[Catalog-sig] Fwd: Re: New pythonpackages.com service coming soon
aclark at aclark.net
Tue Jan 24 02:22:03 CET 2012
On 1/23/12 5:30 PM, "Martin v. Löwis" wrote:
>> OAuth would be a most welcome addition!
> Can you please flesh out a specification?
> I'd be hesitant to add it without a *clear* commitment to using it.
> We added OpenID support primarily to support pythonpackages.com,
> only to find out that it now uses github accounts :-( I'd be angry
> to learn that I implemented yet another feature which is then not
> going to be used.
OpenID is still on the table, so I don't want you to get the impression
that we're jumping ship for OAuth. That said, I apologize about leaving
you hanging there; it was certainly not my intention (and I was unaware
until now that OpenId support was added for pythonpackages.com… unless
maybe you are confusing it with opencomparison.org?).
In any event, yes, I can put together a specification. Things should be
easier to discuss now that I have announced the details. Let me do this:
- Between now and March, I'll implement OpenId support on
- That support will, initially, only be used to verify that someone with
a Github account who has already signed in owns a particular package on
PyPI. As that is clumsy even to describe, I suspect it will only be a
stepping stone to a better approach (but I think it gets me what I want,
which is to publish packages that have shared the maintainer role with
`pythonpackages`. I certainly don't want any pythonpackages.com user to
be able to publish any package on PyPI that has done the same.)
Alex Clark · http://pythonpackages.com
More information about the Catalog-SIG