I am working in a company that do not permit installing libraries without cybersecurity department permission. So I had to download the libraries for example from pypi.org, send them for authorization and install them by calling setup. However, I wonder if there are better solutions/practices to guaranty the sanity of the libraries. For example, I tried to download Google ortools, and this is not as easy as it appears.

CodePudding user response：

You can package your project with the wheel (.whl) files it needs on the platform it will be running on. That way, your IT dept. can sign off on those specific binaries and allow their installation, and you can be guaranteed they will work the same every time the software is installed.

However, it does mean that your software can no longer be installed just anywhere. Picking, downloading (or building) and including specific wheels means locking yourself into a limited range of Python versions, for a specific hardware architecture.

CodePudding user response：

can you use pip to install your downloaded and aproved libraries from a local path?... or is the use of pip prohibited? link to python pip documentation to do that