[Distutils] some questions about PEP470

Alex Gaynor alex.gaynor at gmail.com
Sun Oct 12 20:44:02 CEST 2014

Stefan Krah <stefankrah <at> freenet.de> writes:

> > (for example right now bytereef.org is down, so
> > we’d not discover any files there).
> Indeed.  It was up reliably since 2005, down for maintenance on
> September 23rd (before ShellShock ...).  Then I discovered that
> someone had put up m3-cdecimal on PyPI (presumably abusing PyPI
> as their private repo --- there are several m3-* packages now).
> This triggered some reflection on whether I would make a significant
> effort in the future to keep things running smoothly for an open source
> community where authors are largely viewed as expendable.

I don't know what it means for "authors to be largely viewed as expendable",
but half the point of hosting things on PyPI is that you *don't* need to do any
work at all as an author for reliable delivery of your package.

> Subsequently the downtime (again, the first one since 2005) was picked
> up for propagandistic purposes on Twitter and Reddit.

Ok, but you seem to be doing the other side's propaganda. Every single person
I've spoken to agrees that this just underscores the need to encourage packages
to be on PyPI.

> Last year I would have felt an obligation to minimize the downtime
> to an hour at most.  I no longer feel any such obligations and I'll
> do it when I have time.

Ok. The PyPI administrators still feel an obligation to their users, so I'll
prefer packages under their care.

> Stefan Krah


More information about the Distutils-SIG mailing list