Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
Slightly tangential, but... one also does not simply `pip download` if one does not want execute code - https://github.com/pypa/pip/issues/1884.
I wanted to run guarddog on source packages. Only then build them locally and install. Turns out, pip download triggers code execution in fetched packages.
Somewhat surprising and in this day and age worth spreading awareness of.
If anyone's interested in a pipx clone with excellent tab completion, I would appreciate any feedback on pipz, a function of my zsh plugin for python environment and dependency management: zpy
https://github.com/andydecleyre/zpy