Paul Moore

> One of the motivations behind the dist-inspector plugin type (that I'm aware of) is enabling verification of [PEP 740 attestations](https://peps.python.org/pep-0740/) during package installation. Thank you. That had been mentioned...

> I don't think pip would start doing non-standard installation behavior More specifically, it's an important security feature of wheels that no build takes place when installing a wheel. If...

pip has no way of knowing which architectures need binaries. If you want to build from source, you can use `pip install --no-binary=GPy Gpy`. From the sound of it, though,...

-1 on implementing this for the leagcy resolver. We should not be making any changes to that code - it's destined for removal. Apart from that comment, I've not looked...

Some general comments, intended as a review but they seem to fit better here than in the review screen. * I still want the changes to the legacy resolver (and...

I hit "rerun failed jobs". Let's see if that fixes it.

Honestly, I don't care. As long as we don't break what the *current* documentation says: > Requirements files are utf-8 encoding by default and also support [PEP 263](https://peps.python.org/pep-0263/) style comments...

#4737 is specifically about `pip install` with no arguments, although it expanded into discussion of the general case of what the exit code should be in various cases. I'm not...

> Will this force dynamic import resolution in case of editable packages for everyone? I don't know what "dynamic import resolution" means. If you mean "will it force use of...

This will be fixed as part of the routine updates of our vendored dependencies prior to the 25.2 release. I’m not entirely clear why it’s causing you issues now, as...