On 7/16/2011 6:58 AM, Martijn Faassen wrote:
Okay, so this scenario is possible:
* developer of a popular package gets fed up for unknown reasons
* removes his package from PyPI (not realizing the thing below)
* someone else notices this and recreates the package maliciously
pypi could prohibit the reuse of deleted package names.
If a name was 'retired' for legal reasons, then it should stay retired
anyway.
--
Terry Jan Reedy
_______________________________________________
Catalog-SIG mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig
