25. Dependency Management with Hashes

Lock dependencies to exact versions and verify their integrity with hashes.

Example

requests==2.31.0 --hash=sha256:abcd1234
cryptography==42.0.5 --hash=sha256:efgh5678

Install safely:

pip install --require-hashes -r requirements.txt

✅ Lesson: Always use version pinning and hash verification for reproducible, secure environments.