From 130c62e31cfdc57735de3877f1c74f80bb8c13b9 Mon Sep 17 00:00:00 2001 From: disqualifier Date: Mon, 29 Jun 2026 18:13:52 -0400 Subject: [PATCH] docs: pin install line to release, note unpinned-latest option Signed-off-by: disqualifier --- README.md | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/README.md b/README.md index 18eb9ca..1298811 100644 --- a/README.md +++ b/README.md @@ -13,25 +13,27 @@ authorization system and the key-document schema; the crypto primitives live in ## Install ``` -envelope_authorizer @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git +envelope_authorizer @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git@v0.1.2 ``` Direct: ```bash -pip install "envelope_authorizer @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git" +pip install "envelope_authorizer @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git@v0.1.2" ``` The base install uses a local JSON file for storage (stdlib only). For shared dev→server storage, install the mongo extra: ```bash -pip install "envelope_authorizer[mongo] @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git" +pip install "envelope_authorizer[mongo] @ git+ssh://git@git.rethinkstudios.io/rethink-public/envelope_authorizer.git@v0.1.2" ``` Installing pulls `envelope_crypto` (and `mongo` with the extra). After install, the `authorizer` command is on your PATH; `python -m envelope_authorizer` also works. +Drop the `@v0.1.2` suffix from the line above to install the latest unpinned. + ## Trust model (read this) There is one shared **AES data-encryption key (DEK)** per project. Each key doc @@ -222,7 +224,4 @@ Owned by this lib (not `envelope_crypto`): ## Versioning -Releases are tagged `vX.Y.Z`. The install line above is unpinned and tracks the latest -on the default branch; append `@vX.Y.Z` to pin a specific release for reproducible -installs. `envelope_crypto` is pinned at `v0.1.0` in `pyproject.toml`; to change it, edit -the pin and re-test. +Releases are tagged `vX.Y.Z`. The install line above pins a release; drop the `@vX.Y.Z` suffix to install the latest unpinned. Pin deliberately for reproducible installs.