[Distutils] Closing the Delete File + Re-upload File Loophole.
John Anderson
sontek at gmail.com
Sat Jan 24 18:37:51 CET 2015
On Saturday, January 24, 2015, Donald Stufft <donald at stufft.io> wrote:
> I've pushed changes to PyPI where it is no longer possible to reuse a
> filename
> and attempting to do it will give an 400 error that says:
>
> This filename has previously been used, you should use a different
> version.
>
> This does NOT prevent authors from being allowed to delete files from PyPI,
> however if a file is deleted from PyPI it cannot be re-uploaded again. This
> means that if you upload say foobar-1.0.tar.gz, and your 1.0 has a mistake
> in
> it then you *must* issue a new release to correct it.
>
> ---
> Donald Stufft
> PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
>
>
My only concern is that there is no reliable way to test that your README
will be parsed correctly. Is there a timeline for switch it to use
https://github.com/pypa/readme?
I would say majority of the time I do a release of the same version it's
because of the fragile rst parsing.
If I have to run the risk of bumping versions just to fix a valid
restructured text document to fit pypi parsing it'll make releasing a very
stressful experience.
> _______________________________________________
> Distutils-SIG maillist - Distutils-SIG at python.org <javascript:;>
> https://mail.python.org/mailman/listinfo/distutils-sig
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20150124/c7249b40/attachment.html>
More information about the Distutils-SIG
mailing list