[Distutils] PEP 438, pip and --allow-external (was: "pip: cdecimal an externally hosted file and may be unreliable" from python-dev)
Donald Stufft
donald at stufft.io
Fri May 9 23:39:45 CEST 2014
On May 9, 2014, at 5:33 PM, Donald Stufft <donald at stufft.io> wrote:
> If it's hosted on PyPI:
> Trust it.
> else if it's not hosted on PyPI:
> Require a --allow-external-and-unverifiable [*]
Bleh, I forgot to add the footnote here that said this option name is terrible
and is just an example.
-----------------
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20140509/0a286480/attachment.sig>
More information about the Distutils-SIG
mailing list