Log file Viewer

[12:30:41] <Ivo_> dstufft, r1chardj0n3s_afk how are - and _ supposed to work in package names again? try `pip install colored-traceback` - getting this http://pastie.org/9436624

[12:44:16] <agronholm> when you say package, do you mean package or distribution?

[13:41:53] <Ivo_> agronholm: most of the time they're intechangeable..

[13:42:07] <Ivo_> It's not called the PyDI :P

[13:47:23] <agronholm> but often the distributions with - in their names use something else as the package name

[13:47:32] <agronholm> I dare say most of the time

[14:36:36] <pombreda> and FWIW wheel may substitute some - with _ when building a wheel.

[14:37:32] <pombreda> and Ivo_ and agronholm : I think Ivo_ meant a pypi package, not a 'python package __init__.py directory

[14:38:04] <pombreda> package is quite overloaded as a term ;)

[14:45:50] <agronholm> well - and _ are used in *a lot* of distribution names

[14:45:58] <agronholm> if there was a problem with that, we'd know

[16:29:23] <Ivo_> agronholm: try pip install colored-traceback in a new virtualenv or w/e

[16:30:22] <agronholm> TooManyRedirects

[16:31:04] <Ivo_> definitely seems like a prob with the - -> _ stuff

[16:31:10] <Ivo_> well, feels like it anyway

[16:32:59] <agronholm> https://pypi.python.org/simple/colored-traceback/

[16:33:34] <agronholm> should be easily fixable

[17:47:31] <jxcl> hey guys, I'm interested in writing a pull request for issue #1035 on pip

[17:48:12] <jxcl> I figured I'd stop by here and get any information you guys wanted to give me

[18:12:51] <jxcl> dstufft: you were pretty active in the thread for issue #1035. Is that still something you would be interested in seeing?

[18:14:15] <dstufft> I'm not sure which that is

[18:14:56] <jxcl> pip #1035: Implement "hook" support for package signature verification.

[18:15:01] <agronholm> what was the warehouse alpha deployment url again?

[18:15:34] <dstufft> warehouse.python.org

[18:15:39] <agronholm> thanks

[18:15:55] <agronholm> dstufft: did you see Ivo_'s issue about the redirects?

[18:16:09] <dstufft> jxcl: I'm not sure right now, there's some discussion about if it makes sense at all for us to have real package signing or not

[18:16:51] <dstufft> agronholm: I hadn't noticed it, but it's probably the rename problem

[18:16:57] <jxcl> I'm actually interested in that ticket for another reason entirely. I need a system of checking whether a package has been approved by our IT department before allowing installation

[18:16:59] <agronholm> rename problem?

[18:17:24] <jxcl> I figured while I'm building that I may as well contribute it to pip

[18:18:14] <dstufft> agronholm: if you publish a package, then delete it, then republish it under a different name, but which normalizes the same (case differences, - and _, etc) the old redirect doesn't get purged

[18:19:50] <jxcl> I'm also not sure I understand what you mean by "real package signing". Are you talking about authors signing their packages on pypi?

[18:20:03] <dstufft> yea

[18:20:44] <dstufft> jxcl: historically the way I've seen people implement that IT department thing is to have a mirror of PyPI which only includes items that have been signed off by IT

[18:21:19] <jxcl> that's really a much better way of doing that

[18:21:45] <jxcl> the documentation I've been able to find on setting up a PyPI mirror has been slim

[18:23:40] <dstufft> it's pretty easy, if you want to make an index you just need a web server that generated links automatically like nginx, apache, twisted web, whatever, make a dir structure like <ROOT>/<Package Name>/<Package Files> and do pip install --index-url = <web address for ROOT> , or even simpler, just shove all the files in the root, and do ``pip install --no-index --find-links <web address for ROOT>``

[18:25:22] <jxcl> what does "all of the files" mean in this case?

[18:26:30] <dstufft> the package files

[18:27:00] <jxcl> the .tar.gz files for the packages that I want on that mirror?

[18:27:20] <dstufft> e.g. you can shove all the installable files in a directory on a server, and do twistd -n web --path /path/to/that/directory and you have a mirror you can use with pip install --no-index --find-links <wahtever>

[18:27:20] <dstufft> yes

[18:27:39] <jxcl> ok, nice

[18:28:00] <jxcl> that actually solves a bunch of problems, thanks!

[19:33:19] <pmxbot> jaraco pushed 3 commits to setuptools (https://bitbucket.org/pypa/setuptools/) :

[19:33:19] <pmxbot> Remove unused variable

[19:33:19] <pmxbot> Python 2.3 no longer supported

[19:33:19] <pmxbot> Add test capturing failure on Python 2.6. Ref #236

[19:38:38] <pmxbot> jaraco pushed 2 commits to setuptools (https://bitbucket.org/pypa/setuptools/) :

[19:38:38] <pmxbot> Extract variable

[19:38:38] <pmxbot> Correct execfile implementation for Python 2.6. Fixes #236.

[20:00:29] <Ivo_> dstufft: haha yeah sounds exactly like the rename problem, except I think the guy was adamant he didnt rename it, just reuploaded it

[20:01:13] <Ivo_> was hard to find out exactly what package names he uploaded both times but he did delete and reupload

[20:27:04] <pmxbot> jaraco pushed 6 commits to setuptools (https://bitbucket.org/pypa/setuptools/) :

[20:27:04] <pmxbot> Downgrade pytest to get tests to pass.

[20:27:04] <pmxbot> Use 'python -m' to install to active Python version

[20:27:04] <pmxbot> Try running not in the context of the project under test

[20:27:04] <pmxbot> Omit sudo. Hope pytest is in the virtualenv

[20:27:04] <pmxbot> Added tag 5.4.2 for changeset 7adcf1397f6e

[20:27:04] <pmxbot> Bumped to 5.4.3 in preparation for next release.