On 28 July 2014 20:19, Noah Kantrowitz <n...@coderanger.net> wrote: > To be clear, this adds literally no security.
Really? For my education, could you clarify? Is this because we can assume (with https) that every step between the developer uploading to PyPI and the user downloading to his local PC is secured? Paul _______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
