Missed the reply all ---------- Forwarded message ---------- From: "Tarek Ziadé" <ziade.ta...@gmail.com> Date: Jan 22, 2012 9:35 AM Subject: Re: [Catalog-sig] New pythonpackages.com service coming soon To: "Alex Clark" <acl...@aclark.net>
The only concern I have is securiy. if someone breaks your server it can create havoc for those packages on PyPI. Maybe there's a way to make this more secure, like making session based authorization ? Or that's what you planned maybe ? Otherwise cool idea Cheers Tarek On Jan 22, 2012 9:04 AM, "Alex Clark" <acl...@aclark.net> wrote: > Folks, > > I have created a new service aimed at making it easier to release Python > packages to PyPI. The primary user is currently: me. And to date, I have > only released a single package with it: Pillow (well, in fact I really only > tested a portion of the release process with Pillow). > > It works like this: > > - I have created a "user" `pythonpackages` on PyPI > - I have uploaded an ssh key [1]. > - I have added `pythonpackages` as a maintainer of `Pillow`. > - You can imagine the rest (and if you can't, it's a secret for now.) > > Now, I read the TOS very carefully before creating the `pythonpackages` > "user". And there was nothing in it to indicate this action is anything > other than "fair use". But I want to bring it to the attention of the PyPI > maintainers now, in the event the service becomes popular later (I know at > least I am planning to use it quite a bit. And we have ~70 beta users > signed up to begin testing.) > > The bottom line is: there is now a "user" on the PyPI called > `pythonpackages` that is in fact not a user, but a website ( > pythonpackages.com). By adding the "user" `pythonpackages` as a > Maintainer to your package, you will be able to use the > pythonpackages.comservice to automate your release process in some exciting > capacity, to be > revealed soon. This is just one aspect of the service I am building, but it > is an important milestone that I wanted to share (for obvious reasons). > > I welcome any comments/questions/concerns. It is my sincere hope that at > the most, I am not offending anyone with my actions and at the least, I am > not violating any terms or conditions that I don't know about. > > Sincerely, > > > Alex Clark > > > [1] I am using pypissh, > http://pythonpackages.com/**info/pypissh<http://pythonpackages.com/info/pypissh>(many > thanks to Martin von Löwis for this). > > > -- > Alex Clark · http://pythonpackages.com > > ______________________________**_________________ > Catalog-SIG mailing list > Catalog-SIG@python.org > http://mail.python.org/**mailman/listinfo/catalog-sig<http://mail.python.org/mailman/listinfo/catalog-sig> >
_______________________________________________ Catalog-SIG mailing list Catalog-SIG@python.org http://mail.python.org/mailman/listinfo/catalog-sig
