In addition, maintainers of installation tools are asked to release
two updates. The first one shall provide clear warnings [...]
The second update for installation tools should change the default
mode to allow only installation of package files hosted at the index
domain,
sounds good to
Hi Marcus,
On 03/15/2013 01:32 AM, Marcus Smith wrote:
In addition, maintainers of installation tools are asked to release
two updates. The first one shall provide clear warnings [...]
The second update for installation tools should change the default
mode to allow only
On Wed, Mar 13, 2013 at 5:16 PM, Carl Meyer c...@oddbird.net wrote:
There is no instead of. There are parallel proposals (see the TUF
thread) to improve the security of the ecosystem, and those proposals
are not mutually exclusive with this one. If you search the PEP text,
note that you don't
On Wed, Mar 13, 2013 at 23:43 -0700, Nick Coghlan wrote:
On Wed, Mar 13, 2013 at 5:16 PM, Carl Meyer c...@oddbird.net wrote:
There is no instead of. There are parallel proposals (see the TUF
thread) to improve the security of the ecosystem, and those proposals
are not mutually exclusive
On 3/14/13 4:58 AM, holger krekel wrote:
I haven't followed the latest TUF discussions and related docs in
depths yet but if those developments will regard simple/ as a deprecated
interface, i think this PEP here should maybe not introduce
simple/-with-externals as it will just make the
Maybe a different way to say it is that the current TUF integration doc
assumes that it is desirable to make minimal change to PyPI's layout and
pip, easy_install, etc. while adding security. We made several choices
based upon this assumption, including using and retaining the /simple dir.
If
On Thu, Mar 14, 2013 at 7:13 AM, Justin Cappos jcap...@poly.edu wrote:
Maybe a different way to say it is that the current TUF integration doc
assumes that it is desirable to make minimal change to PyPI's layout and
pip, easy_install, etc. while adding security. We made several choices
based
On Wed, Mar 13, 2013 at 7:21 AM, holger krekel hol...@merlinux.eu wrote:
Hi all,
after some more discussions and hours spend by Carl Meyer (who is now
co-authoring the PEP) and me, here is a new V3 pre-submit draft.
It is now more ambitious than the previous draft as should be obvious
from
On Mar 13, 2013, at 10:26 AM, PJ Eby p...@telecommunity.com wrote:
On Wed, Mar 13, 2013 at 7:21 AM, holger krekel hol...@merlinux.eu wrote:
Hi all,
after some more discussions and hours spend by Carl Meyer (who is now
co-authoring the PEP) and me, here is a new V3 pre-submit draft.
It is
On 13.03.2013 12:21, holger krekel wrote:
Hi all,
after some more discussions and hours spend by Carl Meyer (who is now
co-authoring the PEP) and me, here is a new V3 pre-submit draft.
It is now more ambitious than the previous draft as should be obvious
from the modified abstract (and
On Mar 13, 2013, at 2:57 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 12:21, holger krekel wrote:
Hi all,
after some more discussions and hours spend by Carl Meyer (who is now
co-authoring the PEP) and me, here is a new V3 pre-submit draft.
It is now more ambitious than the
On 13.03.2013 20:08, Donald Stufft wrote:
On Mar 13, 2013, at 2:57 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 12:21, holger krekel wrote:
[V3 proposal]
I must say, don't like this change in motivation compared
to V1 and V2.
The original of the discussion was to make PyPI
On Wed, Mar 13, 2013 at 3:33 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 20:08, Donald Stufft wrote:
On Mar 13, 2013, at 2:57 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 12:21, holger krekel wrote:
[V3 proposal]
I must say, don't like this change in motivation
On Mar 13, 2013, at 3:33 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 20:08, Donald Stufft wrote:
On Mar 13, 2013, at 2:57 PM, M.-A. Lemburg m...@egenix.com wrote:
On 13.03.2013 12:21, holger krekel wrote:
[V3 proposal]
I must say, don't like this change in motivation
On 03/13/2013 01:33 PM, M.-A. Lemburg wrote:
The proposal marks all external links as evil,
I'm sorry the text of the PEP gave you that impression. I can see how
you'd have gotten it from some of the comments here on catalog-sig, but
we went to some lengths to avoid it in the PEP text, and plan
15 matches
Mail list logo
