[Distutils] Outdated packages on pypi

Steve Dower steve.dower at python.org
Thu Jul 14 18:51:20 EDT 2016


On 14Jul2016 0619, Daniel D. Beck wrote:
> Free-form, user-generated content on PyPI would become a pathway for
> harassment and abuse. Introducing user-generated content on PyPI would
> necessarily put an emotional burden on package maintainers in addition
> to the maintenance burden (unless PyPI moderators are going to screen
> content before maintainers and users see it—given the dearth of
> resources for PyPI as it is, this strikes me as exceedingly unlikely).

This is why I listed a set of restrictions to help prevent that:

* 140 chars (flexible, but short enough to prevent rants)
* users must be logged in
* no external links
* maintainers can delete/dispute comments
* clear comments on each new release
* one comment per user per package (implied, but I didn't explicitly 
call it out in my previous email)

Do you really think this will be worse than the current state, where 
abusers *only* have access Twitter, github, reddit and email to harass 
package maintainers?

Assuming harassment is not going to be a problem, is there value in 
letting people add comments directly on the page where users seem to 
keep ending up?

Cheers,
Steve


More information about the Distutils-SIG mailing list