I noticed the installation method here involves directly invoking setup.py which is a pretty antiquated way of managing Python libraries for users.
1) Is there any intent to upload this to PyPI for an easier pip install? (You should at least claim the name to prevent any supply chain attacks from someone who thinks python3 -m pip install dotnetfile is valid).
2) Pip supports Git URLs so a user can python3 -m pip install git+https://github.com/pan-unit42/dotnetfile. If the library isn't going to be distributed through PyPI, then this is an easier method to allow users to update and might save some users confusion when it comes to managing their dependencies across multiple Python versions.
Hi,
I noticed the installation method here involves directly invoking
setup.py
which is a pretty antiquated way of managing Python libraries for users.1) Is there any intent to upload this to PyPI for an easier
pip install
? (You should at least claim the name to prevent any supply chain attacks from someone who thinkspython3 -m pip install dotnetfile
is valid).2) Pip supports Git URLs so a user can
python3 -m pip install git+https://github.com/pan-unit42/dotnetfile
. If the library isn't going to be distributed through PyPI, then this is an easier method to allow users to update and might save some users confusion when it comes to managing their dependencies across multiple Python versions.