In a previous post, I described how uv can now protect you from supply-chain attacks with the exclude-newer feature.
This week, pip introduced a similar feature, --uploaded-prior-to. The simple syntax is:
sh
|
|
In practice, to install a package (litellm in this example) excluding releases newer than a week:
sh
|
|
A great step to increase security!