Closed ptheywood closed 2 years ago
Currently, the occurences of wget
are in:
For the generic conda instructions I've added example use of sha256sum
to and a comment suggestion to look the value up from the conda website in #67 , however as the latest conda is requested not a known version we can't provide a known hash in the documentation.
It may be better to change the examples to fetch specific versions of conda, and include the known hash for the provided version in the sample code blocks, with the location of where to find the expected checksums as text?
Users are currently told to
wget
and execute arbitrary scripts during conda installation (and potentialyl others) to install tensorflow etc. Users will download and run arbitrary scripts if it allows them to get work done, so rather than fight it we should strongly encourage users to verify the integrity of scripts (via checksums) and ideally inspect them prior to execution.Any examples of this in the docs should be updated to include this (i.e. conda installation).