mistersql, #pypi #python - Did someone already write a tool to front run
safety
orpip-audit
before anything is installed? I guess something like "poetry lock" and then audit the files for suspicious situations, like CVEs or the repo was created yesterday or the package was published yesterday.Installing everything then running
safety
imho has always been !@#$!@$ stupid because the malicious code runs during install.