REQUEST: Python packages frontend in MX Package Installer

[pearsimmon]

This may be a wrong forum section, but I thought it would be nice to integrate "python3-pip" packages just like Flatpaks. Currently, to get a program to work correctly, I had to go through such steps:

- install "python3-pip" package
- use "pip3" to install "setuptools" and "wheel"
- add the following to "~/.bashrc" so that installed programs can be run using terminal commands: export PATH=$PATH:~/.local/bin
- add "/home/(username)/.local/bin" to " secure_path="(...)" " using "sudo visudo" so that you can run these programs with "sudo" without having to specify the full path
- add a "pip install --upgrade" cron job for each package to automatically upgrade it

I suggest integrating such packages with MX Package Installer, so that they can be easily installed with GUI.

[skidoo]

"secure_path" exists for good reason.

Running unvetted pip-downloaded code with sudo permissions...
doesn't really fit the definition of "secure", eh? wǝrd

[Adrian]

Leaving aside possible security concerns, I think this is a bit too geeky to be added to MX Package Installer, I think some things are better left for CLI and python and python PIPs are better left to that.

[skidoo]

.
just to clarify, I would not single out pip. The same security concerns exist regarding pear-pip-cpan-and-others

a fresh f'rinstance: (Jan 2019) PHP PEAR Site hacked, official Package Manager replaced

(Nov 2018) Two security issues have been found and fixed this week...
plenty more ~~ websearch "jupyter notebook vulnerability|vulnerabilities" :: timespan: past year

[pearsimmon]

Thanks for your input, I will remove the custom secure path entry then.