> I didn’t fancy downloading some random executable from the internet
Flask and Sinatra contain code. They may not be "executables" by default but you will probably not read the source and they could obfuscate sending your local data to some malicious server or something. Also lots of python dependencies run code at install time (mostly to complie native dependencies but it is running python code that could be doing anything) so even before you run the test server for the first time just installing the dependencies may run code.
Open source is built on a web of trust. You could argue there's too much of it but I don't see a reason to declare rye one step too far.
Flask and Sinatra contain code. They may not be "executables" by default but you will probably not read the source and they could obfuscate sending your local data to some malicious server or something. Also lots of python dependencies run code at install time (mostly to complie native dependencies but it is running python code that could be doing anything) so even before you run the test server for the first time just installing the dependencies may run code.
Open source is built on a web of trust. You could argue there's too much of it but I don't see a reason to declare rye one step too far.