Re: [Distutils] Parked Names in PyPI under user rodmena

On 22 April 2016 at 09:40, Ionel Cristian Mărieș wrote: > > On Fri, Apr 22, 2016 at 1:14 AM, Chris Barker > wrote: > >> If that author were to suddenly decide to publish some malware under that >> name -- it would get a lot of traffic! > > > ​That's

Re: [Distutils] Parked Names in PyPI under user rodmena

On Fri, Apr 22, 2016 at 1:14 AM, Chris Barker wrote: > If that author were to suddenly decide to publish some malware under that > name -- it would get a lot of traffic! ​That's the problem with badly chosen names.​ I mean, what do you expect when you give a name taken

Re: [Distutils] Parked Names in PyPI under user rodmena

On Fri, Apr 22, 2016 at 1:14 AM, Chris Barker wrote: > it has published ONE version, in 2011. Have you actually checked? There are 40 releases since 2009: ​ https://pypi.python.org/pypi/mypy/json​ Thanks, -- Ionel Cristian Mărieș, http://blog.ionelmc.ro

Re: [Distutils] Parked Names in PyPI under user rodmena

On Thu, Apr 21, 2016 at 2:24 PM, Alexander Walters wrote: > On 4/21/2016 15:02, Chris Barker wrote: > >> Good evidence that the "first come first served, and then you get to keep >> it forever" is not ideal. >> > > Criminal violations of trademark are evidence that its

Re: [Distutils] Parked Names in PyPI under user rodmena

On 4/21/2016 15:02, Chris Barker wrote: Good evidence that the "first come first served, and then you get to keep it forever" is not ideal. Criminal violations of trademark are evidence that its not ideal, and therefor we should make pypi untrustworthy for all other cases? This case is

Re: [Distutils] Parked Names in PyPI under user rodmena

Interesting. Good evidence that the "first come first served, and then you get to keep it forever" is not ideal. As someone pointed out in the other thread, we probably don't want to change policy on existing packages, but maybe it would be good to get *some* policy in place for when warehouse