Talk Python To Me cover image

#314: Ask us about modern Python projects and tools

Talk Python To Me

Can I Pin My Versions?

3min Snip

00:00
Play full episode
Michael: I don't really know how you can mitigate those kind of attacks because the package name typos can happen. So pin your versions, probably one. You could whitelist, you can do things like set up a private pipe, yeah, server, and just whitlist packages. And Chris did also follows on with is venturing dependencies and appropriate mitigation. Instead of pip installing requests, like finding the key bits of requests and just copying that code into your application.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode