Using SourceRank score to warn or limit packages

You might be remembering the discussion about having pip-audit
inline with package installation in order to block downloads of
package versions with known security vulnerabilities:

1 Like