-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Ben Finney wrote: > "Martin v. Löwis" <mar...@v.loewis.de> writes: > >> Ben Finney wrote: >>> That isn't a good argument. By the same logic, PyPI should not >>> reject *any* upload, to avoid “forcing” uploaders to do extra work. >> PyPI's rejection of certain uploads is primarily to prevent spam from >> being uploaded. > > Am I wrong, then, in thinking that PyPI will reject an upload with > malformed metadata? > > To my understanding, this discussion is about arguing whether an upload > that is missing the package should be rejected by PyPI.
In the language of distutils, recording the metadata about a release is "registration"; registration and upload happen in separate transactions for relatively good reasone: - - There is not a one-to-one relationsihp between metadata sets (registrations) and distributions (e.g., source dist + windows MSI). - - PiPI only has to parse the PKG-iNFO file, and doesn't need to unpack a distribution to look for it. - - Package authors can choose to keep the actual distribution files elsewhere, e.g., to allow for payment, etc.: one might debate the desirability of such a use case for the community at large, but it is certainly part of the historical use of the cheeseshop. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAks0RYUACgkQ+gerLs4ltQ52GQCdFhOUpq9c4hcN7vHiFGaOfqm0 ufUAoMc5FtMKyd5GZI2WySsoUgcgbzj9 =dib1 -----END PGP SIGNATURE----- _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig