Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

no-manylinux

Package Overview
Dependencies
Maintainers
1
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

no-manylinux

Install this package to disable manylinux wheels when dowloading from pip.

  • 3.0.0
  • PyPI
  • Socket score

Maintainers
1

Build Status

no-manylinux

Install this package to disable manylinux wheels when downloading from pip.

Usage

# First install no-manylinux
pip install no-manylinux
# Now subsequent invocations of pip will ignore manylinux wheels
pip install ...
# To restore the original behaviour, simply `pip uninstall no-manylinux`

Note

This package was previously called no-manylinux1 but now addresses the following manylinux standards:

  • manylinux1
  • manylinux2010
  • manylinux2014

What? Why?

The manylinux spec requires compliant packages to vendor binary dependencies inside the wheel that is distributed. Take for example a library which would (prior to manylinux) dynamically link against libssl. As libssl received security patches, the system binaries would received updates from the OS's package manager. The python library which dynamically links would receive these updates for free without need to recompile, reinstall, etc. Under manylinux, libssl is vendored inside the wheel. To receive security updates, you have to wait for the upstream to produce a new wheel and need to know to install a new version of that library. There's almost no visibility about these vendored wheels which makes managing them at scale impossible. As such, some may choose to ignore this standard.

FAQs


Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc