PyPI - vega-lite - Versions diffs - 0.1.0__tar.gz - Mend

vega-lite 0.1.0__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

vega_lite-0.1.0/.gitignore +42 -0
vega_lite-0.1.0/LICENSE +17 -0
vega_lite-0.1.0/PKG-INFO +11 -0
vega_lite-0.1.0/README.md +34 -0
vega_lite-0.1.0/pyproject.toml +16 -0
vega_lite-0.1.0/vega_lite/__init__.py +38 -0

vega_lite-0.1.0/.gitignore ADDED Viewed

@@ -0,0 +1,42 @@
+# Data (raw/processed, too large for repo)
+data/
+# Virtual environments
+.venv/
+experiments/*/.venv/
+# Paper (not published yet)
+paper/
+# Internal notes
+plans/
+survey/
+FINDINGS.md
+.claude/
+# Evaluation results (model outputs, traces)
+evaluations/results/
+# Build artifacts
+dist/
+build/
+*.egg-info/
+__pycache__/
+guardian2/packages/*/dist/
+guardian2/packages/*/build/
+guardian2/test-upload/dist/
+guardian2/test-upload/build/
+# Secrets
+*.pypirc
+# LaTeX
+texput.log
+# OS
+.DS_Store
+# IDE
+.idea/
+.vscode/
+*.egg-info/

vega_lite-0.1.0/LICENSE ADDED Viewed

@@ -0,0 +1,17 @@
+MIT License
+Copyright (c) 2026 Guardian 2.0 Project
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

vega_lite-0.1.0/PKG-INFO ADDED Viewed

@@ -0,0 +1,11 @@
+Metadata-Version: 2.4
+Name: vega_lite
+Version: 0.1.0
+Summary: Guardian package: 'vega_lite' is a commonly hallucinated package name. You probably meant 'altair'.
+Author-email: "Guardian Project 2.0" <guardian2-pypi@proton.me>
+License: MIT
+License-File: LICENSE
+Classifier: Development Status :: 1 - Planning
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Requires-Python: >=3.8

vega_lite-0.1.0/README.md ADDED Viewed

@@ -0,0 +1,34 @@
+# vega_lite
+**This is a Guardian 2.0 defensive package.**
+The package name `vega_lite` does not exist as a real Python library. It is a name
+commonly hallucinated by AI coding assistants (language models used for code
+generation). This package was registered to prevent malicious actors from
+registering it and distributing malware.
+## Did you mean `altair`?
+```bash
+pip uninstall vega_lite
+pip install altair
+```
+## What is Guardian 2.0?
+AI coding assistants sometimes suggest package names that don't exist on PyPI.
+Attackers can register these names and distribute malicious code to anyone
+who follows the AI's suggestion. Guardian 2.0 preemptively registers the most
+commonly hallucinated names with safe, warning-only packages.
+This project is part of ongoing research into supply chain security risks
+introduced by AI coding agents.
+## Research
+This package is part of the study "I Know What Your Agent Imported: AI Coding
+Agents as Supply Chain Attack Amplifiers."
+## License
+MIT

vega_lite-0.1.0/pyproject.toml ADDED Viewed

@@ -0,0 +1,16 @@
+[project]
+name = "vega_lite"
+version = "0.1.0"
+description = "Guardian package: 'vega_lite' is a commonly hallucinated package name. You probably meant 'altair'."
+requires-python = ">=3.8"
+license = {text = "MIT"}
+authors = [{name = "Guardian Project 2.0", email = "guardian2-pypi@proton.me"}]
+classifiers = [
+    "Development Status :: 1 - Planning",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+]
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"

vega_lite-0.1.0/vega_lite/__init__.py ADDED Viewed

@@ -0,0 +1,38 @@
+"""
+Guardian 2.0 — This package name is commonly hallucinated by AI coding assistants.
+You probably meant to install: altair
+    pip install altair
+This package was registered defensively to protect developers from
+supply chain attacks that exploit AI package hallucinations.
+Learn more: https://github.com/guardian2-pypi/guardian2
+"""
+import warnings
+import sys
+_MSG = (
+    "\n"
+    "==================================================================\n"
+    "  GUARDIAN 2.0 WARNING\n"
+    "==================================================================\n"
+    "  The package \'vega_lite\' does not exist.\n"
+    "  This name is commonly hallucinated by AI coding assistants.\n"
+    "\n"
+    "  You probably meant to install:\n"
+    "      pip install altair\n"
+    "\n"
+    "  To fix:\n"
+    "      pip uninstall vega_lite\n"
+    "      pip install altair\n"
+    "\n"
+    "  This defensive package was registered by the Guardian 2.0\n"
+    "  project to protect developers from AI hallucination attacks.\n"
+    "  Learn more: https://github.com/guardian2-pypi/guardian2\n"
+    "==================================================================\n"
+)
+warnings.warn(_MSG, UserWarning, stacklevel=2)
+print(_MSG, file=sys.stderr)