Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If you have hundreds of different Python projects on your machine (as I do) the speed and developer experience improvements of uv make a big difference.

I love being able to cd into any folder and run "uv run pytest" without even having to think about virtual environments or package versions.



Do you run those projects on the host system as your normal user without any isolation?


Yes, which makes me very vulnerable to supply chain attacks.


Yikes! I had a scare once, and since then I only run sandboxed code or scripts I've written with minimal 3rd party deps.

I assume you have other mitigations in place?


Not really. I have good backups and I try to stick with dependencies I trust.

I do a lot of my development work using Claude Code for web which means stuff runs in containers on Anthropic's servers, but I run things on my laptop most days as well.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: