We handle this safely by running the SHA-256 checksum before extracting, this should be documented in the template as it will fire off in repos using this template. Eventually, it may make sense to single-source this automatic Python installation script, or just wait for Charlie Marsh to do it over at uv 😅.
Please use this form appropriately
Please check that this internal matter hasn't already been raised
Description
See for instance:
We handle this safely by running the SHA-256 checksum before extracting, this should be documented in the template as it will fire off in repos using this template. Eventually, it may make sense to single-source this automatic Python installation script, or just wait for Charlie Marsh to do it over at
uv😅.