Relative “Dependency Cooldowns” in pip v26.0 with crontab

sethmlarson.dev

WARNING This blog post is now outdated. Use pip v26.1 which supports relative dependency cooldowns out-of-the-box, no hacks with crontab required. pip v26.0 added support for the --uploa...

4 pages link to this URL

Cooldown periods for package updates

Marek Šuppa Marek Šuppa Mar 31, 2026

Personal site of Marek Šuppa — writing, teaching, and learning.

0 inbound links article en securitysupply-chainnpmpythonuvpnpmbun

Simon Willison on python

Simon Willison’s Weblog Simon Willison May 4, 2026

1,250 posts tagged ‘python’. The Python programming language.

0 inbound links website en django 588ai 2016generative-ai 1785llms 1751uv 93projects 526quora 1005open-source 303sqlite 463datasette 1480

Simon Willison on security

Simon Willison’s Weblog Simon Willison May 4, 2026

602 posts tagged ‘security’.

0 inbound links website en ai 2016llms 1751generative-ai 1785prompt-injection 147xss 60exfiltration-attacks 43javascript 755csrf 54phishing 54python 1250

Dependency Cooldowns¶

cooldowns.dev Martin Prpič Mar 27, 2026

A guide to configuring dependency cooldowns across package managers to protect against supply chain attacks.

0 inbound links en