Hi,
On 7/20/12 2:38 AM, Richard Jones wrote:
On 20 July 2012 15:43, Donald Stufft <[email protected]> wrote:
On Friday, July 20, 2012 at 1:07 AM, Richard Jones wrote:
That's OAuth2, which is quite unlike the OAuth1(a) that we
implemented. You cannot do OAuth1 with just requests, as far as I'm
aware. There's no documentation for PyPI OAuth as we're still waiting
for it to be used by someone to prove its usefulness.
I havn't had a chance yet (doing a major refactor first), but there's
experimental
OAuth 1a support in the most recent versions of requests.
Oh, nice! I'll see if I can find some time over the weekend to write
up how to use that against the PyPI implementation.
Nice indeed! I'll take a look, too. Assuming I can get oauth1 going,
will that allow me to make releases on behalf of users? I'm not sure if
this is an oauth1 or 2 thing, but on GitHub you can choose which "scope"
you want your application to ask the user to grant to it:
- http://developer.github.com/v3/oauth/#scopes
So at the very least, I'd like my application to enable users to do the
equivalent of distutils' register and upload commands. The workflow
looks something like this:
- Create package via PasteScript-powered web form:
https://pythonpackages.com/manage/package/new
- Clone, develop code locally, and push
- Test the package release on pythonpackages.com via web form
submissions that execute the following:
$ python setup.py install
$ python setup.py sdist upload -r http://index.pythonpackages.com
- Manually test the release locally via:
$ pip install PACKAGE -i http://index.pythonpackages.com
- Release the package to PyPI via
$ python setup.py register sdist upload
Alex
Richard
--
Alex Clark ยท http://pythonpackages.com/ONE_CLICK_RELEASE
_______________________________________________
Catalog-SIG mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig
