Re: [Distutils] Standard packaging API? (was Re: Are there any plans to move to pip/wheels in buildout?)

> On Dec 1, 2014, at 8:44 PM, Nick Coghlan wrote: > > On 2 December 2014 at 05:54, Vinay Sajip wrote: >> AFAIK pip does use distlib (it is vendored by pip), but only for some >> ancillary functions such as pre-release version checks. > > The current direction things appear to be going is: > >

Re: [Distutils] Standard packaging API? (was Re: Are there any plans to move to pip/wheels in buildout?)

On 2 December 2014 at 05:54, Vinay Sajip wrote: > AFAIK pip does use distlib (it is vendored by pip), but only for some > ancillary functions such as pre-release version checks. The current direction things appear to be going is: * use distlib to get a "batteries included" approach to packaging

Re: [Distutils] Package's declared latest version ignored by Warehouse

Donald Stufft writes: > You can always remove a version from PyPI if it’s breaking things for > people. I ond't consider that a good option, since I do want some testers to get it from the published location. > You can also of course revert whatever changes people are being broken > by and uplo

Re: [Distutils] SNI support in pip

On 1 December 2014 at 22:58, Donald Stufft wrote: > On Dec 1, 2014, at 7:40 AM, Wichert Akkerman wrote: > I am wondering: with Python 2.7.9 about to be released with a backport of > Python 3’s ssl module, can pip start supporting SNI without any external > dependencies? That would be a huge help

Re: [Distutils] Package's declared latest version ignored by Warehouse

> On Dec 1, 2014, at 7:40 PM, Ben Finney wrote: > > Donald Stufft writes: > >> Can you go into some detail about what the use case is for having >> something other than the latest version be the default version shown? > > Not much detail needed: The package version was released before it was

Re: [Distutils] Package's declared latest version ignored by Warehouse

Donald Stufft writes: > Can you go into some detail about what the use case is for having > something other than the latest version be the default version shown? Not much detail needed: The package version was released before it was realised that it breaks many people's systems on upgrade. To a

Re: [Distutils] Package's declared latest version ignored by Warehouse

> On Dec 1, 2014, at 7:21 PM, Ben Finney wrote: > > Howdy all, > > The Warehouse is ignoring the feature of PyPI which sets particular > versions of a package visible or not visible. It makes all versions > visible regardless. > > This is a problem when, for example, a package has been uploade

Re: [Distutils] Package's declared latest version ignored by Warehouse

On Dec 1, 2014 6:22 PM, "Ben Finney" wrote: > > Howdy all, > > The Warehouse is ignoring the feature of PyPI which sets particular > versions of a package visible or not visible. It makes all versions > visible regardless. > > This is a problem when, for example, a package has been uploaded but >

[Distutils] Package's declared latest version ignored by Warehouse

Howdy all, The Warehouse is ignoring the feature of PyPI which sets particular versions of a package visible or not visible. It makes all versions visible regardless. This is a problem when, for example, a package has been uploaded but should not be shown by default. An example is the ‘python-da

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

On Mon, Dec 01, 2014 at 15:29 -0600, Ian Cordasco wrote: > On Mon, Dec 1, 2014 at 3:23 PM, holger krekel wrote: > > On Mon, Dec 01, 2014 at 12:45 -0600, Ian Cordasco wrote: > >> On Mon, Dec 1, 2014 at 12:35 PM, Donald Stufft wrote: > >> > > >> >> On Dec 1, 2014, at 4:25 AM, holger krekel wrote:

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

On Mon, Dec 1, 2014 at 3:23 PM, holger krekel wrote: > On Mon, Dec 01, 2014 at 12:45 -0600, Ian Cordasco wrote: >> On Mon, Dec 1, 2014 at 12:35 PM, Donald Stufft wrote: >> > >> >> On Dec 1, 2014, at 4:25 AM, holger krekel wrote: >> >> >> >> Hi Donald, >> >> >> >> On Sat, Nov 29, 2014 at 19:43 -0

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

On Mon, Dec 01, 2014 at 12:45 -0600, Ian Cordasco wrote: > On Mon, Dec 1, 2014 at 12:35 PM, Donald Stufft wrote: > > > >> On Dec 1, 2014, at 4:25 AM, holger krekel wrote: > >> > >> Hi Donald, > >> > >> On Sat, Nov 29, 2014 at 19:43 -0500, Donald Stufft wrote: > On Nov 13, 2014, at 9:21 PM, D

Re: [Distutils] Standard packaging API? (was Re: Are there any plans to move to pip/wheels in buildout?)

AFAIK pip does use distlib (it is vendored by pip), but only for some ancillary functions such as pre-release version checks. I'm not sure it's a good idea to use pip's internal API (as it's internal, and I don't believe it's been designed for use as a library by external code). Regards, Vinay Sa

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

On Mon, Dec 1, 2014 at 12:35 PM, Donald Stufft wrote: > >> On Dec 1, 2014, at 4:25 AM, holger krekel wrote: >> >> Hi Donald, >> >> On Sat, Nov 29, 2014 at 19:43 -0500, Donald Stufft wrote: On Nov 13, 2014, at 9:21 PM, Donald Stufft wrote: Starting a new thread with more explicit d

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

> On Dec 1, 2014, at 4:25 AM, holger krekel wrote: > > Hi Donald, > > On Sat, Nov 29, 2014 at 19:43 -0500, Donald Stufft wrote: >>> On Nov 13, 2014, at 9:21 PM, Donald Stufft wrote: >>> >>> Starting a new thread with more explicit details at Richard’s request. >>> Essentially the tl;dr here i

Re: [Distutils] Standard packaging API? (was Re: Are there any plans to move to pip/wheels in buildout?)

I thought distlib was supposed to be that API... Even though pip doesn't use it. Though that would mean a new major version of buildout that worked on wheels exclusively instead of eggs. Pip itself has an internal API in the `pip.commands` package. From a casual glance it seems usable from other

[Distutils] Standard packaging API? (was Re: Are there any plans to move to pip/wheels in buildout?)

On Mon, Dec 1, 2014 at 8:55 AM, Piotr Dobrogost wrote: > Are there any plans to move from easy_install/eggs to pip/wheels in buildout? Buildout doesn't really use easy_install. It uses setuptools. Originally, I tried to use easy_install directly (and do in some special cases where I shouldn't), b

[Distutils] Are there any plans to move to pip/wheels in buildout?

Hi, Are there any plans to move from easy_install/eggs to pip/wheels in buildout? I have an impression that buildout project has stagnated which is unfortunate taking into consideration how much python packaging has changed recently. Regards, Piotr Dobrogost _

Re: [Distutils] SNI support in pip

> On Dec 1, 2014, at 7:40 AM, Wichert Akkerman wrote: > > I just noticed that pip does not support SNI (on Python 2.7.8). This is a bit > problematic for us since we use a private index on a server using SNI, and > right pip always aborts with a certificate error. I found a year old ticket >

[Distutils] SNI support in pip

I just noticed that pip does not support SNI (on Python 2.7.8). This is a bit problematic for us since we use a private index on a server using SNI, and right pip always aborts with a certificate error. I found a year old ticket that seems related (https://github.com/pypa/pip/issues/1511

Re: [Distutils] API CHANGE - Migrating from MD5 to SHA2, Take 2

Hi Donald, On Sat, Nov 29, 2014 at 19:43 -0500, Donald Stufft wrote: > > On Nov 13, 2014, at 9:21 PM, Donald Stufft wrote: > > > > Starting a new thread with more explicit details at Richard’s request. > > Essentially the tl;dr here is that we'll switch to using sha2 (specifically > > sha256). >