[skrtskrt]

Pasting this from another comment:

Poetry is still rough around the edges but I think the core experience is great and it's well on its way to be a very popular tool.

Before using it at work, we are waiting on waiting on https://github.com/python-poetry/poetry/issues/2610 (alternate repository not getting used for transitive dependencies) and ideally this https://github.com/python-poetry/poetry/issues/1556 (disable SSL verify for alternate repositories)

If you don't use your own PyPi for a bunch of internal packages, it works great imo. One more wish item would be having absolute path dependencies instead of only relative path.

[wp381640]

I hope the second is never changed - it’s 2020, time to start authenticating the servers you’re downloading and executing code from

Internal doesn’t mean secure

[MrOxiMoron]

Have to agree, and if it is truly internal why are you doing SSL?

[zzzeek]

SSL for internal services seems to be becoming common these days and that's not a bad thing. Corporate/institutional information warfare is becoming a pretty big deal now (see all the US hospitals being infiltrated) so hardening on the inside to at least slow down an internal threat is not a bad thing at all.