On 1/22/12 5:45 PM, Richard Jones wrote:
On 23 January 2012 04:04, Alex Clark<acl...@aclark.net> wrote:
- I have created a "user" `pythonpackages` on PyPI
- I have uploaded an ssh key [1].
- I have added `pythonpackages` as a maintainer of `Pillow`.
- You can imagine the rest (and if you can't, it's a secret for now.)
Now, I read the TOS very carefully before creating the `pythonpackages`
"user". And there was nothing in it to indicate this action is anything
other than "fair use". But I want to bring it to the attention of the PyPI
maintainers now, in the event the service becomes popular later (I know at
least I am planning to use it quite a bit. And we have ~70 beta users signed
up to begin testing.)
My initial only concern is that the registering and uploading of
packages to the index might become too anonymous.
We are frequently called upon to identify the owners of packages (for
a variety of reasons: ownership disputes, transfer of ownership,
reclamation of zombies, that sort of thing).
Currently a person must be registered with PyPI an listed as an
owner/maintainer to be able to register package releases and upload
files for a package. Even if we required a non-pythonpackages user to
be listed against a package that association could become stale (the
person listed in PyPI could have no longer have anything to do with
the package.)
That shouldn't be a concern here because anyone that wants to use the
service (currently) must manually assign the Maintainer role to the
`pythonpackages` user for their package(s). We (currently) have no plans
to register any new packages with the `pythonpackages` user. Our plans
could change in the future, but at present this is a small, cautious
step towards release automation.
And in general, the service is not intended to anonymize releases;
rather, the initial set of uploads will be coming from folks that meet
the following criteria:
- Github user
- PyPI user with at least one released package
- pythonpackages.com beta member
Alex
Richard
--
Alex Clark · http://pythonpackages.com
_______________________________________________
Catalog-SIG mailing list
Catalog-SIG@python.org
http://mail.python.org/mailman/listinfo/catalog-sig
