Last active
April 23, 2026 17:04
-
-
Save rvrsh3ll/b82d9bbb61f3dbb52eff058c9a67580b to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Safe virtual environment starter with freshness protection | |
| safe-venv() { | |
| local VENV_DIR="${1:-$HOME/venv/safe-env}" | |
| # Create venv if it doesn't exist | |
| if [ ! -d "$VENV_DIR" ]; then | |
| echo "π Creating virtual environment at $VENV_DIR ..." | |
| python3 -m venv "$VENV_DIR" | |
| fi | |
| # Activate the virtual environment | |
| source "$VENV_DIR/bin/activate" | |
| # Create clean Python checker | |
| cat > /tmp/check_fresh_packages.py << 'EOF' | |
| import urllib.request | |
| import json | |
| import sys | |
| from datetime import datetime, timezone | |
| from pathlib import Path | |
| def is_too_new(pkg_name): | |
| pkg = pkg_name.strip() | |
| if not pkg or pkg.startswith('#') or '==' in pkg or '>=' in pkg: | |
| return False | |
| try: | |
| url = f"https://pypi.org/pypi/{pkg}/json" | |
| with urllib.request.urlopen(url, timeout=12) as resp: | |
| data = json.loads(resp.read()) | |
| version = data["info"]["version"] | |
| releases = data["releases"].get(version, [{}]) | |
| if not releases or not releases[0]: | |
| return True | |
| ts = releases[0].get("upload_time_iso_8601") or releases[0].get("upload_time") | |
| if not ts: | |
| return True | |
| dt = datetime.fromisoformat(ts.replace("Z", "+00:00")) | |
| days_old = (datetime.now(timezone.utc) - dt).days | |
| if days_old <= 7: | |
| print(f"π¨ ALERT: {pkg} v{version} was released only {days_old} day(s) ago β BLOCKED") | |
| return True | |
| else: | |
| print(f"β SAFE: {pkg} v{version} ({days_old} days old)") | |
| return False | |
| except Exception as e: | |
| print(f"β Could not check {pkg}: {e}") | |
| return True | |
| print("π Checking PyPI release dates (no packages newer than 7 days allowed)...\n") | |
| req_file = Path("requirements.txt") | |
| if req_file.exists(): | |
| with open(req_file) as f: | |
| packages = [line.strip() for line in f if line.strip() and not line.startswith("#")] | |
| blocked = any(is_too_new(p) for p in packages) | |
| if blocked: | |
| print("\nπ« Some packages are too new. Installation blocked for safety.") | |
| print(" You can still run 'pip install -r requirements.txt' manually if you accept the risk.") | |
| else: | |
| print("\nπ All packages are older than 7 days β safe to install.") | |
| print(" Run: pip install -r requirements.txt") | |
| else: | |
| print("βΉοΈ No requirements.txt found in current directory.") | |
| print(" Make sure you are in the folder containing requirements.txt") | |
| print(" Then run: safe-venv") | |
| EOF | |
| # Run the checker | |
| python3 /tmp/check_fresh_packages.py | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment