Django [SOLVED]: mysqlclient-python & security issues

Django [SOLVED]: mysqlclient-python & security issues

Home Forums Frameworks Django Tutorials Django [SOLVED]: mysqlclient-python & security issues

Viewing 2 posts - 1 through 2 (of 2 total)
  • Author
    Posts
  • #246263

    Cloudy Point
    Keymaster

    QuestionQuestion

    I can’t figure out whether I’ll bear any risk in terms of malicious software & security if I download mysqlclient-python from here https://pypi.python.org/pypi/mysqlclient? Is mysqlclient-python provided in PyPI reliable in your opinion? I want to install mysqlclient in my global Python environment, not virtualenv.

    I’ve started learning Python. I want to try Django framework and Mysql database. I’ve already installed them. I know that PyPI is a third party repository, and everyone with a bit of experience can write and upload their package to PyPI.

    Is it safe to install mysqlclient, using pip and PyPI?

    #246264

    Cloudy Point
    Keymaster

    Accepted AnswerAnswer

    PyPI is the official package distribution channel linked from the main page of https://www.python.org.

    Having that in mind, you certainly bear all risks by downloading and installing anything from the internet. Not a long time ago, neither setuptools nor pip could verify SSL certificates and most of communication was over plain HTTP. It’s a usual and good practice to test all the software you are going to use in production environment somewhere in an isolated environment, and set up your production environment from an internal repository of packages already tested by you. Any package management software allows specifying a custom repository to install from.

    Source: https://stackoverflow.com/questions/47886642/mysqlclient-python-security-issues
    Author: newtover
    Creative Commons License
    This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.