[Catalog-sig] Fwd: Re: New pythonpackages.com service coming soon

Tarek Ziadé ziade.tarek at gmail.com
Sun Jan 22 18:35:52 CET 2012

Missed the reply all
---------- Forwarded message ----------
From: "Tarek Ziadé" <ziade.tarek at gmail.com>
Date: Jan 22, 2012 9:35 AM
Subject: Re: [Catalog-sig] New pythonpackages.com service coming soon
To: "Alex Clark" <aclark at aclark.net>

The only concern I have is securiy. if someone breaks your server it can
create havoc for those packages on PyPI.  Maybe there's a way to make this
more secure, like making session based authorization ? Or that's what you
planned maybe ?

Otherwise cool idea

On Jan 22, 2012 9:04 AM, "Alex Clark" <aclark at aclark.net> wrote:

> Folks,
> I have created a new service aimed at making it easier to release Python
> packages to PyPI. The primary user is currently: me. And to date, I have
> only released a single package with it: Pillow (well, in fact I really only
> tested a portion of the release process with Pillow).
> It works like this:
> - I have created a "user" `pythonpackages` on PyPI
> - I have uploaded an ssh key [1].
> - I have added `pythonpackages` as a maintainer of `Pillow`.
> - You can imagine the rest (and if you can't, it's a secret for now.)
> Now, I read the TOS very carefully before creating the `pythonpackages`
> "user". And there was nothing in it to indicate this action is anything
> other than "fair use". But I want to bring it to the attention of the PyPI
> maintainers now, in the event the service becomes popular later (I know at
> least I am planning to use it quite a bit. And we have ~70 beta users
> signed up to begin testing.)
> The bottom line is: there is now a "user" on the PyPI called
> `pythonpackages` that is in fact not a user, but a website (
> pythonpackages.com). By adding the "user" `pythonpackages` as a
> Maintainer to your package, you will be able to use the pythonpackages.comservice to automate your release process in some exciting capacity, to be
> revealed soon. This is just one aspect of the service I am building, but it
> is an important milestone that I wanted to share (for obvious reasons).
> I welcome any comments/questions/concerns. It is my sincere hope that at
> the most, I am not offending anyone with my actions and at the least, I am
> not violating any terms or conditions that I don't know about.
> Sincerely,
> Alex Clark
> [1] I am using pypissh, http://pythonpackages.com/**info/pypissh<http://pythonpackages.com/info/pypissh>(many thanks to Martin von Löwis for this).
> --
> Alex Clark · http://pythonpackages.com
> ______________________________**_________________
> Catalog-SIG mailing list
> Catalog-SIG at python.org
> http://mail.python.org/**mailman/listinfo/catalog-sig<http://mail.python.org/mailman/listinfo/catalog-sig>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/catalog-sig/attachments/20120122/47f903a9/attachment.html>

More information about the Catalog-SIG mailing list