On Sep 9, 2013, at 10:54 AM, Paul Moore <[email protected]> wrote:
> Is the spec at > http://peak.telecommunity.com/DevCenter/EasyInstall#package-index-api > still the definitive version of what must be provided for a local PyPI > index (for use by something like pip)? Or is there a more up to date > version anywhere? It might match what easy_install looks for but it's not up to date. I think it's still written as if the simple index had not been created. That being said it'll probably mostly work. One of my steps I want to do with warehouse is actually get this codified. > > For example, are MD5 signatures still the only supported version? I > thought we were moving away from MD5. And while I haven't really > followed the offsite hosting changes, are the > rel="homepage"/rel="download" links still as stated? (I think I'd want > rel="download" on everything as I only expect to provide URLs for > actual package content). MD5s are the only thing supported by PyPI but setuptools 0.9+ (I think?) and pip 1.2+ support sha1, sha256, sha512, etc. > > Also, how definitive is item 7, which states that the root URL must > result in a page containing all projects, but it can be omitted if > case-insensitive safe_name() matching of projects is implemented? The > reason I ask is that providing a full listing will be somewhat costly > in my application, but providing case-insensitive matching should be > doable (actually, I'm not sure yet what's feasible, but I want to know > whether it's worth my time even investigating). This makes stuff like ``pip install django`` when the actual name is Django work. As long as your url matches safe_name it should be fine. > > I'm still thinking about design at the moment, so what I need is far > from decided, but I want to be sure that I'm actually implementing the > correct spec as a starting point! > > Thanks, > Paul > _______________________________________________ > Distutils-SIG maillist - [email protected] > https://mail.python.org/mailman/listinfo/distutils-sig ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
