Conversation
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
✅ Deploy Preview for ornate-narwhal-088216 ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
matthewhelmke
approved these changes
Feb 23, 2026
Collaborator
matthewhelmke
left a comment
matthewhelmke
left a comment
There was a problem hiding this comment.
This is useful, thank you!!
LGTM
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
mosabua
requested changes
Feb 25, 2026
Member
mosabua
left a comment
mosabua
left a comment
There was a problem hiding this comment.
Good start but I think we need to flesh out what actually needs to be done with actual steps for each packaging tool and also keep in mind specific uses like pip with and without lock file.
Also .. we need to clarify more how to avoid using of cached packages .. not just in the repo manager but also locally on dev machines and in CI/CD clusters potentially.
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
Co-authored-by: angela-zhang <30538317+angela-zhang@users.noreply.github.com> Signed-off-by: s-stumbo <100295939+s-stumbo@users.noreply.github.com>
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
Signed-off-by: s-stumbo <sally.stumbo@chainguard.dev>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
[ ] Check if this is a typo or other quick fix and ignore the rest :)
Type of change
Add new section about hash verification to Python Library docs
What should this PR do?
Add content about checksum mismatches that could affect Python configurations
Why are we making this change?
Customers have reached out about this issue during migration