On Feb 5, 2013, at 7:51 AM, Donald Stufft <donald.stu...@gmail.com> wrote:
> On Tuesday, February 5, 2013 at 5:16 AM, Lennart Regebro wrote: >> 1. Packages should only be installed from the given package indexes. >> No scraping of websites as at least easy_install/buildout does, no >> downloading from external download links. A deprecation period for >> this of a couple of months, to give package authors the chance to >> upload their packages is probably necessary. > PyPI will need to change for this to happen realistically if I recall. There > is a > hard limit on how large of a distribution can be uploaded to PyPI and there > are, if I recall, valid distributions which are larger than that. > > Personally I want the installers to only install from PyPI so my suggestion > if this is something that (the proverbial) we want to do, PyPI should gain > some notion of a soft limit for distribution upload (to prevent against > DoS) with the ability to increase that size limit for specific projects who > can file a ticket w/ PyPI to have their limit increased. I strongly concur; however this does mean I will need to work with the board to procure additional storage or we will need to take the monthly storage hit and push it to s3 or another CSP. I only see the latter possible if we can broker a highly discounted deal with a CSP such as rack space as the bandwidth costs alone would be painful > _______________________________________________ > Catalog-SIG mailing list > Catalog-SIG@python.org > http://mail.python.org/mailman/listinfo/catalog-sig
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
