On Mon, Nov 23, 2015 at 5:56 PM, Nick Coghlan email@example.com wrote:
On 24 November 2015 at 06:47, Wes Turner firstname.lastname@example.org wrote:
- Does this affect easy_install?
easy_install has validated certificates since distribute was merged back into the project as part of setuptools 0.7 , and aside from one issue with HTTPS tunnelling , the certificate verification code has been stable since setuptools 1.3 .
Got it; thanks.
- If/because this affects easy_install,
should the guidance / suggested package installation tool be [pip]; because pip install_requires backports.ssl_match_hostname
setuptools/easy_install uses backports.ssl_match_hostname if it's available, and otherwise has its own implementation.
* setuptools 0.7 [src] -- 2013-06-?? -- https://bitbucket.org/pypa/setuptools/src/7f2c08e9/?at=0.7 * setuptools 0.7 [distro] -- 201X-XX-XX [see: whohas, ]
Setuptools latest is now at version 18.5 (2015-11-02).
-- Nick Coghlan | email@example.com | Brisbane, Australia