Nick Coghlan <ncoghlan <at> gmail.com> writes: > Well, people shouldn't be running getpip manually very often in the first place. > The one thing I do *not* want to preclude is security improvements in maintenance > releases. Those *may* require visible CLI changes (e.g. a flag to opt in to signature > checking). > End users should then get the enhanced security automatically most of the time (as the > installers and pyvenv pass in the flag), while direct invocations will remain unaltered > (as they *won't* pass the new flag).
I definitely agree with this :) > (although, to be honest, while I don't work for the Platform team, it wouldn't > surprise me if Red Hat still left pip and getpip out of RHEL and only included > it in Red Hat Software Collections, regardless of what our recommendations say). Yes, I suppose Debian may make the same choice. Distributions like their "minimal" packages :) Regards Antoine. _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
