[Catalog-sig] HTTPS now promoted on PyPI
Éric Araujo
merwok at netwok.org
Tue Feb 19 21:31:13 CET 2013
Hi,
Le 19/02/2013 00:13, Richard Jones a écrit :
> We really need to fix distutils to replace the HTTP URL with HTTPS and
> handle .pypirc issues. At this point I believe our options are:
>
> 1. live with it,
> 2. incorporate some monkey-patching into distribute and setuptools and
> promote those,
> 3. write a stand-alone uploader (or add such functionality to pip)
> which can monkey-patch distutils,
> 4. fix distutils (and accept a long lead time to actual impact), or
> 5. all of the above
There is an open request for https in distutils:
http://bugs.python.org/issue12226
Patch is missing certificate checking.
The bucket of UI issues and bugs related to .pypirc is more sensitive:
there are certainly setup scripts out there that will depend on
internals of this code. Can someone redirect the
observations/complaints from this huge threads to the bug tracker?
We’ll see what we can do (at least doc, at best config migration).
Regards
More information about the Catalog-SIG
mailing list