[Catalog-sig] ANN: pythonpackages.com beta
Daniel Holth
dholth at gmail.com
Tue Jul 31 19:43:42 CEST 2012
Perhaps you would be interested in the Wheel package format's upcoming
public key signature system (wheel.rtfd.orgl#signed-wheel-files). The
(undocumented) plan will include per-buildserver, per-package and
possibly per-package-version signing keys via a pluggable trust model,
instead of the PGP model where a signing key is an e-mail address.
About wheel
"A wheel is a ZIP-format archive with a specially formatted filename
and the .whl extension. It is designed to contain all the files for a
PEP 376 compatible install in a way that is very close to the on-disk
format."
A simple wheel for Package-1.0 would contain
package.py
Package-1.0.dist-info/METADATA (PEP-376, PEP-345 'Metadata 1.2')
Package-1.0.dist-info/WHEEL (metadata for this build of the dist)
Package-1.0.dist-info/RECORD (extended PEP-376)
The bdist_wheel setuptools plugin and egg2wheel and wininst2wheel
allow you to create wheel archives without having to modify source
dists.
More information about the Catalog-SIG
mailing list