I agree... there have been a lot of supply chain attacks and I've been the target of many phishing attempts, hence why I hid my personal details from my GitHub page (I assume that a web scraper is collecting emails targeting maintainers of projects with more than a hundred or so stars).

Ever since I hid my email, the emails have stopped for the most part.

Gentle ping on this :)

Sorry about that. My schedule for contributing has been out of sorts. I was appointed by Dana to have Push permissions to kafka-python, and as described in https://github.com/dpkp/kafka-python/issues/2431#issuecomment-2195874401, Dana has been away attending to personal affairs. Since I don't have PyPi credentials for that project, the most rational decision appeared to be fork and just redirect users here in the meantime.

This project is a pure Python distribution in wheels, so there isn't any malicious code hidden in compiled wheels because they aren't compiled to begin with and I also use trusted publishing to PyPi to demonstrate that these files came directly from GitHub. I'll add this note to the readme.