Nah, PyPI itself isn't deployed via Chef yet. On Sep 29, 2013, at 2:21 AM, Richard Jones <[email protected]> wrote:
> I've edited the /mirrors page to reflect the new mirroring reality (and > pushed to the repos which I *think* will result in it being pushed to the > server, yes?) > > > Richard > > > On 29 September 2013 16:13, Nick Coghlan <[email protected]> wrote: > On 29 September 2013 13:07, Donald Stufft <[email protected]> wrote: > > > > On Sep 28, 2013, at 10:16 PM, Nick Coghlan <[email protected]> wrote: > > > >> On 29 September 2013 11:10, Noah Kantrowitz <[email protected]> wrote: > >>> +1 > >>> > >>> --Noah > >> > >> Deprecating it as a consequence of PEP 449 makes sense, but is there > >> any urgency to dropping it? > >> > >> I'm not necessarily opposed to removing it, but what's the specific > >> *gain* in doing so? If it's just a matter of wanting to skip > >> implementing it for Warehouse, then I'd say +1 to leaving it out of > >> the API reimplementation, but I don't yet see the advantage in > >> removing it from the existing PyPI code base. > >> > >> If we do remove it, then it should probably only be after all the old > >> autodiscovery domain names have been redirected back to the main PyPI > >> server. > >> > >> Cheers, > >> Nick. > >> > >> -- > >> Nick Coghlan | [email protected] | Brisbane, Australia > > > > Well the underlying reason is I think it's a dead end and I don't want to > > implement it in Warehouse. > > > > The reason for wanting to remove it *now* instead of just letting it > > naturally > > die when Warehouse becomes a thing is to remove the (unlikely) chance > > that someone starts to depend on it in the interim. Basically since afaik > > nobody even uses it (Crate did for awhile and I had to disable it because > > of false failures) the risk is minimal to removing it outright to prevent > > it from > > being used. > > > > Plus if the secret key has leaked (unlikely but possible given the > > implementation > > and the use of DSA) it's not just "cruft" it's outright dangerous. > > That sounds reasonable. Perhaps switch those URLs to return an error > page explaining why they're no longer available, along with a pointer > to PEP 449 and a suggestion to contact distutils-sig if the removal > causes a problem for anyone? > > Cheers, > Nick. > > -- > Nick Coghlan | [email protected] | Brisbane, Australia > ----------------- Donald Stufft PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ Distutils-SIG maillist - [email protected] https://mail.python.org/mailman/listinfo/distutils-sig
