Distutils-SIG February 2018

distutils-sig@python.org

30 participants
41 discussions

merger versus separation of publishing and download tools

by Sumana Harihareswara

I figured folks here would want to know that there's an ongoing discussion of the distinction between `pip` and `twine`, and related topics (should publishing tools be separate from download/consumption tools?), in: https://github.com/pypa/packaging-problems/issues/60 I don't want to break up the conversation into different threads, one here and one on GitHub,so please consider this a pointer rather than a fork of the conversation. :) -- Sumana Harihareswara Changeset Consulting https://changeset.nyc

3 years, 1 month

Warehouse update: a week of testing, polish, & infrastructure

by Sumana Harihareswara

This week we're publicizing pypi.org to package maintainers and asking them/you to test it, and to spread the word to other package maintainers you know.[1][2] And we're probably within two or three weeks of the big public beta, given the existing open Warehouse issues in the next milestone,[3] the new issues we'll open based on user testing this week, and the infrastructure work in play. You can learn more in our weekly meeting notes.[4] We've been doing lots of performance and memory consumption work as we harden our infrastructure and codebase to make them production-ready, lots of polish as we get more testers and get their feedback.Examples: * reduce columns pulled for main project view in admin[5] * Guard against all tuples in metadata upload[6] * Add table style to project description, clean up titles[7] * Add SQLAlchemy error fix to troubleshooting docs[8] * Update PyPI migration info in packaging guide[9] And thanks to volunteers: * alex for "Don't install g++ from a PPA in travis"[10] * wasim for "Added help entry for File already exists error"[11] * HndrkMkt for "Redirect authenticated user from reset pw pages to index"[12] Our infrastructure work included more improvements to cabotage[13] -- see Ernest's demo[14]: > It’s super rough… but here’s first light of an end to end deployment on this thing I been building. still plenty of work to do, but already chock full of automated end-to-end TLS, secure storage of secrets with Vault, a bucket of Kubernetes, enough docker to make your head spin... And our infrastructure work included a restart of Nicole's user testing, both with the broad publicity to package maintainers and with Nicole leading folks through one-on-one exercises and data-gathering sessions. More about Nicole's current design process is in her blog update.[15] Some issue discussion this week that you might find relevant: * Which 3rd party services should we contact about the new pypi.org domain?[16] * APIs/feeds issues got a bit more sorted[17] -- and if there's anything you need in our API docs[18] that isn't in there, please let us know. * What should we show as the default search result on https://pypi.org/search/ ?[19] * What do new developers need in architecture documentation?[20] * Should we rename the "/legacy" URL?[21] As usual, you can get an overview of Warehouse development at our GitHub rollout board[22] And if you want to help out, this week, please do test the site, come to our IRC livechat hours, and spread the word. Thanks to Mozilla for their support for the PyPI & Warehouse work, and thanks to the Python Software Foundation for coordinating it![23][24] [1] https://pyfound.blogspot.com/2018/02/python-package-maintainers-help-test.h… [2] https://wiki.python.org/psf/WarehousePackageMaintainerTesting#IRC_livechat_… [3] https://github.com/pypa/warehouse/milestone/10 [4] https://wiki.python.org/psf/PackagingWG/2018-02-26-Warehouse [5] https://github.com/pypa/warehouse/pull/3043 [6] https://github.com/pypa/warehouse/pull/3049 [7] https://github.com/pypa/warehouse/pull/3040 [8] https://github.com/pypa/warehouse/pull/3048 [9] https://github.com/pypa/python-packaging-user-guide/pull/439 [10] https://github.com/pypa/warehouse/pull/3037 [11] https://github.com/pypa/warehouse/pull/2997 [12] https://github.com/pypa/warehouse/pull/2988 [13] https://github.com/cabotage/cabotage-app [14] https://twitter.com/EWDurbin/status/968315460101042176 [15] http://whoisnicoleharris.com/2015/12/31/designing-warehouse-an-overview.htm… [16] https://github.com/pypa/warehouse/issues/2935 [17] https://github.com/pypa/warehouse/issues?q=is%3Aissue+sort%3Aupdated-desc+l… [18] https://warehouse.readthedocs.io/api-reference/ [19] https://github.com/pypa/warehouse/issues/3062 [20] https://github.com/pypa/warehouse/issues/2794 [21] https://github.com/pypa/warehouse/issues/2285 [22] https://github.com/pypa/warehouse/projects/1 [23] https://pyfound.blogspot.com/2017/11/the-psf-awarded-moss-grant-pypi.html [24] https://blog.mozilla.org/blog/2018/01/23/moss-q4-supporting-python-ecosyste… -- Sumana Harihareswara Changeset Consulting https://changeset.nyc

3 years, 1 month

Package maintainers, please help test PyPI

by Sumana Harihareswara

The Warehouse team has improved the new PyPI, available for you to check out at https://pypi.org/ , to the point where we would love for package maintainers to try it out, test it, and give us bug reports. https://wiki.python.org/psf/WarehousePackageMaintainerTesting has guidelines, things to test (like user registration and project removal), and how to contact Warehouse developers. We're hosting four livechat hours this week where Warehouse maintainers will be in IRC, in #pypa-dev on Freenode https://webchat.freenode.net/?channels=#pypa-dev , and specifically available to talk about problems you run into, or about how to hack on Warehouse. Tuesday Feb 27th: 1700 UTC / noon-1pm EST Tuesday Feb 27th: 2300 UTC / 6pm-7pm EST Thursday March 1st: 1700 UTC / noon-1pm EST Thursday March 1st: 2300 UTC / 6pm-7pm EST This isn't the big public beta yet, where we really push the message widely to get non-package-maintainer users to test the site. Since Warehouse must be a reimplementation of the existing PyPI, please focus initially on any differences, missing features, or incorrect behavior that pypi.org exhibits that affect your workflows for account management and package maintainership. We'll be soliciting feedback on other concerns soon! Feedback on user experience, accessibility, and overall ease of use are welcome. Thanks, -- Sumana Harihareswara Warehouse project manager Changeset Consulting https://changeset.nyc

3 years, 1 month

Python Install

by peter＠mybetterlife.co.uk

I am new to Python but would like to install to play with some Fast Artificial Neural Network Library routines. However I ha a V.7 installed but could not access pip. I uninstalled 2.7 an then installed latest download which I understand should include pip. However nothing appears to work. Just need some poineters to get to first base. Hope you can help. The following is dialogue from Python Terminal Python 3.7.0a4 (v3.7.0a4:07c9d85, Jan 9 2018, 07:07:02) [MSC v.1900 64 bit (AMD64)] on win32 Type "copyright", "credits" or "license()" for more information. >>> pip install wheel SyntaxError: invalid syntax >>> =============================== RESTART: Shell =============================== >>> pip Traceback (most recent call last): File "<pyshell#1>", line 1, in <module> pip NameError: name 'pip' is not defined >>> python -m pip install SomePackage SyntaxError: invalid syntax >>> >>> python -m ensurepip --default-pip SyntaxError: invalid syntax >>> Regards Peter H. Williams Try BULB <https://join.bulb.co.uk/refer/peter6806> for great GREEN <https://join.bulb.co.uk/refer/peter6806> energy saving deals ~ a real alternative to the BIG six 113 Skelmorlie Castle Road Skelmorlie Ayrshire PA17 5AL TEL:- 01475 529946 Mobile:- 07773 348117 Skype:- peterhwuk

3 years, 1 month

PEP 566 - Package metadata version 2.1

by Thomas Kluyver

I'd like to once again prod this PEP towards completion: https://www.python.org/dev/peps/pep-0566/ The version numbering question has been decided in favour of calling it 2.1. The remaining question I'm aware of is whether to make the body text (in the email format of the metadata file) officially represent the package long description. I'm in favour of doing so: at least twine and flit already use this for metadata in wheels. Thomas

3 years, 1 month

Fwd: Warehouse: essential maintainer features & next steps

by Sumana Harihareswara

Forwarding from pypa-dev. -------- Forwarded Message -------- Subject: Warehouse: essential maintainer features & next steps Date: Wed, 21 Feb 2018 16:29:31 -0500 From: Sumana Harihareswara <sh(a)changeset.nyc> To: pypa-dev <pypa-dev(a)googlegroups.com> The big Warehouse news: we're now at the Maintainer Minimum Viable Product milestone! To quote our roadmap[0]: > give package maintainers a solid chance to try out Warehouse and report critical bugs early So we've started asking some package maintainers to test pypi.org, and probably later this week we'll broadcast that announcement and request more widely. Depending on the bugs we find as we reach out to project maintainers, and on some infrastructure work, we may hit Milestone 2 next week, which means we'd reach out to a lot of non-package-maintainer users, and start redirecting a portion of `pip` traffic to Warehouse. More on that in our weekly meeting notes.[1] Our team improved or added email management, account management including deletion, better password management and email confirmation of changed passwords to Warehouse last week.[2] We also continued to improve developer documentation[3] and API docs[4]. And we continued our cabotage work[5] and worked on some further improvements to Twine documentation.[6] I also want to highlight some work that Ernest W. Durbin III and Dustin Ingram have done on their own time, as volunteers, that help PyPI. Dustin's continuing work[7] on PEP 566[8] moves us closer to Markdown support for README files[9]. And Ernest put a BUNCH of time into spam-fighting on PyPI this past weekend. Thank you both. Thanks to Volcyy, waseem18, alanbato, zooba, alex, and HndrkMkt for their pull requests which we merged in the last week![10] In the past month, Warehouse has merged 72 pull requests from 11 distinct authors (excluding pyup-bot), and has closed 63 issues (and opened only 26 new ones).[11][12] We have 3 remaining issues between us and the next milestone (the End User MVP), and then ten more issues till we widely publicize the beta.[13] So, we're chugging along. What you can do: You can help improve Warehouse; we have seven open "good first contribution" issues[14] and a guide to getting started[15]. Ernest wants to help you dive in, and to give you stickers, and has 30-minute 1:1 slots available.[16] Please watch your email for a "hey please help us test" email to this very mailing list. Please file general packaging and distribution confusions, peeves, and suggestions in the packaging-problems issue repo.[17] Thanks to Mozilla's Open Source Support grant for funding this PyPI & Warehouse work![18][19] [0] https://wiki.python.org/psf/WarehouseRoadmap [1] https://wiki.python.org/psf/PackagingWG/2018-02-20-Warehouse [2] https://github.com/pypa/warehouse/milestone/8?closed=1 [3] https://warehouse.readthedocs.io/application/ [4] https://warehouse.readthedocs.io/api-reference/ [5] https://github.com/cabotage/cabotage-app/commits/master [6] https://github.com/pypa/twine/pull/297 [7] https://mail.python.org/pipermail/distutils-sig/2018-February/031997.html [8] https://www.python.org/dev/peps/pep-0566/ [9] https://github.com/pypa/warehouse/issues/869 [10] https://github.com/pypa/warehouse/pulls?utf8=%E2%9C%93&q=2948+2971+2975+296… [11] https://github.com/pypa/warehouse/pulse/monthly [12] https://github.com/pypa/warehouse/pulls?utf8=%E2%9C%93&q=is%3Apr+is%3Amerge… [13] https://github.com/pypa/warehouse/milestones [14] https://github.com/pypa/warehouse/issues?q=is%3Aissue+is%3Aopen+label%3A%22… [15] https://warehouse.readthedocs.io/development/getting-started/ [16] https://twitter.com/EWDurbin/status/955415184339849217 [17] https://github.com/pypa/packaging-problems [18] https://pyfound.blogspot.com/2017/11/the-psf-awarded-moss-grant-pypi.html [19] https://blog.mozilla.org/blog/2018/01/23/moss-q4-supporting-python-ecosyste… -- Sumana Harihareswara Changeset Consulting https://changeset.nyc

3 years, 1 month

PEPs 426 & 459 (metadata 2.0) have been Withdrawn

by Nick Coghlan

With PEP 566 (metadata 2.1) nearing final review and acceptance, I've updated the PEPs repo to officially withdraw PEPs 426 and 459 in favour of PEP 566: https://github.com/python/peps/commit/0977d33b02920d4619c024b64e35a693220cc… I also reverted any mentions of metadata 3.0 in PEP 426: that's now back to referring solely to the never-adopted metadata 2.0. So while we may still revisit some of the specific ideas in 426 and 459 in future PEPs, any such proposals will share PEP 566's focus on ease of implementation and adoption. Cheers, Nick. -- Nick Coghlan | ncoghlan(a)gmail.com | Brisbane, Australia

3 years, 1 month

Invalid Packages

by Matt Gieger

I would like to see a clause added to the "Ivalid Package" section of PEP541 that allows some mechanism for other pypi users to mark a package as spam. Every day i see more spam packages added to pypi and currently the only way to get them removed is to create an issue in github. -Meichthys

3 years, 1 month

pypi.python Error 403 Forbidden

by Heiko L.

hallo Matthew, > Can you use pip to install your software instead? What are you no. > trying to install, exactly? Is it just this old version of https://www2.fh-lausitz.de/launic/comp/tmp/180212.install_python_setuptools… > setuptools? Why do you need that? > installation prog without issue. regards Heiko

3 years, 1 month

pypi.python Error 403 Forbidden

by Heiko L.

Hallo Marius, >> After a few hours I found the following article: >> https://mail.python.org/pipermail/distutils-sig/2017-October/031712.html >> ...you can no longer access /simple/ and /packages/ over HTTP and you will have to directly go to HTTPS.... >> >> - It is true? > > Yes. > >> - Is this the right place if I have any questions? > > Yes. > I have not found a official website. I would have expected an info on the page https://pypi.python.org/pypi. Where can I find an official statement? Apparently exist prog on https://pypi.python.org which use http, but ypi.python.org does not allow http. It's not easy. A user should be able to decide for himself whether to use HTTP or HTTPS. regards Heiko.

3 years, 1 month

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

1998

Distutils-SIG February 2018