On 2 June 2017 at 09:00, Nick Timkovich <prometheus...@gmail.com> wrote:
> This issue was also brought up in January at https://github.com/pypa/pypi- > legacy/issues/585 then just as after the initial "typosquatting PyPI" > report (June 2016) it's met with resounding silence. Attacking the > messenger doesn't seem like a winning move from a security standpoint. > > Can we come up with a plan to address the underlying issue and protect > users? > We haven't yet, but I'm not holding that as proof that we couldn't. Richard
_______________________________________________ Distutils-SIG maillist - Distutils-SIG@python.org https://mail.python.org/mailman/listinfo/distutils-sig
