PkgRadar

PyPI · pypi.org

p4p

Py Name Typosquat: Name `p4p` is one edit away from popular package `pip` — likely typosquat.

Why PkgRadar flagged 4.2.3a1

SeveritySignalEvidence
highPy Name TyposquatName `p4p` is one edit away from popular package `pip` — likely typosquat.
mediumPy Import Time Eval ExecPython eval()/exec() called on a string. · p4p-4.2.3a1/src/p4p/asLib/__init__.py

Scanned versions

VersionVerdictScoreScanned (UTC)
4.2.3a1High risk322026-06-10

Block this in CI

PkgRadar gates p4p (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem pypi p4p==4.2.3a1
Start free — 25 scans / moView full evidence
p4p — PyPI security scan | PkgRadar