On 11 May 2014 08:38, Nick Coghlan <ncogh...@gmail.com> wrote: > This confusion can likely be resolved by giving the obvious "allow external" > name to the behaviour most users will want, and a more obscure name like > "allow verifiable external" to the specialised behaviour folks like Stefan & > MAL rely on.
I'm struggling to reconcile Donald's assertion (based, I believe, on his data from PyPI) that there are only 25 or so packages on PyPI that are external but safe, and he's hot familiar with any of them, against the comment that Stefan and MAL are affected by this change. https://pypi.python.org/simple/cdecimal/ has no links - maybe because Stefan withdrew them at the start of this debate. https://pypi.python.org/simple/egenix-mx-base/ has verifiable external links. I'm pretty surprised that Donald hasn't heard of mx-base. Donald, maybe you could post the names of those 25 or so packages? Download counts as a gross measure of popularity would be useful here, but AIUI the current counts are unreliable. Is there any work going on to get better download counts? That would really help in exercises like this. Paul _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig