#18131: pip requires ssl
-------------------------------------+-------------------------------------
Reporter: vbraun | Owner:
Type: defect | Status: needs_review
Priority: blocker | Milestone: sage-6.6
Component: packages: | Resolution:
standard | Merged in:
Keywords: | Reviewers:
Authors: Volker Braun | Work issues:
Report Upstream: Reported | Commit:
upstream. No feedback yet. | 69650e296c29a78c02ad2ce6598fca0412215e38
Branch: | Stopgaps:
u/vbraun/pip_requires_ssl |
Dependencies: |
-------------------------------------+-------------------------------------
Comment (by vbraun):
We need to upgrade regularly anyway... in fact we should have a process
that pulls in updates from non-mathematics Python packages automatically
(without me manually udpating package-version.txt all the time) if they
pass the tests.
There are also risks in not updating, you might run into bugs that have
long been fixed. In particular, pip packages a bunch of ssl stuff to
secure downloads. Having a version from years ago is a security risk as
it'll probably still accept ssl cipher suites that are now deemed unsafe.
--
Ticket URL: <http://trac.sagemath.org/ticket/18131#comment:23>
Sage <http://www.sagemath.org>
Sage: Creating a Viable Open Source Alternative to Magma, Maple, Mathematica,
and MATLAB
--
You received this message because you are subscribed to the Google Groups
"sage-trac" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/sage-trac.
For more options, visit https://groups.google.com/d/optout.
