[Distutils] Removing wheel signing features from the wheel library
alex.gronholm at nextday.fi
alex.gronholm at nextday.fi
Thu Mar 22 14:16:40 EDT 2018
to, 2018-03-22 kello 13:57 -0400, Wes Turner kirjoitti:
> What maintenance is required?
It's hard to say for sure, since that depends on what requirements come
up in the future. One thing this certainly affects is the test suite
which I plan to rewrite because I feel it is woefully inadequate.
Removing mostly unused features helps reduce the effort required for
that. Ditto for the general code refactoring which I'm also planning on
doing.
> Here's a link to the previous discussion of this issue:
>
> "Remove or deprecate wheel-signing features"
> https://github.com/pypa/wheel/issues/196
>
> What has changed? There is still no method for specifying a keyring;
> whereas with GPG, all keys in the ring are trusted.
>
> On Thursday, March 22, 2018, Nick Coghlan <ncoghlan at gmail.com> wrote:
> > On 22 March 2018 at 22:35, <alex.gronholm at nextday.fi> wrote:
> > > I am not changing the format of RECORD, I'm simply removing the
> > >
> > > cryptographic signing and verifying functionality, just the way
> > > you
> > >
> > > described. Hash checking will stay. As we agreed earlier, those
> > >
> > > features could be deprecated or removed from the PEP entirely.
> >
> > Cool, that's what I thought you meant, but I figured I should
> > double check since our discussion was a while ago now :)
> >
> > Cheers,
> > Nick.
> >
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/distutils-sig/attachments/20180322/2962a518/attachment.html>
More information about the Distutils-SIG
mailing list