|
|
|
|
|
|
by theptip
1279 days ago
|
|
|
If you run a security linter like ‘bandit’ you’ll get warnings for eval and other security holes. It seems you can’t run bandit on deps, but perhaps if you fork them and build yourself? If you are security conscious, having a rule that you can only install from a local pypi with packages you have forked would be a more defensible perimeter. But, a maintenance pain for sure. |
|
|