--On 8. April 2008 21:39:14 -0400 Tres Seaver <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA11.0dev-r27844 seems to be gone from PyPI.Such a version should *never* have been "released" to PyPI (any egg / source dist with an SVN revision number in its filename is *not* suitable for sharing with the wider world). Pushing such distributions out to PyPI, rather than sharing them in a more restricted / private location, induces pain on the wrong parties (those who innocently rely on PiPI, rather than those perpetrating the risky behavior).
Amen. Lots of people are misusing PyPI right now for uploading their broken packages: lots of dev-packages in some weird state, packages without metadata, packages without URL, packages with descriptions..that's a pretty big pain in the *** right now. I currently working on the buildout infrastructure for three of our major Zope projects (which lots of externals dependencies) and I am sometimes really annoyed that stuffs works some day and not the other day because packages appearently come and go.
I'm CCing Sylvain who I believe made the last release. Maybe we can even convince him to make a proper release, not an SVN snapshot. :-) Of course, we should also make sure that the latest version works properly with its pinned py dependency.Amen!
Also Amen on this. Andreas
pgpYknzKbfp9V.pgp
Description: PGP signature
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )