On Tue, Feb 19, 2013 at 3:13 PM, Richard Jones <r1chardj0...@gmail.com> wrote: > Hi all, > > I've just altered the nginx configuration to promote (ie. redirect to) > HTTPS for all GET/HEAD requests. This includes HSTS, but I've set the > lifetime to 1 day just in case there's some HTTPS compatibility > issues. Once it's bedded down I'll bump it to a year. > > I looked into distutils, but since it uses urllib and urllib just > raises an error on 307 redirects we're a little stymied as to what we > can actually do for POSTs for it... > > We really need to fix distutils to replace the HTTP URL with HTTPS and > handle .pypirc issues. At this point I believe our options are: > > 1. live with it, > 2. incorporate some monkey-patching into distribute and setuptools and > promote those, > 3. write a stand-alone uploader (or add such functionality to pip) > which can monkey-patch distutils, > 4. fix distutils (and accept a long lead time to actual impact), or
I suggesting getting in touch with Benjamin Petersen and Georg Brandl ASAP (e.g. through a release blocker for 2.7 and 3.3 on the issue tracker), as Python 2.7.4 and Python 3.3.1 are planned for this month. Regards, Nick. -- Nick Coghlan | ncogh...@gmail.com | Brisbane, Australia _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig