|
|
|
|
|
|
by the_mitsuhiko
563 days ago
|
|
|
> Somebody else is building your binaries. That happens all the time. Who builds the docker images you are using? > You've added another link in your software supply chain. How do you know they haven't inserted malware? You're installing untrusted random packages from PyPI. There are many much weaker points than Astral giving you malware for fun. |
|
|