[Distutils] Closing the Delete File + Re-upload File Loophole.
Donald Stufft
donald at stufft.io
Sat Jan 24 18:38:54 CET 2015
> On Jan 24, 2015, at 12:37 PM, John Anderson <sontek at gmail.com> wrote:
>
>
>
> On Saturday, January 24, 2015, Donald Stufft <donald at stufft.io <mailto:donald at stufft.io>> wrote:
> I've pushed changes to PyPI where it is no longer possible to reuse a filename
> and attempting to do it will give an 400 error that says:
>
> This filename has previously been used, you should use a different version.
>
> This does NOT prevent authors from being allowed to delete files from PyPI,
> however if a file is deleted from PyPI it cannot be re-uploaded again. This
> means that if you upload say foobar-1.0.tar.gz, and your 1.0 has a mistake in
> it then you *must* issue a new release to correct it.
>
> ---
> Donald Stufft
> PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
>
>
> My only concern is that there is no reliable way to test that your README will be parsed correctly. Is there a timeline for switch it to use https://github.com/pypa/readme <https://github.com/pypa/readme>?
>
> I would say majority of the time I do a release of the same version it's because of the fragile rst parsing.
>
> If I have to run the risk of bumping versions just to fix a valid restructured text document to fit pypi parsing it'll make releasing a very stressful experience.
>
You can re-run register as many times as you want which is all you need to adjust the README.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20150124/6fabba9e/attachment.html>
More information about the Distutils-SIG
mailing list