[Catalog-sig] Use user-specific site-packages by default?
Terry Reedy
tjreedy at udel.edu
Tue Feb 5 21:54:23 CET 2013
On 2/5/2013 11:35 AM, Lennart Regebro wrote:
> On Tue, Feb 5, 2013 at 5:03 PM, Donald Stufft <donald.stufft at gmail.com> wrote:
>> Besides the issues with validating that the package We are mirroring
>> is the authentic one there's also a legal issue. We don't know for sure
>> that we have the legal rights to redistribute those files. When you upload
>> a file to PyPI you grant the PSF a license to do that, no upload from the
>> author = no license. IANAL but i think i'm correct on that.
>
> Absolutely, but if the package is marked with a license that allows
> redistribution in the metadata, then we can.
The last I read (and I cannot find the seemingly hidden page) the author
(or rights-holder) of code must grant PSF something more than just
redistribution rights before uploading it. The same must also certify
some mumbo-jumbo about compliance with national laws and cryptography.
No 3rd party can do that.
--
Terry Jan Reedy
More information about the Catalog-SIG
mailing list