What happens if malicious code is uploaded to npm under these names? Is it possible that some of PayPal’s internal projects will start defaulting to the new public packages instead of the private ones?
Have you ever wondered what happens exactly when you run pip install? This post will give you a detailed overview of the steps involved in the past, and how it all changes with the adoption of PEP-517 and PEP-518.
First, lets mention Git Bash (aka msysgit) : the old version was a PITA to extend with additional packages (e.g. adding common C libs like libxml), and the new one (renamed Git for Windows), is based on MSYS2, but does not include a package manager.