On Tuesday, February 5, 2013 at 5:16 AM, Lennart Regebro wrote: > 1. Packages should only be installed from the given package indexes. > No scraping of websites as at least easy_install/buildout does, no > downloading from external download links. A deprecation period for > this of a couple of months, to give package authors the chance to > upload their packages is probably necessary.
PyPI will need to change for this to happen realistically if I recall. There is a hard limit on how large of a distribution can be uploaded to PyPI and there are, if I recall, valid distributions which are larger than that. Personally I want the installers to only install from PyPI so my suggestion if this is something that (the proverbial) we want to do, PyPI should gain some notion of a soft limit for distribution upload (to prevent against DoS) with the ability to increase that size limit for specific projects who can file a ticket w/ PyPI to have their limit increased.
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
