On Wed, Jan 12, 2022 at 12:25:16PM -0500, John Snow wrote: > On Wed, Jan 12, 2022 at 5:56 AM Stefan Hajnoczi <stefa...@redhat.com> wrote: > > > > [Context: John created a PyPI QEMU user in order to publish the qemu.qmp > > package. If anyone wants to publish additional Python packages from > > qemu.git, please contact him for PyPI access.] > > > > On Tue, Jan 11, 2022 at 03:42:23PM -0500, John Snow wrote: > > > Account made: https://pypi.org/user/QEMU/ > > > > > > I can't update the wiki, I lack admin perms to edit > > > https://wiki.qemu.org/AdminContacts > > > > > > I assume in the event that I fall into a black hole or get launched > > > out of a cannon into the sun, any mails sent to js...@redhat.com can > > > be recovered by Red Hat in general, so there's a sufficient recourse > > > for recovering the account in that circumstance. > > > > Thanks, I have added the PyPI QEMU user and added you as the admin > > contact: > > https://wiki.qemu.org/AdminContacts#Other_resources > > > > Stefan > > Thanks, Stefan! > > As additional context, there is currently a single package that > belongs to that user, "qemu.qmp" [1]. I published it "in advance" to > be able to test integration in an RFC patch set I posted to the list > just before the winter break [2]. The package is an "alpha prerelease" > and is at a very low-risk to be installed by accident. The version > chosen here will be considered "less than" any other valid version > string chosen, and can be deleted permanently from PyPI after > consensus on list review. Please forgive the mid-review publishing. > The exact metadata, wording of the README, etc is still under review > here [3]. > > As for the PyPI account itself, I have volunteered to administer it. > If anyone wants access (esp. a leadership committee member from > another employer), please contact me - I'm happy to share.
As a general rule we should ensure we always have 2 nominated people with access to any account held on behalf of the QEMU project, so we have some redundancy in case of unexpected events. So we definitely ought to have a 2nd person with access to PyPI even if they do nothing with it. Regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
