alt Hacker NewsNice feature. However uv is suspect at the moment, in the sense that it is designed as a pip replacement to overcome issues that only exist when supply chains are of a size that isn't safe to have.
So any project that has UV and any developer that tries to get uv into a project is on average less safe than a project that just uses pip and a requirements.txt
Replies
Imustaskforhelp • yesterday at 7:41 PM
I really am not able to follow this line of reasoning, I am not sure if what you said makes sense and how it relates to uv having a security feature to be on average less safe :/
➕ show 1 reply
joshred • yesterday at 7:48 PM
This is complete nonsense. pip has all the same problems that you say uv has.
➕ show 1 reply
paulddraper • yesterday at 7:47 PM
Huh?
Wanting a better pip means I am unsafe?
Sorry - call me uninformed. But I do not really understand how choosing uv makes me less safe than using pip.
Care to explain? Would love to learn.