Martin v. Löwis wrote:
That said, I didn't see any indication of what I consider to be a critical failure in PyPI: No dependency metadata prior to downloading the package.
Contributions are welcome. The source code of PyPI is available publically,
and I'm willing to accept patches. I won't have time to work on this in the next 12 months myself.
These two don't seem to go hand in hand and don't really seem to fit my experiene of the catalog-sig :-(