Donald Stufft wrote: > > * Very few people actually are using OpenID or Google logins as it is. In one > month we had ~15k logins using the web form, ~5k using basic auth, and 62 > using Google and 7 using OpenID. This is a several orders of magnitude > difference. > * Regardless of how you log into PyPI (Password or Google/OpenID) you’re > required to have a password added to your account to actually upload anything > to PyPI. This negates much of the benefit of a federated authentication for > PyPI as it stands. > * Keeping these requires ongoing maintenance to deal with any changes in the > specification or to update as Google deprecates/changes things. > * Adding support for them to Warehouse requires additional work that could > better be used elsewhere, where it would have a higher impact.
I'm one of those 7, but I really can't argue for you to keep supporting it just for *me* :). Have you considered allowing developers to use their GitHub, GitLab, Bitbucket logins? Those three probably cover a large majority of package authors on PyPI. I don't know how hard that would be to support though. -Barry _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
