Am 13.11.12 03:04, schrieb Nick Coghlan:
On Mon, Oct 29, 2012 at 4:47 AM, Daniel Holth dho...@gmail.com
mailto:dho...@gmail.com wrote:
I think Metadata 1.3 is done. Who would like to czar?
(Apologies for the belated reply, it's been a busy few weeks)
I'm happy to be BDFL delegate for
On 13.11.2012 10:51, Martin v. Löwis wrote:
Am 13.11.12 03:04, schrieb Nick Coghlan:
On Mon, Oct 29, 2012 at 4:47 AM, Daniel Holth dho...@gmail.com
mailto:dho...@gmail.com wrote:
I think Metadata 1.3 is done. Who would like to czar?
(Apologies for the belated reply, it's been a busy few
On 13 November 2012 10:26, M.-A. Lemburg m...@egenix.com wrote:
I agree with Martin. If the point is to to protect against cryptography
that is not used, then not using the de-facto standard in signing
open source distribution files, which today is PGP/GPG, misses that
point :-)
I agree as
This may be a silly question, but haven't the python externals been moved to HG
yet?
I usually work on cpython without bothering with the externals, but I found
today that I needed them. On Windows this is a bit of a bother. And I've
thrown away all my SVN stuff...
K
On Tue, Nov 13, 2012 at 5:26 AM, M.-A. Lemburg m...@egenix.com wrote:
On 13.11.2012 10:51, Martin v. Löwis wrote:
Am 13.11.12 03:04, schrieb Nick Coghlan:
On Mon, Oct 29, 2012 at 4:47 AM, Daniel Holth dho...@gmail.com
mailto:dho...@gmail.com wrote:
I think Metadata 1.3 is done. Who
Their still in svn as far I know.
2012/11/13 Kristján Valur Jónsson krist...@ccpgames.com:
This may be a silly question, but haven‘t the python externals been moved to
HG yet?
I usually work on cpython without bothering with the externals, but I found
today that I needed them. On Windows
On Tue, Nov 13, 2012 at 4:00 PM, Daniel Holth dho...@gmail.com wrote:
I'm willing to go ahead and move any mention of signing algorithms into a
separate PEP, leaving only the basic manifest hash vs. file contents
verification under the auspices of this PEP.
From the discussion so far, that
2012/11/13 Benjamin Peterson benja...@python.org:
Their still in svn as far I know.
s/Their/They're
--
Regards,
Benjamin
___
Python-Dev mailing list
Python-Dev@python.org
http://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
On 13 Nov, 2012, at 16:00, Daniel Holth dho...@gmail.com wrote:
I want to remove distutils from the standard library.
Why? Distutils may not be perfect, but is usable for basic packages. It could
even be enhanced to support these peps and be even more useable, although
patches for that
Setuptools! You would avoid 75% of pypi. It is nonsense to pretend that
setuptools is not a significant packaging innovation. Its main flaw is that
it is based on distutils, a non-extensible design. distutils2 is a lot of
setuptools and distutils code with the plug-ability taken out.
Perhaps I
The signatures section is now just:
+If JSON web signatures are used, one or more JSON Web Signature JSON
+Serialization (JWS-JS) signatures may be stored in a file RECORD.jws
+adjacent to RECORD. JWS is used to sign RECORD by including the SHA-256
+hash of RECORD as the JWS payload::
{
+1
Distutils is good enough: it could be better but for what is required
(essentially copying files and creating packages installers) is fine. The only
corner case is an absolute pain in the neck is in the cross compile scenario.
Currently I don't have *any* need for auto tools (setuptools and
I'll give you that number(?) but ...
mercurial, docutils, jinjia2 pygments, sphinx, lxml, nose, cherrypy, django,
pyqt ...
all they don't need/use setuptools: that 25% left is quite an interesting field
to play in.
If setuptools was significant packaging innovation do you think people
On Tue, Nov 13, 2012 at 5:31 PM, a.cava...@cavallinux.eu wrote:
+1
Distutils is good enough: it could be better but for what is required
(essentially copying files and creating packages installers) is fine. The only
corner case is an absolute pain in the neck is in the cross compile
Distutils is not good enough for the vast majority of people. Even for what it
does, it does not do it well. It is a library that is user hostile and buggy.
It was
a fine first revision of packaging, but the Python community needs something
better.
On Tuesday, November 13, 2012 at 11:31 AM,
Am 13.11.12 11:26, schrieb M.-A. Lemburg:
Note that signing such distribution files can be handled outside
of the wheel format PEP. It just way to complex and out of scope
for the wheel format itself. Also note that PGP/GPG and the other
signing tools work well on any distribution file. There's
I want to remove distutils from the standard library. If that happens
then we might want a secure way to install it from pypi. One way would
be to include the public key used to sign distutils in Python's own
signature-verifying bootstrap wheel installer, never mind whether it
used ECDSA or RSA
Am 13.11.12 17:45, schrieb Maciej Fijalkowski:
For example distutils is absolutely *untestable* which makes it very
far from good enough for me.
I never had issues with testing distutils applications. I use
python setup.py sdist, then unpack the resulting source package,
install it, and run
On Tue, Nov 13, 2012 at 12:23 PM, Martin v. Löwis mar...@v.loewis.dewrote:
I want to remove distutils from the standard library. If that happens
then we might want a secure way to install it from pypi. One way would
be to include the public key used to sign distutils in Python's own
On Tue, 13 Nov 2012 21:26:51 +0100 (CET)
philip.jenvey python-check...@python.org wrote:
http://hg.python.org/cpython/rev/a580cf4ab940
changeset: 80418:a580cf4ab940
branch: 3.2
parent: 80397:8a28c974f903
user:Philip Jenvey pjen...@underboss.org
date:Tue Nov 13
On 13 Nov, 2012, at 17:21, Antoine Pitrou solip...@pitrou.net wrote:
Le Tue, 13 Nov 2012 16:10:30 +0100,
Ronald Oussoren ronaldousso...@mac.com a écrit :
On 13 Nov, 2012, at 16:00, Daniel Holth dho...@gmail.com wrote:
I want to remove distutils from the standard library.
Why?
On 13 Nov, 2012, at 18:32, Martin v. Löwis mar...@v.loewis.de wrote:
Am 13.11.12 17:45, schrieb Maciej Fijalkowski:
For example distutils is absolutely *untestable* which makes it very
far from good enough for me.
I never had issues with testing distutils applications. I use
python
22 matches
Mail list logo
