<p>Missed the reply all</p>
<div class="gmail_quote">---------- Forwarded message ----------<br>From: "Tarek Ziadé" <<a href="mailto:ziade.tarek@gmail.com">ziade.tarek@gmail.com</a>><br>Date: Jan 22, 2012 9:35 AM<br>Subject: Re: [Catalog-sig] New <a href="http://pythonpackages.com">pythonpackages.com</a> service coming soon<br>
To: "Alex Clark" <<a href="mailto:aclark@aclark.net">aclark@aclark.net</a>><br><br type="attribution"><p>The only concern I have is securiy. if someone breaks your server it can create havoc for those packages on PyPI. Maybe there's a way to make this more secure, like making session based authorization ? Or that's what you planned maybe ?</p>
<p>Otherwise cool idea</p>
<p>Cheers<font color="#888888"><br>
Tarek</font></p><div class="elided-text">
<div class="gmail_quote">On Jan 22, 2012 9:04 AM, "Alex Clark" <<a href="mailto:aclark@aclark.net" target="_blank">aclark@aclark.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Folks,<br>
<br>
I have created a new service aimed at making it easier to release Python packages to PyPI. The primary user is currently: me. And to date, I have only released a single package with it: Pillow (well, in fact I really only tested a portion of the release process with Pillow).<br>
<br>
It works like this:<br>
<br>
- I have created a "user" `pythonpackages` on PyPI<br>
- I have uploaded an ssh key [1].<br>
- I have added `pythonpackages` as a maintainer of `Pillow`.<br>
- You can imagine the rest (and if you can't, it's a secret for now.)<br>
<br>
Now, I read the TOS very carefully before creating the `pythonpackages` "user". And there was nothing in it to indicate this action is anything other than "fair use". But I want to bring it to the attention of the PyPI maintainers now, in the event the service becomes popular later (I know at least I am planning to use it quite a bit. And we have ~70 beta users signed up to begin testing.)<br>
<br>
The bottom line is: there is now a "user" on the PyPI called `pythonpackages` that is in fact not a user, but a website (<a href="http://pythonpackages.com" target="_blank">pythonpackages.com</a>). By adding the "user" `pythonpackages` as a Maintainer to your package, you will be able to use the <a href="http://pythonpackages.com" target="_blank">pythonpackages.com</a> service to automate your release process in some exciting capacity, to be revealed soon. This is just one aspect of the service I am building, but it is an important milestone that I wanted to share (for obvious reasons).<br>
<br>
I welcome any comments/questions/concerns. It is my sincere hope that at the most, I am not offending anyone with my actions and at the least, I am not violating any terms or conditions that I don't know about.<br>
<br>
Sincerely,<br>
<br>
<br>
Alex Clark<br>
<br>
<br>
[1] I am using pypissh, <a href="http://pythonpackages.com/info/pypissh" target="_blank">http://pythonpackages.com/<u></u>info/pypissh</a> (many thanks to Martin von Löwis for this).<br>
<br>
<br>
-- <br>
Alex Clark ˇ <a href="http://pythonpackages.com" target="_blank">http://pythonpackages.com</a><br>
<br>
______________________________<u></u>_________________<br>
Catalog-SIG mailing list<br>
<a href="mailto:Catalog-SIG@python.org" target="_blank">Catalog-SIG@python.org</a><br>
<a href="http://mail.python.org/mailman/listinfo/catalog-sig" target="_blank">http://mail.python.org/<u></u>mailman/listinfo/catalog-sig</a><br>
</blockquote></div>
</div></div>