[Catalog-sig] Allowing the upload of .py files at PyPI

PJ Eby pje at telecommunity.com
Thu Feb 14 23:38:43 CET 2013


On Thu, Feb 14, 2013 at 5:13 PM, Donald Stufft <donald.stufft at gmail.com> wrote:
> This isn't something automated tools are supposed to discover right? They
> previously know where it exists?

Buildout downloads the distribute and/or setuptools bootstrap scripts.
 IIUC, it uses hardcoded URLs at the moment.

> Why does it need to be on PyPI at all? Seems like for this
> unusual case just keeping it someplace sane that has a good SSL cert seems
> like an obvious solution? Github or Bitbucket or whatever?

IIUC, it's being strongly encouraged to host everything that needs to
be trustworthy on PyPI, and that would definitely include the tools
used for building, downloading, and installing packages from PyPI.
;-)


More information about the Catalog-SIG mailing list