dmerejkowsky
commented
5 years ago Some ideas:
- Also use
--only-binary=:all:-> this means storing the wheel for packages that don't have them in a mirror maybe ? - Since we'll need to change the requirements.lock parser, maybe give pest a try
Idea:
Once the
requirements.lockhas been generated, runhashin -r requirements.lockwith all packages names.This is enough because pip install -r will see at least one hash and will turn on integrity checks automatically