Show HN: Pipask – safer pip without compromising convenience

pipask: Know What You're Installing Before It's Too Late A safer way to install Python packages without compromising convenience. Pipask is a drop-in replacement for pip that performs security checks before installing a package. Unlike pip , which needs to download and execute code from source distribution first to get dependency metadata, pipask relies on metadata from PyPI whenever possible. If 3rd party code execution is necessary, pipask asks for consent first. The actual installation is handed over to pip if installation is approved. See the introductory blog post for more information. Installation The recommended way to install pipask is with pipx to isolate dependencies: pipx install pipask Alternatively, you can install it using pip : pip install pipask Usage Use pipask exactly as you would use pip : pipask install requests pipask install ' fastapi>=0.100.0 ' pipask install -r requirements.txt For maximum convenience, alias pip to point to pipask: alias pip= ' pipa ... Read full article.