On May 31, 2013, at 4:45 PM, Noah Kantrowitz <[email protected]> wrote:
> > On May 31, 2013, at 1:34 PM, Tres Seaver wrote: > >> On 05/31/2013 09:18 AM, Lennart Regebro wrote: >>> I'd be OK with after six months automatically removing packages that >>> has only one owner/maintainer, and that owner/maintainer has no other >>> packages, and the package has no available downloads, and no contact >>> information on either package nor registered user. >> >> Why all the extras: if somebody wants to claim a project name, but can't >> upload a release for six months, they should just lose. I would actually >> be willing to have that cut down to a day: trying to grab the name >> before registering / uploading a release should result in loss of the claim. > > +1, I think this should just be treated as a form validation thing. It is a > detail of the protocol that you upload a dist definition before the files, > but I don't think we should consider it a valid PyPI entry until a file is > uploaded (especially now that the default mode is to not scrape external > sites). As we switch to not scraping, anything with no files should just > vanish IMO, at which point it is available for registration again. If someone > happens to ninja-upload between the setup.py register and setup.py upload, I > think we can just throw an error message since chances of that happening are > so amazingly low. > > --Noah > > _______________________________________________ > Distutils-SIG maillist - [email protected] > http://mail.python.org/mailman/listinfo/distutils-sig So I completely agree with the sentiment. However we need to make sure whatever process we come up with has provisions for when it's ok to manually remove a name as well. The reasoning is that it can easily become an arms race of sort. If we say "well projects without a file get auto deleted after a day", then someone wanting to squat a name will just upload a dummy file. ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - [email protected] http://mail.python.org/mailman/listinfo/distutils-sig
