[Catalog-sig] [Proposal] Registered packages must provide the source code distribution on PyPI

M.-A. Lemburg mal at egenix.com
Thu Jun 17 15:16:15 CEST 2010

Benji York wrote:
> On Thu, Jun 17, 2010 at 7:40 AM, M.-A. Lemburg <mal at egenix.com> wrote:
>> http://pypi.python.org/simple/zc.buildout/
>> BTW: what are all those bug links doing on the zc.buildout index page ?
> PyPI scrapes all the links from the long description; for many projects
> that includes a change log with links to fixed bugs.

Isn't that dangerous ?

AFAIK, setuptools would start opening all those URLs and might
find download files which are not necessarily under full control of
the author, e.g. anyone could add a comment to a bug report or
wiki page with a link to an egg file on some rogue server.

Marc-Andre Lemburg

Professional Python Services directly from the Source  (#1, Jun 17 2010)
>>> Python/Zope Consulting and Support ...        http://www.egenix.com/
>>> mxODBC.Zope.Database.Adapter ...             http://zope.egenix.com/
>>> mxODBC, mxDateTime, mxTextTools ...        http://python.egenix.com/
2010-07-19: EuroPython 2010, Birmingham, UK                31 days to go

::: Try our new mxODBC.Connect Python Database Interface for free ! ::::

   eGenix.com Software, Skills and Services GmbH  Pastor-Loeh-Str.48
    D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg
           Registered at Amtsgericht Duesseldorf: HRB 46611

More information about the Catalog-SIG mailing list