Log file Viewer

[08:13:27] <ronny> dstufft: my main problem with dozens and dozens of websites is - all those "useless" credentials and passwords even tho my "identity" on all those pages is the same

[08:14:05] <ronny> the opensource me has logins to dozens of sites - each a different password, i actually need a clunky password manager app with me so is handleable

[08:15:40] <ronny> and whats worse many of those sites, most ofthose shouldnt have it

[08:16:40] <apollo13> I'd still rather have bitbucket/github logins than instead of openid

[08:17:42] <apollo13> then*

[08:21:28] <[Tritium]> I think openid makes sense for pypi... in exactly the same way as it is used on stack exchange. I have 5 logins for psf infrastructure

[08:21:38] <[Tritium]> I should probably have 1

[08:23:02] <[Tritium]> ((pypi, mailing list, wiki, bug tracker, and psf open membership thing?))

[08:28:21] <[Tritium]> I dont even know why I have the latter

[08:29:18] <ronny> apollo13: im fine with any federated login, but tbh, i wouldnt want it to be owned by companies like github or bitbucket

[08:29:54] <[Tritium]> ronny: then create a username and password

[08:31:19] <[Tritium]> I often see site that use federated login ... use a slew of providers. Stack Exchange uses (I think) github, goolgle, and facebook, for example

[08:32:32] <[Tritium]> google, facebook, yahoo, livejournel, wordpress, blogger, verisign, and aol

[08:32:52] <ronny> [Tritium]: thing is, i dont want usernames and passwords, i want to log in with *my* identity provider without ever needing a password

[08:33:37] <[Tritium]> ronny: the web has passed you by.

[08:34:43] <ronny> [Tritium]: not sure what you mean by that

[08:35:54] <ronny> [Tritium]: but the web proetty much fails to deliver that (at best one can use google or github) propper usage is next to impossible

[08:36:47] <ronny> [Tritium]: and as it is now any company at least has no incentive to change that, since its extra efford that also looses you user-data - so as things are now, beign worse on the user has a return on investment

[08:36:49] <[Tritium]> More people are shutting down openid providers than are opening them up, google and facebook login is the expected norm (except in developer communities where github is also expected). Mozilla's solution didnt even make it out of beta... the web expects google and facebook login and has rejected pretty much all other federated identity systems (except, nieche ones)

[08:37:27] <ronny> which is the problem

[08:37:49] <[Tritium]> which is not something dstufft should try and solve. pragmatisim over purity

[08:39:47] <ronny> [Tritium]: hmm, it mgiht be enough to wire the python lib python-social-auth into pypi, it support __many__ providers

[08:42:29] <[Tritium]> pypi (the codebase) is not going to be getting any new features. warehouse might...

[08:43:34] <ronny> whops, my bad - i meant warehouse

[08:44:32] <[Tritium]> python-social-auth does apparently support pyramid

[08:46:08] <apollo13> ronny: I'd still limit providers to a minimal viable set

[08:49:22] <[Tritium]> From that list... Google, Facebook, Github, OpenID (since its free with the library), Bitbucket, Launchpad?, Stackoverflow, Twitter

[08:50:00] <apollo13> I would yank at least facebook twitter SO and maybe even launchpad from that list :D

[08:50:26] <apollo13> swap lp and SO :D

[08:51:07] <[Tritium]> Facebook auth is pervasive and probably worth having?

[08:51:30] <[Tritium]> http://python-social-auth.readthedocs.io/en/latest/configuration/pyramid.html This does not make me confident that the library will be used, anyways.

[08:52:16] <mgedmin> I think a better topic for arguing is who is going to pay for an ops person to maintain and support auth integration in warehouse?

[08:52:27] <apollo13> that ;)

[08:54:32] <[Tritium]> I will argue that the python.org sites and other psf sites are in need of some sort of integrated authentication... All in all, I am fine with having a user/pass to pypi... i wish it was just the same one as the mailing list, wiki, bug trackers....

[08:56:23] <apollo13> kerberos auth :D

[09:00:08] <[Tritium]> I'll get right on porting warehouse to windows for iis deployment

[09:00:59] <apollo13> ?

[09:01:28] <apollo13> not exactly sure how you got from krb to windows

[09:02:00] <[Tritium]> windowsdomainsarethebiggestusersofkerberosinthewildnevermind

[09:02:54] <[Tritium]> while kerberos is available on *NIX, you HAVE TO use it for windows domains

[09:03:10] <[Tritium]> unless you are using, like... nt4

[09:03:32] <mgedmin> how does kerberos work over http anyway?

[09:03:40] <mgedmin> magic http header values?

[09:03:44] <apollo13> jupp

[09:03:48] <apollo13> spnego

[09:04:18] <[Tritium]> WWW-Authenticate: Negotiate [token]

[09:04:34] <apollo13> though it requires extra config on ff and doesn't work on chrome unles you add cmd line args :/

[09:46:16] <dstufft> [Tritium]: To be clear, I'm not against federated auth as a form of SSO between Python sites (and in fact, I want to do that via id.python.org at some point, but figuring out how to consoldate multiple identity silos in a reasonable way is something I haven't done yet)

[09:46:56] <dstufft> I don't want to add a new federauted auth thing to PyPI, If we have any federated auth (in the non SSO sense) it'll be whawtever we have now, and ideally we can get rid of that

[09:47:25] <[Tritium]> dstufft: I am totally ok with that

[09:50:11] <[Tritium]> and on a technical note, IIUC mailman3's uis and moinmoin support openid out of the box, theres a plugin for redmine, and... python.org is...django? so it is not a technically hard problem to get them all speaking the same auth language... migration would be a massive pain, though

[09:51:06] <[Tritium]> ...bugs uses roundup not redmine...

[09:52:16] <[Tritium]> so the tracker would needs its own work

[11:17:19] <[Tritium]> https://github.com/tritium21/venvbs worst idea ever?

[11:19:34] <dstufft> [Tritium]: Having it inside a single file is nice :] Though virtualenv.py already allows running without installing, but you need the virtualenv_support dir alongside it

[11:20:21] <[Tritium]> Yeah... but I spend a LOT of effort on being lazy

[11:21:52] <dstufft> :]

[11:54:16] <[Tritium]> well I'll be... the product of my lazyness (which actually took 2 hours) works windows/linux/2/3

[11:54:43] <[Tritium]> thats a matix of compatibility im not used to doing on accident (was just trying for 2/3)

[11:54:57] <dstufft> [Tritium]: :D

[12:36:22] <wiggy> is there a quick way to force an os-release in wheel specs?

[12:38:52] <dstufft> wiggy: you'll need to be more specific, do you mean when you're generating a wheel? or something else?

[12:43:23] <ionelmc> dstufft: [Tritium]: doesn't virtualenv support running as a zipfile (iow just run the whl file)?

[12:43:34] <dstufft> ionelmc: don't think so

[12:44:59] <[Tritium]> ionelmc: virtualenv.py would have to be renamed __main__.py... and then it has to load virtualenv_support somehow

[12:49:25] <wiggy> dstufft: environment marker is the term I'm looking for I think

[12:49:49] <wiggy> dstufft: basically I am looking for a way to have wheels for ubuntu14.04 and ubuntu16.04 in the same index

[12:50:35] <[Tritium]> i dont think pip will look for that

[12:57:05] <ronny> dstufft: btw, what toml impleemntation will python tolling standardize on

[12:57:26] <ronny> i'd like to introduce the tool.pytest key

[12:57:44] <ronny> and for the poc i want to use te implementation pip will use if possible

[13:03:42] <dstufft> ronny: most likely pytoml I think

[13:21:48] <ronny> k, thx