kennethreitz/pipenv
1
0
Fork 0
mirror of https://github.com/kennethreitz/pipenv.git synced 2026-06-05 22:50:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

formatting fixes

Browse Source
This commit is contained in:
Nate Prewitt
2017-03-13 08:32:06 -06:00
parent 876636b8f3
commit e2d7605590
1 changed files with 7 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/advanced.rst
+7 -7
View File
@@ -270,14 +270,14 @@ and external testing::
--------------------------------
``Pipfile.lock`` takes advantage of some great new security improvements in ``pip``.
By default, the ``Pipfile.lock`` will be generated with a sha256 hash of the downloaded
package. This will allow pip to guarantee you're installing what you intend to when on a
compromised network, or downloading dependencies from an untrusted PyPI endpoint.
By default, the ``Pipfile.lock`` will be generated with a sha256 hash of each downloaded
package. This will allow ``pip`` to guarantee you're installing what you intend to when
on a compromised network, or downloading dependencies from an untrusted PyPI endpoint.
We highly recommend approaching deployments with a development->production approach. You
can use ``pipenv lock`` to compile your dependencies on your development environment and
deploy the compiled Pipfile.lock to all of your production environments for reproducible
builds.
We highly recommend approaching deployments with promoting projects from a development
environment into production. You can use ``pipenv lock`` to compile your dependencies on
your development environment and deploy the compiled ``Pipfile.lock`` to all of your
production environments for reproducible builds.
.. note:: Due to different hashes being generated between wheels on different systems, you
will find hashes don't work cross-platform or between Python versions.