[Distutils] Re-uploading packages
Richard Jones
richard at python.org
Wed Apr 3 00:55:26 CEST 2013
We prevent people from uploading files to replace contents, but not
deleting and re-uploading. That would take additional tracking not built
into the system.
Richard
On 3 April 2013 07:12, Christian Theune <ct at gocept.com> wrote:
> Hi,
>
> when developing bandersnatch I saw some checksum errors for the md5sums of
> downloaded package files that I didn't understand.
> I just saw another one and just want to check back whether this is true: I
> can go to PyPI, delete a package version, and upload a different file later.
>
> True?
>
> This would explain that I can see a file that I downloaded successfully
> changing it's hash over time.
>
> Feels like a bad idea to me, but I guess this is part of the "PyPI doesn't
> have an oppinion" deal …
>
> Christian
>
>
> ______________________________**_________________
> Distutils-SIG maillist - Distutils-SIG at python.org
> http://mail.python.org/**mailman/listinfo/distutils-sig<http://mail.python.org/mailman/listinfo/distutils-sig>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20130403/7d687c1f/attachment.html>
More information about the Distutils-SIG
mailing list