Feb. 12, 2019
9:05 a.m.
On Tue, Feb 12, 2019 at 5:24 AM Tzu-ping Chung <uranusjr@gmail.com> wrote:
One way to avoid disclosing user environments to a third party is to build this into PyPI instead. The API could generate the warning for pip to display.
How large are these kinds of databases? Would it be a conceivable thought end users and/or CI infrastructures of organisations keep and update their local copies and thus only disclose the fact they're using such a database? -- Joni Orponen