FYI, egg-info directories can store arbitrary data (see e.g. the EggTranslations package, which uses it for localization resources), so you may want to impose some restrictions on *which* metadata files to include.
You mean, so that it doesn't include malware, porn, or other spam? That would be useful, I guess.
Second, if a user uploads a source distribution built with setuptools, it will include an .egg-info directory automatically, so you can simply extract it from there. Conversely, if the source distribution is *not* built with setuptools, then building it with setuptools would not produce much information in the egg-info anyway.
I see. I'll try to start with that as an assumption, but will still try to validate it wrt. real data.
PKG-INFO SOURCES.txt # a manifest of the sdist contents top_level.txt # list of top-level package/module names scripts/ # source code of scripts in the package) zip-safe or not-zip-safe # flag file I don't think that most of these are useful for PyPI searches, though I suppose a listing of the name of the scripts the package includes could be useful.
I really try PyPI not to interpret any of these data. So I rather err on the inclusive side.
I'm not sure how useful it is to just have URLs for accessing the files, though, vs. having actual searches on structured data provided in the files. For example, an index of projects by package or module names, or of projects that provide a particular entry point.
In principle, it should be possible to let other services provide such indices. I'd rather provide the files as-is for the moment, and see what kind of facilities people would desire on top of it. Regards, Martin _______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
