On Tuesday, August 6, 2024 at 6:17:14 PM UTC-7 Dima Pasechnik wrote: On Tue, Aug 6, 2024 at 9:45 PM Nathan Dunfield <nat...@dunfield.info> wrote: > As I understand it, while both proposals result in binary wheels being pulled off PyPI for certain standard packages, they differ in that: > > a) The current proposal requires the version of the package to be pinned (with checksums). Does this mean using `--require-hashes` while calling pip, i.e. https://pip.pypa.io/en/stable/topics/secure-installs/#hash-checking-mode ? [...]
If anyone is confused about what these thoughts about "--require-hashes" may have to do with my proposal --- that's because there's no relation whatsoever. -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/sage-devel/7f8edd9d-0b88-4233-a1a9-a97f57f5cda9n%40googlegroups.com.
