7

It is possible to use pip to install from a git repo using command pip install git+https://github.com/...

but is this safe for a production environment? Is there a way to protect from it being deleted without forking it, hosting myself, and merging any future updates?

Improve this question
3
  • What do you mean, "protect from it being deleted"? You can't control what the author of the software does with his repository. Neither can you control what the author of the software does with his PIP package.
    – Niklas B.
    Commented May 29, 2012 at 21:59
  • I'm just imagining scenarios where anything could happen to this repo (user gets banned, deletes his account, removes repo) that I would no longer have access to it. With a package on PyPi, it seems more protected from some of these scenarios. Maybe I'm wrong...
    – chrickso
    Commented May 29, 2012 at 22:06
  • Git is decentralized, so noone keeps you from cloning the repo. Merging upstream changes is trivial in Git, that's a single shell command (you can run it via cron or something)
    – Niklas B.
    Commented May 29, 2012 at 22:16

1 Answer 1

Reset to default
8

No it is not 100% "safe", github can go down while you need to checkout the source, the author can delete the repository (or do some disrupting change to it) ecc. ecc.

With pip you can specify a revision or a tag together with the repository link

eg. git+git://github.com/misterx/projectname.git@840d25bb9db9fbc801b9

this will checkout the revision 840d25bb9db9fbc801b9 no matter of the new versions so you do not end with unknown newer (broken) code.

What I normally do is to clone the project (unless I want to keep in sync with trunk) to my github account or somewhere else.

Improve this answer

Not the answer you're looking for? Browse other questions tagged or ask your own question.