erikrose · October 6, 2015 23:39
diff --git a/gistfile1.txt b/gistfile1.txt
 - [ ] Rising standards of repeatability:
    - [ ] pip freeze
        - [ ] This gives you the basics, defending you against buggy or
              incompatible upstream updates.
        - [ ] Be sure to include dependencies! Install with --no-deps
              and run your test suite to make sure it works.
    - [ ] hashes
        - [ ] This defends you against package replacement (which PyPI
              doesn't allow anymore but other indexes might), indexes
              getting hacked, and MITM attacks. (HTTPS also contributes
              to MITM protection but is vulnerable to governments and
              other entities issuing fake MITM certs.)
    - [ ] wheelballs
        - [ ] This lets you install even if the index server is
              unreachable.
        - [ ] Combine it with hashes to be able to build a new
              wheelball with verifiably identical packages (perhaps
              minus a few you've decided to update).
	- [ ] Rising standards of repeatability:
	- [ ] pip freeze
	- [ ] This gives you the basics, defending you against buggy or
	incompatible upstream updates.
	- [ ] Be sure to include dependencies! Install with --no-deps
	and run your test suite to make sure it works.
	- [ ] hashes
	- [ ] This defends you against package replacement (which PyPI
	doesn't allow anymore but other indexes might), indexes
	getting hacked, and MITM attacks. (HTTPS also contributes
	to MITM protection but is vulnerable to governments and
	other entities issuing fake MITM certs.)
	- [ ] wheelballs
	- [ ] This lets you install even if the index server is
	unreachable.
	- [ ] Combine it with hashes to be able to build a new
	wheelball with verifiably identical packages (perhaps
	minus a few you've decided to update).