It’s probably too late now but I find the security implications section a little contradictory and unmotivated:
There are no known security vulnerabilities introduced by lazy imports. Security-sensitive tools that need to ensure all imports are evaluated eagerly can use sys.set_lazy_imports() with “none” to force eager evaluation, or use sys.set_lazy_imports_filter() for fine-grained control.
How can there be no know security vulnerabilities and something that security sensitive tools need to do? What is a security sensitive tool? A web server?
I would of preferred something like:
Python package installers, and other similarly security sensitive tools, that need to eagerly import to avoid installed packages overriding their import namespace during installation can use
sys.set_lazy_imports()with"none"to force eager evaluation, or usesys.set_lazy_imports_filter()for fine-grained control.
Apologies I hadn’t been keeping a close eye on if the text had been updated.