New project (CLI) install-locked-env. What about security?

paugier · December 10, 2025, 10:15pm

I created a new project called install-locked-env (PyPI project, repo)

My goal was to be able to install in one call “locked” environments described in locked files saved in repositories on the web (hosted on GitHub or GitLab instances).

For example, one can install a good controlled and tested environment for Fluidsim supporting parallel computing with MPI with just

uvx install-locked-env https://github.com/fluiddyn/fluidsim/tree/branch/default/pixi-envs/env-fluidsim-mpi

From my point of view, this tool is useful for my students and colleagues and this is why I wrote it.

With it, it becomes very simple (basically copy/paste one command) to use and reuse prepared locked environments. It seems to me that it can in particular be very attractive for education. The teacher prepares her/his environment with tools like Pixi or UV and just commits few files in a repo on the web. The students create exactly the same environment locally on their computers, with only one very simple command.

For applications for which “in browser” or “on server“ execution is not adapted, it seems to me that it’s interesting. Moreover, it is also extremely simple for the teacher compared to alternative solutions like JupyterHub, pixi pack or even JupyterLite.

Currently, install-locked-env is just a prototype and only Pixi environments are supported.

I post here to get some feedback about this idea. Since it seems to me that nothing similar currently exist, there might be a good reason for this and it might actually be a bad idea.

I thought a bit about security and I realize that a tool like install-locked-env can be dangerous. However, it seems to me that it is not so much worse than other methods dealing with local installation. But for sure I can miss something.

Finally, a long time ago I wrote a small Python app called conda-app that was the equivalent of pipx for conda-forge. I was very happy when Pixi and UV came out so that I don’t need any longer to use and maintain conda-app. It would be perfect for me if something similar would happen with install-locked-env.

pf_moore · December 10, 2025, 10:59pm

It sounds to me like uv is pretty close to this already^[1] - if you have a standard pylock.toml file, you can create that locked environment with uv venv; uv pip install -r pylock.toml.

I’d be interested to understand what the differences are between this and your tool (apart from the obvious one that your tool supports pixi, rather than standard lockfiles).

And once pip gains the ability to install from standard lockfiles, virtualenv/pip will also have a similar capability. ↩︎

paugier · December 12, 2025, 2:32pm

The equivalent of

uvx install-locked-env https://foss.heptapod.net/fluiddyn/install-locked-env/-/tree/branch/default/envs/env-pdm-pylock

would be using UV, wget and a Posix shell something like:

mkdir env-pdm-pylock
cd env-pdm-pylock
wget https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml
uv venv
uv pip install -r pylock.toml

The first solution with install-locked-env is cross-platform and does not depend on other tools (like wget or curl).

For teachers and students, the second solution with only UV is in practice too complicated and error prone. I’m very confident that if a teacher send such instructions to a class (with also the PowerShell version), there will be problems.

paugier · December 12, 2025, 2:46pm

I released install-locked-env 0.2.0, which is a bit less a prototype.

uvx install-locked-env https://github.com/fluiddyn/fluidsim/tree/branch/default/pixi-envs/env-fluidsim-mpi

now gives

✓ Detected github repository
  Repository: fluiddyn/fluidsim
  Path: pixi-envs/env-fluidsim-mpi
✓ Downloaded 2 file(s)
  Environment type: pixi
✓ Saved files to /home/users/augier3pi/tmp/env-fluidsim-mpi
    pixi.toml, pixi.lock
  log file installation: env-fluidsim-mpi/log_install.txt
✓ Installed environment: env-fluidsim-mpi
✓ Registered Jupyter kernel

Installation complete!
Activate with: pixi shell --manifest-path env-fluidsim-mpi

install-locked-env now supports UV, PDM and pylock.toml files.

pf_moore · December 12, 2025, 3:53pm

Pierre Augier:

would be using UV, wget and a Posix shell something like:

mkdir env-pdm-pylock
cd env-pdm-pylock
wget https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml
uv venv
uv pip install -r pylock.toml

OK. The need to make a new directory and cd into it wasn’t clear. I tend to prefer my tools to let me create the project directory, and then I run the tools within that directory, but that’s a matter of preference.

The wget is unnecessary, though - the following should work:

uv venv
uv pip install -r https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml

(It will in pip when pip gets the ability to install from lockfiles, and I believe uv supports reading requirements from remote URLs as well).

And because you don’t need wget/curl, the uv/pip based solution is cross-platform as well.

pf_moore · December 12, 2025, 4:00pm

By the way, I think it would be a nice addition to uv venv to accept a set of requirements to pre-seed the environment with, which would reduce the uv approach to

uv venv -r https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml

This is actually similar to Add the option to use custom seed packages when creating a `venv` · Issue #15942 · astral-sh/uv · GitHub

paugier · December 12, 2025, 4:37pm

Nope, with uv 0.9.17 it does not work:

$ uv pip install -r https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml
error: File not found: `https://foss.heptapod.net/fluiddyn/install-locked-env/-/raw/branch/default/envs/env-pdm-pylock/pylock.toml`

So unfortunately, people still need wget or curl.

And for Pixi one needs to download two files.

I personally also prefer that, but for students and some colleagues, simplicity and less typing is really better. `install-locked-env` has a -o option to specify the directory.

pf_moore · December 12, 2025, 4:51pm

Works for me:

❯ uv venv
Using CPython 3.14.0 interpreter at: C:\Users\Gustav\AppData\Local\Python\pythoncore-3.14-64\python.exe
Creating virtual environment at: .venv
Activate with: .venv\Scripts\activate
❯ uv pip install -r http://localhost:8000/requirements.txt
Resolved 5 packages in 445ms
Prepared 2 packages in 354ms
Installed 5 packages in 409ms
 + certifi==2025.11.12
 + charset-normalizer==3.4.4
 + idna==3.11
 + requests==2.32.5
 + urllib3==2.6.2

It seems to be a bug in uv, not supportling lockfiles over http. I’d suggest reporting it to them, they are usually very quick to fix reported issues.