On Tue, Mar 12, 2013 at 12:04 AM, PJ Eby <[email protected]> wrote: > Just a thought, but... > > If 90% of PyPI projects do not have any external files to download, > then, wouldn't it make sense to: > > 1. Add a project-level option to enable or disable the adding of the > rel="" attribute to /simple links (but not affecting the links in any > other way) > 2. Default it to disabled for new projects, and > 3. Set it to disabled *now* for the 90% of projects that *don't have > external files*?
That doesn't solve the problem, but it would make easy_install faster, so +1 > Immediately, 90% of the problem goes away That's not 90% of the problem. The problem with externally hosted files is not primarily that easy_install gets slower. > stuff that doesn't contain a link now, but which could be taken over > by a malicious party in the future, and 90% fewer sites having to be > up in order for you to build something from PyPI. Well, if the sites that do not contain the packages are down, that only results in the build be *really* slow, it doesn't fail. It's when the sites which *are* hosting packages are down that the build fails. //Lennart _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
