One Does Not Simply 'pip install'

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Package Management Pip Python Packaging

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • pip

    The Python package installer

    • Slightly tangential, but... one also does not simply `pip download` if one does not want execute code - https://github.com/pypa/pip/issues/1884.

    I wanted to run guarddog on source packages. Only then build them locally and install. Turns out, pip download triggers code execution in fetched packages.

    Somewhat surprising and in this day and age worth spreading awareness of.

  • zpy

    Zsh helpers for Python venvs, with uv or pip-tools (by AndydeCleyre)

    • If anyone's interested in a pipx clone with excellent tab completion, I would appreciate any feedback on pipz, a function of my zsh plugin for python environment and dependency management: zpy

    https://github.com/andydecleyre/zpy

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts