MozillaWiki

WebDev/Deployments: Difference between revisions

Page Discussion

WebDev/Deployments (view source)

Revision as of 22:21, 3 October 2012

5 bytes added ,  3 October 2012
→‎Using requirements
Line 15: Line 15:
   foo==0.3
   foo==0.3


Use of <code>>=</code> or not pinning to a version is not recommended. This can mean untrusted versions of packages being installed.
Use of <code>>=</code> or not pinning to a version is not recommended. This can mean broken untested versions of packages being installed.


When running pip use the flag: <code>--no-deps</code>. This ensures that packages will not pull in more untrusted versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.
When running pip use the flag: <code>--no-deps</code>. This ensures that packages will not pull in more untested versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.


==Internal package server==
==Internal package server==
Wraithan
Confirmed users
28

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/476381"