On Jan 2, 2015, at 3:21 AM, Nick Coghlan ncogh...@gmail.com wrote:
On 2 January 2015 at 16:38, Donald Stufft don...@stufft.io
mailto:don...@stufft.io wrote:
On Jan 2, 2015, at 1:33 AM, Nick Coghlan ncogh...@gmail.com
mailto:ncogh...@gmail.com wrote:
That's the part I meant - the
On Jan 2, 2015, at 7:45 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 2 January 2015 at 11:21, Donald Stufft don...@stufft.io wrote:
To be clear, there is zero delay in being able to publish a new project, the
delay is between moving from a new project being validated by an online key
to an
On 2 January 2015 at 11:21, Donald Stufft don...@stufft.io wrote:
To be clear, there is zero delay in being able to publish a new project, the
delay is between moving from a new project being validated by an online key
to an offline key.
OK, got it.
Although on the terminology front, I don't
On 2 January 2015 at 16:38, Donald Stufft don...@stufft.io wrote:
On Jan 2, 2015, at 1:33 AM, Nick Coghlan ncogh...@gmail.com wrote:
That's the part I meant - the signing of developer keys to delegate trust
to them without needing to trust the integrity of the online PyPI service.
Hence
On Jan 2, 2015, at 6:04 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 2 January 2015 at 06:38, Donald Stufft don...@stufft.io wrote:
Developer keys get signed by offline keys controlled by I’m guessing either
myself or Richard or both.
One thought here. The issue being discussed here
On 2 January 2015 at 06:38, Donald Stufft don...@stufft.io wrote:
Developer keys get signed by offline keys controlled by I’m guessing either
myself or Richard or both.
One thought here. The issue being discussed here seems mainly to be
that it's hard to manage signing of developer keys. That's
On 2 January 2015 at 18:57, Donald Stufft don...@stufft.io wrote:
I have concerns about the actual feasibility of doing such a thing, some
of which are similar to my concerns with doing non-mandatory PEP 480.
* If uploading to a verifier service is optional then a significant
portion of
On 3 January 2015 at 00:25, Donald Stufft don...@stufft.io wrote:
On Dec 10, 2014, at 10:16 PM, Vladimir Diaz vladimir.v.d...@gmail.com
wrote:
Hello everyone,
I am a research programmer at the NYU School of Engineering. My
colleagues (Trishank Kuppusamy and Justin Cappos) and I are
On Dec 10, 2014, at 10:16 PM, Vladimir Diaz vladimir.v.d...@gmail.com wrote:
Hello everyone,
I am a research programmer at the NYU School of Engineering. My colleagues
(Trishank Kuppusamy and Justin Cappos) and I are requesting community
feedback on our proposal, Surviving a
On 2 January 2015 at 14:25, Donald Stufft don...@stufft.io wrote:
I’m going through the PEPs again, and I think that evaluating these PEPs is
more complicated by the fact that there is two of them, I agree that
splitting
up the two PEPs was the right thing to do though. What do you think about
On 3 January 2015 at 01:31, Paul Moore p.f.mo...@gmail.com wrote:
On 2 January 2015 at 14:25, Donald Stufft don...@stufft.io wrote:
Either way though, I suggest focus on PEP 458 (with an eye towards not
making any decisions which will require changes on the client side to
implement
PEP
On Jan 2, 2015, at 10:51 AM, Nick Coghlan ncogh...@gmail.com wrote:
Getting them to manage additional keys, and get them signed and registered
appropriately, and then supplying them is going to be a similar amount of
work, and the purpose is far more cryptic and confusing. My proposal is
On Jan 2, 2015, at 9:55 AM, Nick Coghlan ncogh...@gmail.com wrote:
I just don't personally have any major open questions for PEP 458 - while I'm
aware there are some significant technical details to be resolved in terms of
exactly what gets signed, and how the implementation will work in
yes, I see a similar bug on android.
If I try to scroll up a *little*, it goes all the back to the top.
On Fri, Jan 2, 2015 at 7:39 AM, Chris Jerdonek chris.jerdo...@gmail.com
wrote:
Sorry if this isn't the best list on which to bring this up, but it came
up for me during the recent PEP 440
Sorry if this isn't the best list on which to bring this up, but it came up
for me during the recent PEP 440 discussions.
For a while I've noticed a serious problem when viewing PEP doc pages like
the following on my iPhone:
https://www.python.org/dev/peps/pep-0440/
It's a bit maddening, so I
Thanks for the great feedback - Nick, Donald, Paul, and Richard (off-list).
I am totally fine with focusing on PEP 458 and applying the final coat of
paint on this document.
There's a lot of background documentation and technical details excluded
from the PEPs (to avoid turning the PEP into a
On Jan 2, 2015, at 11:07 AM, Marcus Smith qwc...@gmail.com wrote:
yes, I see a similar bug on android.
If I try to scroll up a *little*, it goes all the back to the top.
On Fri, Jan 2, 2015 at 7:39 AM, Chris Jerdonek chris.jerdo...@gmail.com
mailto:chris.jerdo...@gmail.com wrote:
Sorry
On 2 January 2015 at 16:14, Vladimir Diaz vladimir.v.d...@gmail.com wrote:
There's a lot of background documentation and technical details excluded
from the PEPs (to avoid turning the PEP into a 15+ page behemoth), but I do
agree that we should explicitly cover some of these implementation
On 3 January 2015 at 02:12, Donald Stufft don...@stufft.io wrote:
On Jan 2, 2015, at 10:51 AM, Nick Coghlan ncogh...@gmail.com wrote:
Getting them to manage additional keys, and get them signed and registered
appropriately, and then supplying them is going to be a similar amount of
work,
I prefer pulling the TUF PEPs (available on hg.python.org) into
github.com/pypa.
Please add Justin, Linda, Trishank, and myself as collaborators:
https://github.com/vladimir-v-diaz
https://github.com/dachshund
https://github.com/JustinCappos
https://github.com/lvigdor
P.S. Donald helped
On 3 January 2015 at 02:26, Donald Stufft don...@stufft.io wrote:
On Jan 2, 2015, at 11:14 AM, Vladimir Diaz vladimir.v.d...@gmail.com
wrote:
Thanks for the great feedback - Nick, Donald, Paul, and Richard (off-list).
I am totally fine with focusing on PEP 458 and applying the final coat
On Jan 2, 2015, at 11:14 AM, Vladimir Diaz vladimir.v.d...@gmail.com wrote:
Thanks for the great feedback - Nick, Donald, Paul, and Richard (off-list).
I am totally fine with focusing on PEP 458 and applying the final coat of
paint on this document.
There's a lot of background
On Jan 2, 2015, at 11:47 AM, Vladimir Diaz vladimir.v.d...@gmail.com wrote:
I prefer pulling the TUF PEPs (available on hg.python.org
http://hg.python.org/) into github.com/pypa http://github.com/pypa.
Please add Justin, Linda, Trishank, and myself as collaborators:
On 31 December 2014 at 13:52, Nick Coghlan ncogh...@gmail.com wrote:
Donald is keen to get the updated versions of packaging/pip/setuptools out
that fix the regression in handling exclusive ordered comparison, so this
is a last call for feedback on those changes before we publish the updated
On Jan 2, 2015, at 9:49 PM, Nick Coghlan ncogh...@gmail.com wrote:
On 31 December 2014 at 13:52, Nick Coghlan ncogh...@gmail.com
mailto:ncogh...@gmail.com wrote:
Donald is keen to get the updated versions of packaging/pip/setuptools out
that fix the regression in handling exclusive
25 matches
Mail list logo