Metadata-Version: 2.1
Name: venvasion
Version: 0.1.2
Summary: Arbitrary code execution when activating a virtual environment after install a wheel
Author-Email: konstin <konstin@mailbox.org>
Project-URL: github, https://github.com/konstin/venvasion
Requires-Python: >=3.9.0
Description-Content-Type: text/markdown

# venvasion

Arbitrary code execution when activating a virtual environment after install a wheel.

This package exists to demonstrate that you should never build a virtual environment or install packages from untrusted sources: You don't even need to run a python interpreter to trigger the code execution.

Usage:

```bash
uv venv test-venv
. test-venv/bin/activate
uv pip install --no-build venvasion
. test-venv/bin/activate # oops!
```
