[Catalog-sig] Proposal: close the PyPI file-replacement loophole

Chris Withers chris at simplistix.co.uk
Thu Feb 2 14:40:23 CET 2012

On 02/02/2012 13:01, Michael Foord wrote:
> Plus Chris Withers sceptical of the "security" advantages, although not
> explicitly objecting.

I'm -0.

I don't see the point of removing flexibility, but I can see the 
argument of helping package authors being less considerate.

I just get grumpy when people pretend things are about security that 
really aren't  ;-)


Simplistix - Content Management, Batch Processing & Python Consulting
             - http://www.simplistix.co.uk

More information about the Catalog-SIG mailing list