On Jul 17, 2013, at 9:52 PM, Justin Cappos <jcap...@poly.edu> wrote:
> If there is not a compromise of PyPI, then all updates happen essentially > instantly. > > Developers that do not sign packages and so PyPI signs them, may have their > newest packages remain unavailable for a period of up to 3 months *if there > is a compromise of PyPI*. Can you go into details about how things will graduate from unstable to stable instantly in a way that a compromise of PyPI doesn't also allow that? > > Thanks, > Justin >
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org http://mail.python.org/mailman/listinfo/distutils-sig