Re: Suggestion: PEP for tracking vulnerable packages within PyPI

Mark needed to be a jerk about it.. - Grant On Tue, May 12, 2015 at 2:17 PM, Mark Lawrence wrote: > On 12/05/2015 20:46, Grant Murphy wrote: >> >> Hi, >> >> When pulling in a dependency via pip it is currently difficult to reason >> about >> whether there

Suggestion: PEP for tracking vulnerable Python packages

Hi, When pulling in a dependency via pip it is currently difficult to reason about whether there are any vulnerabilities associated with the package version you are using. I think the Python package management infrastructure could be extended to facilitate this capability reasonably easily. PyPI a

Suggestion: PEP for tracking vulnerable Python packages

Hi, When pulling in a dependency via pip it is currently difficult to reason about whether there are any vulnerabilities associated with the package version you are using. I think the Python package management infrastructure could be extended to facilitate this capability reasonably easily. PyPI a

Suggestion: PEP for tracking vulnerable packages within PyPI

Hi, When pulling in a dependency via pip it is currently difficult to reason about whether there are any vulnerabilities associated with the package version you are using. I think the Python package management infrastructure could be extended to facilitate this capability reasonably easily. PyPI a