11 Sep
2023
11 Sep
'23
12:42
Hi, For Python pip is a primary repository installer, not RPM/DEB.
On 10 Sep 2023, at 11:52, David C. Rankin <drankinatty@suddenlinkmail.com> wrote:
On 9/6/23 03:39, Andrei Verovski wrote:
use pip (from Python2) to install matplotlib
That's an idea, but I'm generally opposed to using any magic installer from python, etc.. that could pull in compromised packages. Things are getting better, but software supply-chain vulnerabilities have been big issues this past year. Zypper and RPM have been good (as well as the other package mangers, apt, dpkg, pacman, etc..)
I don't know enough about pip to know if I can trust it or not. (though I recall or a pypi repo being compromised not too long ago)
-- David C. Rankin, J.D.,P.E.