PyPI Use HTTPS with remote repositories

ID

use_https_remote_repositories_pip

Severity

low

Family

Use HTTPS with remote repositories

Tags

reachable

Description

The access to remote repositories must be used with HTTPS protocol.

Security

If you use https protocol man-in-the-middle attacks can be avoided.

Examples

--index-url http://my-index-url.com/

Mitigation / Fix

You can remove the repositories from the configuration files or use HTTPS protocol if it is available.