Re: GnuPG signatures on PyPI: why so few?

Brian May writes: > Maybe there is some way of turning signatures on by default, so I don't > have to remember for every upload, if so, I haven't been able to work it > out yet however. I don't know how it should be done using the currently-recommended Twine tool. For

Re: GnuPG signatures on PyPI: why so few?

> On Mar 11, 2017, at 9:23 PM, Brian May wrote: > > Ben Finney writes: > >> However, this only works if upstream releases are actually accompanied >> by a valid GnuPG signature each time. The PyPI infrastructure supports >> this; why isn't it more widely

Re: PyPI source or github source?

On Sun, Mar 12, 2017 at 10:19 AM, Brian May wrote: > Sure, you could argue that PyPI source packages should contain > everything the github package does. In fact there is a PyPI tool to help > get the MANIFEST.in correct for such purposes - > https://pypi.python.org/pypi/check-manifest Anyone

Re: GnuPG signatures on PyPI: why so few?

Ben Finney writes: > However, this only works if upstream releases are actually accompanied > by a valid GnuPG signature each time. The PyPI infrastructure supports > this; why isn't it more widely encouraged? One reason I have found for myself: I can forget to sign the

PyPI source or github source?

Ben Finney writes: > Debian's UScan has the ability to find, download, and verify the GnuPG > signature for a package source release. Lintian will remind the > maintainer if a Debian source package is not taking advantage of this. A related issue is: Should we be using PyPI

GnuPG signatures on PyPI: why so few?

Howdy all, What prospects are there for PyPI to have GnuPG-signed packages by default? Debian's UScan has the ability to find, download, and verify the GnuPG signature for a package source release. Lintian will remind the maintainer if a Debian source package is not taking advantage of this.

Re: Moving a package from collab-maint to python-modules

On Sat, 2017-03-11 at 18:14 +, Scott Kitterman wrote: > > On March 11, 2017 6:52:59 AM EST, Ghislain Vaillant > wrote: > > On Sat, 2017-03-11 at 11:24 +, Christopher Hoskin wrote: > > > Hello, > > > > > > I'd like to package python-jsonpointer for Debian. The filer

Re: Moving a package from collab-maint to python-modules

On March 11, 2017 6:52:59 AM EST, Ghislain Vaillant wrote: >On Sat, 2017-03-11 at 11:24 +, Christopher Hoskin wrote: >> Hello, >> >> I'd like to package python-jsonpointer for Debian. The filer of the >RFP (Bug #754296) Pietro Battiston, has created a repository at >>

Re: Moving a package from collab-maint to python-modules

On Sat, 2017-03-11 at 11:24 +, Christopher Hoskin wrote: > Hello, > > I'd like to package python-jsonpointer for Debian. The filer of the RFP (Bug > #754296) Pietro Battiston, has created a repository at > > https://anonscm.debian.org/cgit/collab-maint/python-jsonpointer.git > > but has no

Re: Moving a package from collab-maint to python-modules

On Sat, Mar 11, 2017 at 11:24:36AM +, Christopher Hoskin wrote: > I'd like to package python-jsonpointer for Debian. The filer of the RFP (Bug > #754296) Pietro Battiston, has created a repository at > > https://anonscm.debian.org/cgit/collab-maint/python-jsonpointer.git > > but has no

Moving a package from collab-maint to python-modules

Hello, I'd like to package python-jsonpointer for Debian. The filer of the RFP (Bug #754296) Pietro Battiston, has created a repository at https://anonscm.debian.org/cgit/collab-maint/python-jsonpointer.git but has no intention of becoming the maintainer, and the package has not been

Re: Join the team

[Sophie Brun, 2017-03-07] > I would like to join the Python-modules team to maintain the > python-pyric package > (https://github.com/wraith-wireless/PyRIC) and maybe other packages > needed by the pkg-security-team. > > My alioth login is sbrun-guest > > I have read the DPMT policy >