--On 8. April 2008 21:39:14 -0400 Tres Seaver <[EMAIL PROTECTED]> wrote:

Hash: SHA1

1.0dev-r27844 seems to be gone from PyPI.

Such a version should *never* have been "released" to PyPI (any egg /
source dist with an SVN revision number in its filename is *not*
suitable for sharing with the wider world).  Pushing such distributions
out to PyPI, rather than sharing them in a more restricted / private
location, induces pain on the wrong parties (those who innocently rely
on PiPI, rather than those perpetrating the risky behavior).

Amen. Lots of people are misusing PyPI right now for uploading their broken packages: lots of dev-packages in some weird state, packages without metadata, packages without URL, packages with descriptions..that's a pretty big pain in the *** right now. I currently working on the buildout infrastructure for three of our major Zope projects (which lots of externals dependencies) and I am sometimes really annoyed that stuffs works some day and not the other day because packages appearently come and go.

I'm CCing Sylvain who I
believe made the last release.  Maybe we can even convince him to make a
proper release, not an SVN snapshot. :-)

Of course, we should also make sure that the latest version works
properly with its pinned py dependency.


Also Amen on this.


Attachment: pgpYknzKbfp9V.pgp
Description: PGP signature

Zope-Dev maillist  -  Zope-Dev@zope.org
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to