/oneget https://github.com/OneGet/oneget).
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org
This sounds like something good for packaging.python.org
On Oct 29, 2014, at 4:05 PM, Paul Moore p.f.mo...@gmail.com wrote:
On 29 October 2014 15:31, Nathaniel Smith n...@pobox.com wrote:
You can use Express editions of Visual Studio.
IIUC, the express edition compilers are 32-bit only,
On Oct 29, 2014, at 6:09 PM, Paul Moore p.f.mo...@gmail.com wrote:
On 29 October 2014 20:26, Donald Stufft don...@stufft.io wrote:
This sounds like something good for packaging.python.org
Yeah, I wondered about that. I'll work up a patch for that. But the
more I think about it, it really
to PyPI, or there something else to do?
Generally for uploading to PyPI you do ``python setup.py bdist_wheel``, though
I don’t think there’d be any bad thing if you used pip wheel.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
I have an idea, can you run https://bpaste.net/show/c5d7cd102f5b and
tell me what it outputs? Both on a machine that works and one that
doesn’t.
On Oct 25, 2014, at 2:14 AM, David Bolen db3l@gmail.com wrote:
Donald Stufft don...@stufft.io writes:
What version of OpenSSL is it using
Is this using HTTPS or SSH.
On Oct 24, 2014, at 11:47 PM, David Bolen db3l@gmail.com wrote:
Starting yesterday, my XP buildbot began failing to execute clone
operations against hg.python.org. There's not a lot of data being
given aside from a transaction abort message (and my buildbot
What version of OpenSSL is it using.
On Oct 25, 2014, at 1:00 AM, David Bolen db3l@gmail.com wrote:
David Bolen db3l@gmail.com writes:
which appears to die mid-stream while receiving the manifests.
So I'm sort of hoping there might be some record server-side as to why
things
I'm on my phone but docs is served via fastly. Issues could be POP specific.
On Oct 20, 2014, at 7:38 PM, Oleg Broytman p...@phdru.name wrote:
On Tue, Oct 21, 2014 at 12:29:45AM +0100, MRAB pyt...@mrabarnett.plus.com
wrote:
On 2014-10-21 00:09, Eli Bendersky wrote:
On Mon, Oct 20,
].
[1]
http://googleonlinesecurity.blogspot.com/2014/10/this-poodle-bites-exploiting-ssl-30.html
[2] https://www.openssl.org/~bodo/ssl-poodle.pdf
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python
, and then shut them down as long as there’s some way to
automate logging into a Windows box and running some commands… Normally I’d do
this with SSH but I don’t know if Windows has anything like that.
IOW we can totally spin up preconfigured VMs for a Windows build service.
---
Donald Stufft
PGP
now.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive
On Oct 8, 2014, at 3:36 PM, Wes Turner wes.tur...@gmail.com wrote:
On Oct 8, 2014 7:20 AM, Donald Stufft don...@stufft.io
mailto:don...@stufft.io wrote:
On Oct 8, 2014, at 6:16 AM, Christian Tismer tis...@stackless.com
mailto:tis...@stackless.com wrote:
-BEGIN PGP
install
pip3, and pip3.4, but *not* pip if it was an install, and only pip3.4 if it
was an alt install.
My question is, does this behavior make sense for ensurepip in 2.7? Or should
it also install the pip command if it is an install?
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9
the (alt)install targets of Python's own Makefile, and I
think those are exactly right.
On Oct 3, 2014 3:07 PM, Donald Stufft don...@stufft.io
mailto:don...@stufft.io wrote:
I'm working on the backport of ensurepip to Python 2.7, and I realized that
I'm not sure which commands to install. Right
Whoops, I misred.
So to be clear, you think:
install - pip, pip2, pip2.7
altinstall - pip2.7
On Oct 3, 2014, at 8:46 PM, Guido van Rossum gu...@python.org wrote:
That's not what I meant. Python 2.7 does install python unless you use
altinstall.
On Oct 3, 2014 5:33 PM, Donald Stufft don
On Sep 26, 2014, at 3:09 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 26 September 2014 01:38, Donald Stufft don...@stufft.io wrote:
Either way I'm fairly commited to making --user the default, the only
question
on my mind is what exactly does that look like (e.g. does root get --user
On Sep 26, 2014, at 9:53 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 26 September 2014 14:31, Donald Stufft don...@stufft.io wrote:
Yea, I think we throw an error when you use —user inside a virtual
environment.
So if --user became the default, what would happen? I'd like pip
inside
Awesome!
On Sep 26, 2014, at 2:01 PM, Steve Dower steve.do...@microsoft.com wrote:
Hi all,
(This is advance notice since people on this list will be interested.
Official announcements are coming when setuptools makes their next release.)
Microsoft has released a compiler package
:)
Basically people have Python in a ton of different configurations and it’s
hard to figure out if —user will work out of the box in all of them or not.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev
On Sep 25, 2014, at 11:54 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 25 September 2014 16:43, Donald Stufft don...@stufft.io wrote:
Basically people have Python in a ton of different configurations and it’s
hard to figure out if —user will work out of the box in all of them or not.
I
On Sep 25, 2014, at 6:44 PM, Chris Barker chris.bar...@noaa.gov wrote:
On Thu, Sep 25, 2014 at 9:00 AM, Donald Stufft don...@stufft.io
mailto:don...@stufft.io wrote:
1) Just always default to —user and add a —system or similar flag, this
is super easy to change but is a backwards
about *nix is even though you can’t write to your normal Python
install location without root, invoking pip with permissions (assuming you have
them) is as easy as prefacing it with ``sudo`` in most cases. Does Windows have
an equivalent or do you need to launch a whole new shell?
---
Donald
/donald%40stufft.io
This new compiler has the incredibly awesome feature of being forwards
compatible
right? Like in 10 years stuff compiled with a newer compiler will still work?
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
compiler...
Top-posted from my Windows Phone
Yea I think it makes incredible sense to aim for it then, even if it makes
things slip.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev
/
http://legacy.python.org/dev/peps/pep-0478/
Key facts:
Beta 1 is May 24th 2015, about a month after the end of the PyCon US 2015
sprints.
Final release is September 13, 2015, just over a year from now.
Comments?
It says 3.4.0 all through it.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926
``python`` should point to ``python2``. If Python 3.x is the
default version and Python 2.x is the “optional” version than I think
personally it makes sense to switch eventually. Maybe not immediately to give
people time to update though?
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C
``.
All of this assuming of course that 4.0 isn’t a major break like 3.0 and that we
do 4.0 instead of 3.10 as has been suggested.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https
On Sep 19, 2014, at 8:02 PM, Greg Ewing greg.ew...@canterbury.ac.nz wrote:
Donald Stufft wrote:
My biggest problem with ``python3``, is what happens after 3.9.
Python2 technically includes 1.x versions as well, so it
wouldn't be unprecedented for python3 to imply versions
beyond 3.x
ctx.verify_hostname = False
kwargs[“context”] = ctx
return _real_urlopen(*args, **kwargs)
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman
On Sep 8, 2014, at 6:43 PM, Nick Coghlan ncogh...@gmail.com wrote:
On 9 Sep 2014 08:30, Donald Stufft don...@stufft.io
mailto:don...@stufft.io wrote:
If someone wants to do this, can’t they write their own 6 line function?
Unfortunately not, as the domain knowledge required to know
/options/python-dev/donald%40stufft.io
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org
)
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
can never really be sure if it's getting transport security
when it's requesting transport security.
I completely agree with everything Glyph has said in this post. (To the shock
of everyone involved I’m sure!).
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
difficult backport. It’s only ~200 SLOC or so and the
only
real things would be removing a Python3ism here or there.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https
and monkey patch there. You can’t stop people from overriding modules,
it’s trivial to do. The sys.path ordering just makes it slightly less trivial.
—
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python
sslcustomize is going to make a difference here.
Right, this is the point I was trying to make. If you’ve installed a malicious
package it’s game over. There’s nothing Python can do to help you.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
that
this doesn't happen, just being specific (I'm not actually sure why they would
install a TLS certificate at all if they are trusting perimeter security, but
I'm sure folks do).
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
virtual env can have one sslcustomize of its own. It's fully
backward compatible, doesn't add any flags and developers have the full
power of Python for configuration and customization.
This may be a dumb question, but why can’t sitecustomize do this already?
---
Donald Stufft
PGP: 7C6B
On Aug 29, 2014, at 4:00 PM, M.-A. Lemburg m...@egenix.com wrote:
* choice of trusted certificate:
Instead of hard wiring using the system CA roots into
Python it would be good to just make this default and
permit the user to point Python to a different set of
CA roots.
or a file to change the root certificates without code changes. The
only real problems with the APIs are that the default is bad and
an unrelated thing where you can’t pass in an in memory certificate.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
On Aug 29, 2014, at 5:42 PM, R. David Murray rdmur...@bitdance.com wrote:
On Fri, 29 Aug 2014 17:11:35 -0400, Donald Stufft don...@stufft.io wrote:
Sorry I was on my phone and didn’t get to fully reply to this.
On Aug 29, 2014, at 4:00 PM, M.-A. Lemburg m...@egenix.com wrote
On Aug 29, 2014, at 5:58 PM, M.-A. Lemburg m...@egenix.com wrote:
On 29.08.2014 23:11, Donald Stufft wrote:
Sorry I was on my phone and didn’t get to fully reply to this.
On Aug 29, 2014, at 4:00 PM, M.-A. Lemburg m...@egenix.com wrote:
On 29.08.2014 21:47, Alex Gaynor wrote:
Hi all
.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/archive%40mail
a deprecation warning, or something but my
thoughts on actually removing the other methods are listed explicitly.
---
Donald Stufft
PGP: 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org
On Sun, Aug 17, 2014, at 09:02 PM, Guido van Rossum wrote:
On Sun, Aug 17, 2014 at 6:29 AM, Barry Warsaw ba...@python.org wrote:
On Aug 16, 2014, at 07:43 PM, Guido van Rossum wrote:
(Don't understand this to mean that we should never deprecate things.
Deprecations will happen, they are
from __future__ import bytesdoneright? :D
--
Donald Stufft
don...@stufft.io
On Sun, Aug 17, 2014, at 09:40 PM, Antoine Pitrou wrote:
Le 17/08/2014 20:08, Nick Coghlan a écrit :
On 18 Aug 2014 09:57, Barry Warsaw ba...@python.org
mailto:ba...@python.org wrote:
On Aug 18, 2014
a lot of the *.python.org services are in a similar state where
there is no clear owner. Generally we've not wanted to just step in and take
over for fear of stepping on someones toes but it appears that perhaps
buildbot.p.o has no owner?
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA
. Breaking all
of them on 2.7 would be very bad.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing list
On Jun 23, 2014, at 3:27 PM, M.-A. Lemburg m...@egenix.com wrote:
On 23.06.2014 18:09, Donald Stufft wrote:
On Jun 23, 2014, at 2:09 AM, Martin v. Löwis mar...@v.loewis.de wrote:
* Should we make use of the potential breakage with 2.7.10
to introduce a new Windows compiler version
On Jun 23, 2014, at 4:31 PM, Barry Warsaw ba...@python.org wrote:
On Jun 23, 2014, at 04:20 PM, Donald Stufft wrote:
At the risk of getting Guido to post his slide again, I still think the
solution to the old compiler is to just roll a 2.8 with minimal changes.
No. It's not going
binary packages on OSX is a much
less frequent thing I think though since getting a working compiler toolchain
is easier there.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using
On Jun 23, 2014, at 5:07 PM, M.-A. Lemburg m...@egenix.com wrote:
On 23.06.2014 22:20, Donald Stufft wrote:
On Jun 23, 2014, at 3:27 PM, M.-A. Lemburg m...@egenix.com wrote:
On 23.06.2014 18:09, Donald Stufft wrote:
On Jun 23, 2014, at 2:09 AM, Martin v. Löwis mar...@v.loewis.de wrote
On Jun 23, 2014, at 5:22 PM, Barry Warsaw ba...@python.org wrote:
On Jun 23, 2014, at 05:15 PM, Donald Stufft wrote:
Normally when I see someone suggest that switching compilers
in 2.7.x is likely to be less work than releasing a 2.8 It normally
appears to me they haven’t looked
with a new thing like that.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing list
Python-Dev@python.org
/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
On Jun 6, 2014, at 11:41 AM, Steve Dower steve.do...@microsoft.com wrote:
words
+1 from me.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
as 2.7 just with an updated
compiler that seems like a better answer than having to deal with
2.7.whatever suddenly breaking all C exts.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP
On Jun 6, 2014, at 3:09 PM, Brian Curtin br...@python.org wrote:
On Fri, Jun 6, 2014 at 11:08 PM, Donald Stufft don...@stufft.io wrote:
On Jun 6, 2014, at 3:04 PM, Brian Curtin br...@python.org wrote:
On Fri, Jun 6, 2014 at 10:56 PM, dw+python-...@hmmz.org wrote:
On Fri, Jun 06, 2014
On Jun 6, 2014, at 3:33 PM, Chris Angelico ros...@gmail.com wrote:
On Sat, Jun 7, 2014 at 5:11 AM, Donald Stufft don...@stufft.io wrote:
Is it really any difference in maintenance if you just stop applying updates
to
2.7 and switch to 2.8? If 2.8 is really just 2.7 with a new compiler
with this? AFAIK there is nothing in
most of them to deal with a X.Y.Z release suddenly dealing with a different
compiler.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing list
On Jun 7, 2014, at 12:58 AM, Nick Coghlan ncogh...@gmail.com wrote:
On 7 June 2014 14:47, Donald Stufft don...@stufft.io wrote:
On Jun 7, 2014, at 12:41 AM, Nick Coghlan ncogh...@gmail.com wrote:
Words like just, or simple, or easy really have no place being
applied to a task where
I think UTF8 is the best option.
On Jun 3, 2014, at 9:17 PM, Steven D'Aprano st...@pearwood.info wrote:
There is a discussion over at MicroPython about the internal
representation of Unicode strings. Micropython is aimed at embedded
devices, and so minimizing memory use is important,
it was punted
until 2.7.8 (http://bugs.python.org/issue21305)
And that was everything from PEP 466.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
any help from Red Hat or other
distros?
On Sun, May 18, 2014 at 7:02 PM, Donald Stufft don...@stufft.io wrote:
On May 18, 2014, at 9:53 PM, Guido van Rossum gu...@python.org wrote:
On Sun, May 18, 2014 at 5:49 PM, Benjamin Peterson benja...@python.org
wrote:
Greetings Python users
at documentation that explicitly calls out the ways I might screw
it up, especially in a security sensitive context, but I appreciate it any
context really.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message
invoking (multiple) python processes. This has historically be really slow
(~30 minutes to run ~200 tests of that type). We've been able to get the wall
clock run time down by parallelizing these but the sequential time is still
really slow.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA
:
Yeah, but 200 test in 30 minutes is 9 *seconds* per test -- the Python
startup time is only a tiny fraction of that (20-40 *milliseconds*).
On Sat, May 10, 2014 at 3:33 PM, Donald Stufft don...@stufft.io wrote:
On May 10, 2014, at 5:46 PM, Victor Stinner victor.stin...@gmail.com wrote
On May 9, 2014, at 4:12 AM, M.-A. Lemburg m...@egenix.com wrote:
On 08.05.2014 23:22, Donald Stufft wrote:
On a personal note, I'm uncomfortable with the way this change is
perceived as a case of *pip* enforcing a behaviour that the pip
developers feel should be required. I actually don't
On May 9, 2014, at 5:01 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 9 May 2014 05:34, Donald Stufft don...@stufft.io wrote:
On May 8, 2014, at 5:22 PM, Donald Stufft don...@stufft.io wrote:
Socially, this change does not seem to be having the effect of
persuading more package developers
On May 9, 2014, at 7:55 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 9 May 2014 12:44, Donald Stufft don...@stufft.io wrote:
We still wouldn't be forcing anyone to upload things to PyPI. We are,
however,
discouraging people from not hosting on PyPI and providing incentives to
doing
On May 9, 2014, at 8:21 AM, Paul Moore p.f.mo...@gmail.com wrote:
On 9 May 2014 13:06, Donald Stufft don...@stufft.io wrote:
I think it's important to point out that one of the driving factors that
caused
me to finally push for changes and what lead to PEP438 being created
On May 9, 2014, at 9:58 AM, M.-A. Lemburg m...@egenix.com wrote:
On 09.05.2014 13:44, Donald Stufft wrote:
On May 9, 2014, at 4:12 AM, M.-A. Lemburg m...@egenix.com wrote:
Donald: I don't think anyone is arguing that hosting packages on
PyPI is a bad thing and PyPI as a service has gotten
for me to write PEPs and to update ensurepip. If
they’re going to be used as an excuse to attempt to censor me then I’d rather
not have them as I generally always speak my mind and I won’t stop doing so.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9
On May 9, 2014, at 1:28 PM, R. David Murray rdmur...@bitdance.com wrote:
On Fri, 09 May 2014 11:39:02 -0400, Donald Stufft don...@stufft.io wrote:
On May 9, 2014, at 9:58 AM, M.-A. Lemburg m...@egenix.com wrote:
On 09.05.2014 13:44, Donald Stufft wrote:
On May 9, 2014, at 4:12 AM, M
On May 9, 2014, at 4:20 PM, Terry Reedy tjre...@udel.edu wrote:
On 5/9/2014 2:12 PM, Donald Stufft wrote:
On May 9, 2014, at 1:28 PM, R. David Murray rdmur...@bitdance.com wrote:
I don't understand this. Why it is our responsibility to provide a
free service for a large project
.
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C
because the
server it was hosted on went down.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev
On May 8, 2014, at 9:58 AM, Donald Stufft don...@stufft.io wrote:
Now this does not mean that ``pip install cdecimal`` will automatically
install
this, because whether or not you're willing to install from servers other than
PyPI[1] is a policy decision for the end user of pip.
I forgot
On May 8, 2014, at 10:11 AM, R. David Murray rdmur...@bitdance.com wrote:
On Thu, 08 May 2014 09:58:08 -0400, Donald Stufft don...@stufft.io wrote:
I don't think the warning is FUD, and it doesn't mention anything security
related at all. The exact text of the warning is in the subject
On May 8, 2014, at 10:21 AM, R. David Murray rdmur...@bitdance.com wrote:
On Thu, 08 May 2014 10:11:39 -0400, R. David Murray rdmur...@bitdance.com
wrote:
On Thu, 08 May 2014 09:58:08 -0400, Donald Stufft don...@stufft.io wrote:
I don't think the warning is FUD, and it doesn't mention
.
Regards
Antoine.
The pip developers didn’t make this decision. It was discussed on distutils-sig
hammered out in a PEP, and then accepted. We took part in that discussion,
but ultimately we implemented PEP438.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926
On May 8, 2014, at 10:36 AM, Stefan Krah ste...@bytereef.org wrote:
Donald Stufft don...@stufft.io wrote:
There is support for trusted externally hosted packages, you put the URL in
PyPI and include a hash in the fragment like so:
http://www.bytereef.org/software/mpdecimal/releases
On May 8, 2014, at 11:19 AM, Stefan Krah ste...@bytereef.org wrote:
Donald Stufft don...@stufft.io wrote:
hosted packages are brittle and more prone to failure. Every single external
server adds *another* SPOF into any particular install set. Even if every
external server has a 99.9% uptime
On May 8, 2014, at 11:21 AM, R. David Murray rdmur...@bitdance.com wrote:
On Thu, 08 May 2014 10:37:15 -0400, Donald Stufft don...@stufft.io wrote:
Most users are not going to care up until the point where the external server
is unavailable, and then they care a whole lot. On the tin
On May 8, 2014, at 11:34 AM, Stefan Krah ste...@bytereef.org wrote:
Donald Stufft don...@stufft.io wrote:
Today I've switched to manual install mode with manual sha256sum
verification
which is *far* safer than anything you get via pip right now.
It is not safer in any meaingful way
On May 8, 2014, at 11:37 AM, M.-A. Lemburg m...@egenix.com wrote:
On 08.05.2014 16:42, M.-A. Lemburg wrote:
On 08.05.2014 15:58, Donald Stufft wrote:
On May 8, 2014, at 9:39 AM, M.-A. Lemburg m...@egenix.com wrote:
Well, to be fair and leaving aside uptime concerns and the general
On May 8, 2014, at 12:03 PM, Stefan Krah ste...@bytereef.org wrote:
Donald Stufft don...@stufft.io wrote:
I said ?meaningful?. Almost nobody is going to ever bother googling it and
the likelihood that someone is able to MITM *you* specifically is far lesser
than the likelihood that someone
On May 8, 2014, at 12:42 PM, R. David Murray rdmur...@bitdance.com wrote:
On Thu, 08 May 2014 11:32:28 -0400, Donald Stufft don...@stufft.io wrote:
On May 8, 2014, at 11:21 AM, R. David Murray rdmur...@bitdance.com wrote:
Ah, I understand now.
Your perspective is as someone who is using
On May 8, 2014, at 5:02 PM, Paul Moore p.f.mo...@gmail.com wrote:
On 8 May 2014 16:46, Donald Stufft don...@stufft.io wrote:
Anything can be changes or reconsidered of course. I feel pretty strongly
that
an installer should not install things from places other than the index
without
On May 8, 2014, at 6:20 PM, Nick Coghlan ncogh...@gmail.com wrote:
On 9 May 2014 07:23, Donald Stufft don...@stufft.io wrote:
On May 8, 2014, at 5:02 PM, Paul Moore p.f.mo...@gmail.com wrote:
Or
maybe we have to accept that some developers have sound reasons for
not hosting
On May 8, 2014, at 5:22 PM, Donald Stufft don...@stufft.io wrote:
Socially, this change does not seem to be having the effect of
persuading more package developers to host on PyPI. The stick doesn't
appear to have worked, maybe we should be trying to find a carrot?
Do you have any data
On May 9, 2014, at 12:34 AM, Donald Stufft don...@stufft.io wrote:
The data has finished processing, it represents a time diff of approximately
one year. The pip release that caused all of this was released about 4-5
months
ago.
Oh I forgot to mention:
In order to make the comparison
of it.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman
,
--
Florent
___
Python-Dev mailing list
Python-Dev@python.org
https://mail.python.org/mailman/listinfo/python-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP
On Apr 25, 2014, at 7:20 PM, Ethan Furman et...@stoneleaf.us wrote:
On 04/25/2014 03:26 PM, Donald Stufft wrote:
pep8.py doesn’t violate PEP8, it just takes a stricter view of it.
If pep8 reports errors on things that PEP 8 says are okay, that's a violation.
--
~Ethan
://mail.python.org/mailman/options/python-dev/donald%40stufft.io
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing
is going to be 3.5+
anyways. It seems like trying to fit as many of these compatibility things as
Python is willing to do into 3.5 is the best possible solution since it’s
likely that for a lot of these hanger-ons 3.5 is likely to be a minimum target
anyways.
-
Donald Stufft
PGP
-dev
Unsubscribe:
https://mail.python.org/mailman/options/python-dev/donald%40stufft.io
Fastly logs are stored in Dreamhost so we could make those numbers if they
aren’t already available.
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372
it easier
like a build farm).
-
Donald Stufft
PGP: 0x6E3CBCE93372DCFA // 7C6B 7C5D 5E2B 6356 A926 F04F 6E3C BCE9 3372 DCFA
signature.asc
Description: Message signed with OpenPGP using GPGMail
___
Python-Dev mailing list
Python-Dev@python.org
201 - 300 of 490 matches
Mail list logo
