[Distutils] Surviving a Compromise of PyPI - PEP 458 and 480
Nick Coghlan
ncoghlan at gmail.com
Fri Jan 2 17:30:04 CET 2015
On 3 January 2015 at 02:26, Donald Stufft <donald at stufft.io> wrote:
>
> On Jan 2, 2015, at 11:14 AM, Vladimir Diaz <vladimir.v.diaz at gmail.com>
> wrote:
>
> Thanks for the great feedback - Nick, Donald, Paul, and Richard (off-list).
>
> I am totally fine with focusing on PEP 458 and applying the final coat of
> paint on this document.
>
> There's a lot of background documentation and technical details excluded
> from the PEPs (to avoid turning the PEP into a 15+ page behemoth), but I do
> agree that we should explicitly cover some of these implementation details
> in PEP 458. Subsections on the exact format of metadata, explanation on
> how metadata is signed, and how the roles are "delegated" with the library,
> still remain. As Paul as indicated, terminology can also be improved so as
> to be more readable for "non-experts."
>
> Let me know how we should collaborate on PEP 458 going forward. Guido van
> Rossum made minor corrections to PEP 458, and requested we reflect his
> changes back to the version on Github. We can either move
> hg.python.org/pep/pep-0458.txt
> <https://hg.python.org/peps/file/a532493ba99c/pep-0458.txt> to
> github.com/pypa or github.com/theupdateframework/pep-on-pypi-with-tuf.
>
>
> As far as I’m concerned I’m willing to collab however is best for y’all.
> It appears you’re doing it on Github in the
> https://github.com/theupdateframework/pep-on-pypi-with-tuf repository so
> I’m happy to make PRs there. I’m also happy to make PRs elsewhere as well
> though I prefer somewhere on Github. I’ll sit down with PEP 458 maybe this
> weekend and see if I can crank out some PRs to refine it.
>
It probably makes sense to pull the TUF PEPs into the new
pypa/interoperability-peps repo with the rest of them, and add Vladimir et
al as developers on that repo (or just to the general PyPA developers
group).
Cheers,
Nick.
--
Nick Coghlan | ncoghlan at gmail.com | Brisbane, Australia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20150103/d57406be/attachment.html>
More information about the Distutils-SIG
mailing list