Yeah, that's a good callout, thanks. Not sure why they took the less secure approach for something that is intended as a development environment, but I think I feel like that for lots of decisions in Python so maybe not that weird in the grand scheme of things.
