As a heads up I filed bugs with each of these projects (with the exception of netifaces, which doesn't appear to have a tracker). The dnspython maintainer has already uploaded the package to PyPi and disabled scraping!
Alex On Fri, Jul 19, 2013 at 8:04 PM, Monty Taylor <mord...@inaugust.com> wrote: > Hey guys! > > PyPI is moving towards the world of getting people to stop hosting stuff > via external links. It's been bad for us in the past and one of the > reasons for the existence of our mirror. pip 1.4 has an option to > disallow following external links, and in 1.5 it's going to be the > default behavior. > > Looking forward, we have 5 pip packages that host their stuff > externally. If we have any pull with their authors, we should get them > to actually upload stuff to pypi. If we don't, we should strongly > consider our use of these packages. As soon as pip 1.4 comes out, I > would like to moving forward restrict the addition of NEW requirements > that do not host on pypi. (all 5 of these host insecurely as well, fwiw) > > The culprits are: > > dnspython,lockfile,netifaces,psutil,pysendfile > > _______________________________________________ > OpenStack-dev mailing list > OpenStack-dev@lists.openstack.org > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev > -- "I disapprove of what you say, but I will defend to the death your right to say it." -- Evelyn Beatrice Hall (summarizing Voltaire) "The people's good is the highest law." -- Cicero GPG Key fingerprint: 125F 5C67 DFE9 4084
_______________________________________________ OpenStack-dev mailing list OpenStack-dev@lists.openstack.org http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
