# ⚠️ Security Warning: tplr
## 🚨 Dependency Confusion Vulnerability Detected
This package was **automatically created** by VibeHat security research to prevent potential dependency confusion attacks.
### What happened?
- Your code referenced a package called `tplr`
- This package didn't exist in the PyPI registry
- An attacker could have published a malicious package with this name
- We published this educational warning package to protect you
### Source
This package was referenced in: `neurons/base_node.py`
### What should you do?
1. **Review your code** - Make sure `tplr` is the correct package name
2. **Check for typos** - This might be a misspelled legitimate package
3. **Use private indexes** - Consider using private PyPI indexes for internal packages
4. **Contact us** if this is a legitimate internal package name
### Learn More
Visit [https://vibehat.dev/dependency-confusion](https://vibehat.dev/dependency-confusion) to understand dependency confusion vulnerabilities.
### Package Ownership
If you are the rightful owner of this package name, please contact us through our website.
---
*This package was created by VibeHat Security Research to demonstrate and prevent dependency confusion vulnerabilities.*
Raw data
{
"_id": null,
"home_page": "https://vibehat.dev/dependency-confusion",
"name": "tplr",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.6",
"maintainer_email": null,
"keywords": "security dependency-confusion vulnerability-research vibehat",
"author": "VibeHat Security Research",
"author_email": "security@vibehat.dev",
"download_url": "https://files.pythonhosted.org/packages/99/ac/b46753bcdbaa4c2fd1161a9bc48a41525ba75181fdf43f9b6dbdb924f223/tplr-1.0.0.tar.gz",
"platform": null,
"description": "# \u26a0\ufe0f Security Warning: tplr\n\n## \ud83d\udea8 Dependency Confusion Vulnerability Detected\n\nThis package was **automatically created** by VibeHat security research to prevent potential dependency confusion attacks.\n\n### What happened?\n- Your code referenced a package called `tplr` \n- This package didn't exist in the PyPI registry\n- An attacker could have published a malicious package with this name\n- We published this educational warning package to protect you\n\n### Source\nThis package was referenced in: `neurons/base_node.py`\n\n### What should you do?\n1. **Review your code** - Make sure `tplr` is the correct package name\n2. **Check for typos** - This might be a misspelled legitimate package\n3. **Use private indexes** - Consider using private PyPI indexes for internal packages\n4. **Contact us** if this is a legitimate internal package name\n\n### Learn More\nVisit [https://vibehat.dev/dependency-confusion](https://vibehat.dev/dependency-confusion) to understand dependency confusion vulnerabilities.\n\n### Package Ownership\nIf you are the rightful owner of this package name, please contact us through our website.\n\n---\n*This package was created by VibeHat Security Research to demonstrate and prevent dependency confusion vulnerabilities.*\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "\u26a0\ufe0f SECURITY WARNING: This package was auto-generated to prevent dependency confusion attacks",
"version": "1.0.0",
"project_urls": {
"Homepage": "https://vibehat.dev/dependency-confusion"
},
"split_keywords": [
"security",
"dependency-confusion",
"vulnerability-research",
"vibehat"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "26ea45efb9eeaf595e316b480a37a15582d826ccbfff3a9a61d57cdedc62cbc6",
"md5": "67cfdc5bb4c299dadf102047c5e39aea",
"sha256": "edc47d9dd5996862ee4c30d1ef8d8ce2eaec6cec512ba58e6b8495a158ea7599"
},
"downloads": -1,
"filename": "tplr-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "67cfdc5bb4c299dadf102047c5e39aea",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.6",
"size": 2417,
"upload_time": "2025-07-21T18:50:12",
"upload_time_iso_8601": "2025-07-21T18:50:12.063867Z",
"url": "https://files.pythonhosted.org/packages/26/ea/45efb9eeaf595e316b480a37a15582d826ccbfff3a9a61d57cdedc62cbc6/tplr-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "99acb46753bcdbaa4c2fd1161a9bc48a41525ba75181fdf43f9b6dbdb924f223",
"md5": "9024355baff37ecbd00b21e016bdd616",
"sha256": "7e59df0b1999c1e09a091e3aec357daea8b4e24d8d26d631c82a7b8e565bf2c7"
},
"downloads": -1,
"filename": "tplr-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "9024355baff37ecbd00b21e016bdd616",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.6",
"size": 2186,
"upload_time": "2025-07-21T18:50:13",
"upload_time_iso_8601": "2025-07-21T18:50:13.222160Z",
"url": "https://files.pythonhosted.org/packages/99/ac/b46753bcdbaa4c2fd1161a9bc48a41525ba75181fdf43f9b6dbdb924f223/tplr-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-07-21 18:50:13",
"github": false,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"lcname": "tplr"
}
JSON