Mailman 3 March 2020 - Distutils-SIG

comment avoir Matlibplot sur Python 3.8.2 sur MAC OS Mojave ?
by moise amsellem March 25, 2020

March 25, 2020

1 0

PEP 440
by Rosemary Gutierrez March 25, 2020

March 25, 2020

1 0

pip resolver work chugging along
by Sumana Harihareswara March 24, 2020

March 24, 2020

The alpha or beta release of pip with its new dependency resolver should be out in May. I just posted https://pyfound.blogspot.com/2020/03/new-pip-resolver-to-roll-out-this-year… which discusses what is going to change in the pip resolver, when, and how you can help (including some low-effort things you can do right now). I didn't mention this in the blog post because ordinary Python users shouldn't try it, but: As of right now, people who install pip from GitHub master will have the ability to run `pip install --unstable-feature=resolver` and test the new resolver code. And less than half of the test suite fails! Expect errors and missing features, but it’s there! [Celebratory trumpet honk here.] Hope all of you, and all the people you are close to, are healthy and staying that way. -- Sumana Harihareswara pip project manager (contracting with Python Software Foundation) Changeset Consulting https://changeset.nyc

5 11

(no subject)
by 郭罗华 March 24, 2020

March 24, 2020

发送自 Windows 10 版邮件<https://go.microsoft.com/fwlink/?LinkId=550986>应用

1 0

(no subject)
by وائل عبدالمولى March 23, 2020

March 23, 2020

1 0

Questionable package in PyPi, maybe malicious
by Evagelos March 21, 2020

March 21, 2020

Hi there, I searched PyPi for "flaskmigrate" and this came up: flaskmigrate - A package to prevent exploit Seems strange to me so I wanted to make you aware, I was advised to report in this mailing list. Regards, Evagelos

2 3

My email address
by Evagelos Theodoridis March 21, 2020

March 21, 2020

evagelos.theo(a)gmail.com

2 1

Today: livestreamed talk about PyPI malware detection
by Sumana Harihareswara March 16, 2020

March 16, 2020

Today at 1pm PT/4pm ET: a livestreamed presentation by Cristina Muñoz, who's been working on the PyPI malware detection feature: https://www.meetup.com/pacifichackers/events/267932809/ "Automatic Detection of Malware in PyPI" Alternate link: https://phack.my.webex.com/phack.my/j.php?MTID=mdb827dc0a7f6dfe9784f793686e… She noted: > A general note: this is a presentation geared more towards security folks. A lot of the Python stuff I talk about might feel really redundant/obvious for people who are software engineers and have Python familiarity. Like, there are several slides describing what PyPI is, and the difference between packages, releases and files, for example. -- Sumana Harihareswara Changeset Consulting https://changeset.nyc

1 1

replacement for tests_require?
by Felix Schwarz March 9, 2020

March 9, 2020

Hi, what is the recommended to solution to declare dependencies which are only required to run tests? In the past there was "tests_require" but as far as I know this is deprecated. I tried to read obvious github issues but maybe I missed something so please bear with me if this has come up way too often. I appreciate pointers. Felix

3 3

Provide a way to bundle and extract license files
by Steve Jorgensen March 7, 2020

March 7, 2020

The project I am working on now needs to include license files for all of the 3rd party code that it includes. Since license files are not included in distribution packages, the process for doing this is exceedingly complex, error prone, and in some cases, impossible. The build process builds URLs to license files in package source code repositories based on version number, but this is dependent upon several things… 1. The source code repository is accessible via the Internet and still exists. 2. There is a tag for each version (not always true). 3. Tags follow a consistent naming pattern with respect to version numbers (not always true). I believe that it makes sense to provide a standard means for distribution packages to include license files and then encourage package authors to use it.

4 8