoored is because Python has become the defacto language for data-science and they are going after the data itself ? If not I reckon it will be. | 5 |
| 1626306648871514115 | In this week’s #TheLongView: 1⃣ Denis “@zloirock” Pushkarev is fed up with #CoreJS freeloaders, and2⃣ hundreds more malicious packages found at @PyPI.At @TechstrongGroup’s @DevOpsDotCom: https://t.co/bHIuuKuFp5 #DevOps | 2 |
| 1624765440160309248 | 1/2And after procrastinating work on it for over a week I finally uploaded my first Python package on @pypi , it is a selenium wrapper for getting coordinates of a place by name without the need of any api key | 1 |
| 1624701889588633601 | @pypi Can you tell me how to use setup tools? | 0 |
| 1624041410935635978 | @crashappsec @magnologan @pypi Funny how when this happens on npm everyone just enjoys trashing the JavaScript community 🫤 | 0 |
| 1624042549701750787 | @liran_tal @magnologan @pypi and when its on Maven central people pretend they are deaf and blind. | 0 |
| 1624043527406555139 | @crashappsec @magnologan @pypi 😆 | 0 |
| 1624044697676091395 | @liran_tal @magnologan @pypi 🧑🦯🦮👨💻 | 0 |
| 1624086682642575361 | @crashappsec @liran_tal @pypi What are your recommendations to improve this situation? Package signing? SBOMs? Or better criteria and control on who can publish to these repositories? | 0 |
Top 10 tweets with highest Like count
| ID | Text | Like count |
|---|---|---|
| 1625924771920609290 | I've been thinking thoughts on some Python packaging debates lately – for example wether to use upper bounds or not. Read about @condaforge vs @pypi on this issue – and how I think that @prefix_dev can provide a more powerful, automated solution: https://t.co/uXqUEworSD | 35 |
| 1624765440160309248 | 1/2And after procrastinating work on it for over a week I finally uploaded my first Python package on @pypi , it is a selenium wrapper for getting coordinates of a place by name without the need of any api key | 13 |
| 1623981696503713792 | I wonder if the reason that so many @pypi packages are being backdoored is because Python has become the defacto language for data-science and they are going after the data itself ? If not I reckon it will be. | 6 |
| 1626306648871514115 | In this week’s #TheLongView: 1⃣ Denis “@zloirock” Pushkarev is fed up with #CoreJS freeloaders, and2⃣ hundreds more malicious packages found at @PyPI.At @TechstrongGroup’s @DevOpsDotCom: https://t.co/bHIuuKuFp5 #DevOps | 4 |
| 1624041410935635978 | @crashappsec @magnologan @pypi Funny how when this happens on npm everyone just enjoys trashing the JavaScript community 🫤 | 2 |
| 1624042549701750787 | @liran_tal @magnologan @pypi and when its on Maven central people pretend they are deaf and blind. | 2 |
| 1624043527406555139 | @crashappsec @magnologan @pypi 😆 | 2 |
| 1624044697676091395 | @liran_tal @magnologan @pypi 🧑🦯🦮👨💻 | 2 |
| 1624701889588633601 | @pypi Can you tell me how to use setup tools? | 1 |
| 1624518080842944513 | @magnologan @liran_tal @pypi Too many people turn a blind eye to this in my opinion https://t.co/UQBiPU6gr9 | 1 |
Top 3 Languages Used In Tweets
Top 10 Hashtags used
| Hashtag | Count |
|---|---|
| #thelongview | 2 |
| #corejs | 2 |
| #devops | 2 |
| #python | 1 |
Top 10 Hashtags Used In Tweets
Top 10 mentions
| Mention | Count |
|---|---|
| @pypi | 25 |
| @magnologan | 7 |
| @crashappsec | 6 |
| @liran_tal | 4 |
| @hridayhz | 3 |
| @zloirock | 2 |
| @techstronggroup | 2 |
| @devopsdotcom | 2 |
| @condaforge | 2 |
| @prefix_dev | 2 |
Top 10 mentions
Wordcloud of Tweets
Emojis
Average number of emojis used per tweet
32
Emojis used in tweets
| Emoji | Count | Emoji Text |
|---|---|---|
| 1⃣ | 2 | keycap_1 |
| 2⃣ | 2 | keycap_2 |
| 🧑🦯 | 1 | person_with_white_cane |
| 🦮 | 1 | guide_dog |
| 👨💻 | 1 | man_technologist |
| 😆 | 1 | grinning_squinting_face |
Emojis groups
| Emoji Group | Count |
|---|---|
| Symbols | 4 |
| People & Body | 2 |
| Animals & Nature | 1 |
| Smileys & Emotion | 1 |