[Catalog-sig] Fwd: Re: New pythonpackages.com service coming soon
Tarek Ziadé
ziade.tarek at gmail.com
Mon Jan 23 00:37:24 CET 2012
On Sun, Jan 22, 2012 at 12:57 P
>
> Maybe there's a way to make
>> this more secure, like making session based authorization ? Or that's
>> what you planned maybe ?
>>
>
> I'm not sure what you mean, but I'm certainly planning lots of things for
> the future, assuming things go well. WRT to sessions the app currently uses
> Pyramid's auth_tkt policy, which configures a session for anyone that
> authorizes the app on github.com.
>
I meant giving a temporary access to my PyPI packages from within your
application when performing tasks, not a complete & permanent one where you
application could perform unwanted tasks at PyPI if the server gets hacked.
I am not sure how this could be done practically speaking, it depends on
the client UI.
Cheers
Tarek
>
> Otherwise cool idea
>>
>
> Thanks
>
>
> Alex
>
> [1] http://lxc.sourceforge.net/
> [2] http://devcenter.heroku.com/**articles/config-vars#an_**example<http://devcenter.heroku.com/articles/config-vars#an_example>
>
>
>
>> Cheers
>> Tarek
>>
>> On Jan 22, 2012 9:04 AM, "Alex Clark" <aclark at aclark.net
>> <mailto:aclark at aclark.net>> wrote:
>>
>> Folks,
>>
>> I have created a new service aimed at making it easier to release
>> Python packages to PyPI. The primary user is currently: me. And to
>> date, I have only released a single package with it: Pillow (well,
>> in fact I really only tested a portion of the release process with
>> Pillow).
>>
>> It works like this:
>>
>> - I have created a "user" `pythonpackages` on PyPI
>> - I have uploaded an ssh key [1].
>> - I have added `pythonpackages` as a maintainer of `Pillow`.
>> - You can imagine the rest (and if you can't, it's a secret for now.)
>>
>> Now, I read the TOS very carefully before creating the
>> `pythonpackages` "user". And there was nothing in it to indicate
>> this action is anything other than "fair use". But I want to bring
>> it to the attention of the PyPI maintainers now, in the event the
>> service becomes popular later (I know at least I am planning to use
>> it quite a bit. And we have ~70 beta users signed up to begin testing.)
>>
>> The bottom line is: there is now a "user" on the PyPI called
>> `pythonpackages` that is in fact not a user, but a website
>> (pythonpackages.com <http://pythonpackages.com>). By adding the
>>
>> "user" `pythonpackages` as a Maintainer to your package, you will be
>> able to use the pythonpackages.com <http://pythonpackages.com>
>>
>> service to automate your release process in some exciting capacity,
>> to be revealed soon. This is just one aspect of the service I am
>> building, but it is an important milestone that I wanted to share
>> (for obvious reasons).
>>
>> I welcome any comments/questions/concerns. It is my sincere hope
>> that at the most, I am not offending anyone with my actions and at
>> the least, I am not violating any terms or conditions that I don't
>> know about.
>>
>> Sincerely,
>>
>>
>> Alex Clark
>>
>>
>> [1] I am using pypissh, http://pythonpackages.com/__**info/pypissh<http://pythonpackages.com/__info/pypissh>
>>
>> <http://pythonpackages.com/**info/pypissh<http://pythonpackages.com/info/pypissh>>
>> (many thanks to Martin von
>> Löwis for this).
>>
>>
>> --
>> Alex Clark · http://pythonpackages.com
>>
>> ______________________________**___________________
>> Catalog-SIG mailing list
>> Catalog-SIG at python.org <mailto:Catalog-SIG at python.org**>
>> http://mail.python.org/__**mailman/listinfo/catalog-sig<http://mail.python.org/__mailman/listinfo/catalog-sig>
>> <http://mail.python.org/**mailman/listinfo/catalog-sig<http://mail.python.org/mailman/listinfo/catalog-sig>
>> >
>>
>>
>>
>>
>> ______________________________**_________________
>> Catalog-SIG mailing list
>> Catalog-SIG at python.org
>> http://mail.python.org/**mailman/listinfo/catalog-sig<http://mail.python.org/mailman/listinfo/catalog-sig>
>>
>
>
> --
> Alex Clark · http://pythonpackages.com
>
> ______________________________**_________________
> Catalog-SIG mailing list
> Catalog-SIG at python.org
> http://mail.python.org/**mailman/listinfo/catalog-sig<http://mail.python.org/mailman/listinfo/catalog-sig>
>
--
Tarek Ziadé | http://ziade.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/catalog-sig/attachments/20120122/9a6ff42f/attachment-0001.html>
More information about the Catalog-SIG
mailing list