MozillaWiki

WebDev/Deployments: Difference between revisions

Page Discussion

WebDev/Deployments (view source)

Revision as of 22:34, 3 October 2012

156 bytes added ,  3 October 2012
→‎Using requirements
Line 18: Line 18:


When running pip use the flag: <code>--no-deps</code>. This ensures that packages will not pull in more untested versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.
When running pip use the flag: <code>--no-deps</code>. This ensures that packages will not pull in more untested versions of packages. It also means that the requirements files are a definitive source of packages used. This allows security faster audits of who is using what package.
{{note|Packages on PyPI can be removed then replaced so even pinning a version does not mean it can be trusted if you are not using the internal mirror.}}


==Internal package server==
==Internal package server==
Wraithan
Confirmed users
28

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/476386"