-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jim Fulton wrote:
> - We now know not to remove releases. Not everybody does: I've seen folks *recently* re-upload a changed release without bumping the version number; and "we" is a much narrower set than the set of all PyPI maintainers. > - If you are using something in production, you should archive the > necessary > source releases, using a tool like zc.sourcerelease. > > IOW, you shouldn't do production deployments using a dynamic > assembly mechanism. Which is exaclt what I said: >> > You should be *very* afraid of depending on PyPI for softare rolled >> > into production. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFKCwBE+gerLs4ltQ4RAmdnAKDKM8hJietF8FVHZZJ8sn2iP7HFRwCfUt8s loL+AU9xuY5x1vl/D43akGg= =uHh7 -----END PGP SIGNATURE----- _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )