[Numpy-discussion] Verify your sourceforge windows installer downloads

David Cournapeau cournape at gmail.com
Thu May 28 13:05:57 EDT 2015

On Fri, May 29, 2015 at 2:00 AM, Andrew Collette <andrew.collette at gmail.com>

> > Here is their lame excuse:
> >
> >
> https://sourceforge.net/blog/gimp-win-project-wasnt-hijacked-just-abandoned/
> >
> > It probably means this:
> >
> > If NumPy installers are moved away from Sourceforge, they will set up a
> > mirror and load the mirrored installers with all sorts of crapware. It is
> > some sort of racket the mob couldn't do better.
> I noticed that like most BSD-licensed software, NumPy's license
> includes this clause:
> "Neither the name of the NumPy Developers nor the names of any
> contributors may be used to endorse or promote products derived from
> this software without specific prior written permission."
> There's an argument to be made that SF isn't legally permitted to
> distribute poisoned installers under the name "NumPy" without
> permission.  I recall a similar dust-up a while ago about "Standard
> Markdown" using the name "Markdown"; the original author (John Gruber)
> took action and got them to change the name.
> In any case I've always been surprised that NumPy is distributed
> through SourceForge, which has been sketchy for years now. Could it
> simply be hosted on PyPI?

They don't accept arbitrary binaries like SF does, and some of our
installer formats can't be uploaded there.


> Andrew
> _______________________________________________
> NumPy-Discussion mailing list
> NumPy-Discussion at scipy.org
> http://mail.scipy.org/mailman/listinfo/numpy-discussion
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/numpy-discussion/attachments/20150529/aba8656e/attachment.html>

More information about the NumPy-Discussion mailing list