[Distutils] has_security_fixes flag in PyPI

Nick Coghlan ncoghlan at gmail.com
Sat Sep 21 16:42:04 CEST 2013


I work in the same office as some of the folks that are working on the
victi.ms vulnerability database for Java projects, and they recently asked
me for advice about how to add Python support (they've also been discussing
the addition of Ruby support with some of the rubygems.org devs).

So, rather than doing anything purely Python specific, I suspect we're more
likely to focus on collaborating effectively with victi.ms rather than
duplicating their work.

Near term, major new features aren't likely to be added to the current PyPI
code base - the current PyPI development efforts are mostly focused on
migrating to a new architecture where the data integrity constraints are
strictly enforced at the database layer.

Cheers,
Nick.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20130922/ef679ab3/attachment.html>


More information about the Distutils-SIG mailing list