Dateutil has been found to contain malicious code, a github search shows 10+ uses of dateutil in Sugar Labs repos.
You can read more about it here https://www.zdnet.com/article/two-malicious-python-libraries-removed-from-pypi/
_______________________________________________ Sugar-devel mailing list Sugar-devel@lists.sugarlabs.org http://lists.sugarlabs.org/listinfo/sugar-devel
