On Wed, Feb 27, 2013 at 3:27 PM, Donald Stufft <donald.stu...@gmail.com>wrote:
> I'm not asking for this to be shutoff immediately, it will be phased, > particularly so project maintainers can be made aware that it's > going away and can upload versions to PyPI to prevent this kind of > wide spread breakage. Particularly the first phase I outlined for > PyPI was to disable _new_ links from being added to the /simple/ > pages and keeping the old around. So that _old_ releases still work > for now, but _new_ ones do not. > +1 Here is the critical bit. *new releases*. There is no extra work for package managers until a new release is made. I think most package managers would rather adjust their processes to ensure that users of the package can accesses it securely and reliably. It is much easier to concentrate work on the reliability of PyPI than to 100s of individual sites hosting packages that at this point likely don't even have SSL. I think most users would rather get the packages from PyPI infrastructure and as was already posted, new users probably don't realize that pip/easy_install hits external dependencies. -Chris -- Christopher Lambacher ch...@kateandchris.net
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
