WebDev/Deployments: Difference between revisions

Jump to navigation Jump to search

WebDev/Deployments (view source)

Revision as of 22:09, 3 October 2012

18 bytes added ,  3 October 2012
→‎Using requirements
No edit summary
Line 17: Line 17:
Use of <code>>=</code> or not pinning to a version is not recommended. This can mean untrusted versions of packages being installed.
Use of <code>>=</code> or not pinning to a version is not recommended. This can mean untrusted versions of packages being installed.


When run use <code>--no-deps</code>. This ensures that packages will not pull in more untrusted versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.
When running pip use the flag: <code>--no-deps</code>. This ensures that packages will not pull in more untrusted versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.


==Internal package server==
==Internal package server==
Amckay
Confirmed users
1,158

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/476370"

Navigation menu