[issue17096] the system keyring should be used instead of ~/.pypirc

Christian Heimes added the comment: PyPA is now maintaining packaging and developing software for packaging. They develop new tooling to upload packages, too. -- ___ Python tracker

[issue17096] the system keyring should be used instead of ~/.pypirc

Thomas Grainger added the comment: But distutils is a core Python module... On 9 Sep 2016 00:43, "Christian Heimes" wrote: > > Christian Heimes added the comment: > > Please take this idea to https://www.pypa.io/ > > -- > nosy: +christian.heimes > resolution:

[issue17096] the system keyring should be used instead of ~/.pypirc

Christian Heimes added the comment: Please take this idea to https://www.pypa.io/ -- nosy: +christian.heimes resolution: -> out of date status: open -> closed ___ Python tracker

[issue17096] the system keyring should be used instead of ~/.pypirc

Éric Araujo added the comment: The general idea is absolutely right: using proper keyrings (or ssh) is an excellent thing for security and ease of use. A big obstacle however is the rules for stdlib inclusion: a module such as keyring which is tied to specific applications/libs/file formats

[issue17096] the system keyring should be used instead of ~/.pypirc

New submission from Thomas Grainger: Having the password stored in a plain-text configuration file is not great security. A better choice would be to try to use the OS keyring and then fall back to a plaintext file An example implementation of a generic keyring python interface is available