How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

How can I specify with pip that a given package should ONLY be installed if found in a private index, or should at least prefer that index over pypi?
I have a private registry on our internal Gitlab that is setup with the standard simple pypi layout. I don’t want to use –extra-index-url because this would make it susceptible to dependency confusion attacks. (for example if I am trying to install a package from my private index but there is a package of the same name and higher version on pypi it would use that instead). https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610

I installed cutadapt first using sudo apt install cutadapt, but it gave an old version (version 2.8). I then used pip to install cutadapt thinking it would also just upgrade what I already had. python3 -m pip install --user --upgrade cutadapt This installed the latest version (4.9).