GPG signatures invisible in new PyPI (was: Re: new Python Package Index is now in beta at pypi.org)
Dominik George
nik at naturalnet.de
Sat Mar 31 18:26:47 EDT 2018
Hi,
On Sat, Mar 31, 2018 at 06:16:51PM -0400, Sumana Harihareswara wrote:
> The new Python Package Index at https://pypi.org is now in beta.
Yep!
I read that the new Warehouse does not offer GPG signature files for
download.
Why not? How can I still get them (append .asc to the source downlaod?),
and how do I find out whether an upload is signed?
I am asking mainly as a Debian developer relying on upstream signatures.
-nik
--
PGP-Fingerprint: 3C9D 54A4 7575 C026 FB17 FD26 B79A 3C16 A0C4 F296
Dominik George · Hundeshagenstr. 26 · 53225 Bonn
Phone: +49 228 92934581 · https://www.dominik-george.de/
Teckids e.V. · FrOSCon e.V. · Debian Developer
LPIC-3 Linux Enterprise Professional (Security)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 902 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/python-list/attachments/20180401/cd972888/attachment.sig>
More information about the Python-list
mailing list