iSharkFly-Open
/
python-peps
mirror of https://github.com/python/peps.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

PEP 480: Fix status, author, discuss, reference (#1693)

This commit is contained in:
Sumana Harihareswara 2021-03-12 11:38:43 -05:00 committed by GitHub
parent d4d4fe7b6f
commit 5451f7963c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 19 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
pep-0480.txt
View File

@ -4,10 +4,10 @@ Version: $Revision$
Last-Modified: $Date$ Last-Modified: $Date$
Author: Trishank Karthik Kuppusamy <karthik@trishank.com>, Author: Trishank Karthik Kuppusamy <karthik@trishank.com>,
Vladimir Diaz <vladimir.diaz@nyu.edu>, Vladimir Diaz <vladimir.diaz@nyu.edu>,
Justin Cappos <jcappos@nyu.edu> Justin Cappos <jcappos@nyu.edu>, Marina Moore <mm9693@nyu.edu>
BDFL-Delegate: Richard Jones <r1chardj0n3s@gmail.com> BDFL-Delegate: Donald Stufft <donald@stufft.io>
Discussions-To: DistUtils mailing list <distutils-sig@python.org> Discussions-To: Packaging category on Python Discourse <https://discuss.python.org/c/packaging>
Status: Deferred Status: Draft
Type: Standards Track Type: Standards Track
Content-Type: text/x-rst Content-Type: text/x-rst
Requires: 458 Requires: 458
@ -56,8 +56,12 @@ distributions.
PEP Status PEP Status
========== ==========
Due to the amount of work required to implement this PEP, it is deferred until The community discussed this PEP from 2014 to 2018. Due to the amount
appropriate funding can be secured to implement the PEP. of work required to implement this PEP, discussion was deferred until
after approval for the precursor step in PEP 458. As of mid-2020 PEP
458 is approved and implementation is in progress, and the PEP authors
aim to gain approval so they can secure appropriate funding for
implementation.
Rationale Rationale
@ -341,14 +345,11 @@ distributions, and prevents MITM attacks on usernames and passwords.
__ https://github.com/pypa/twine __ https://github.com/pypa/twine
Distutils Build backends
--------- --------------
`Distutils`__ MAY be modified to sign metadata and to upload signed distributions Build backends MAY be modified to sign metadata and to upload signed
to PyPI. Distutils comes packaged with CPython and is the most widely used distributions to PyPI.
tool for uploading distributions to PyPI.
__ https://docs.python.org/2/distutils/index.html#distutils-index
Automated Signing Solution Automated Signing Solution
@ -410,7 +411,7 @@ management is preferred (e.g., ssh-copy-id).
The `repository`__ and `developer`__ TUF tools currently support all of the The `repository`__ and `developer`__ TUF tools currently support all of the
recommendations previously mentioned, except for the automated signing recommendations previously mentioned, except for the automated signing
solution, which SHOULD be added to Distutils, Twine, and other third-party solution, which SHOULD be added to Distlib, Twine, and other third-party
signing tools. The automated signing solution calls available repository tool signing tools. The automated signing solution calls available repository tool
functions to sign metadata and to generate the cryptographic key files. functions to sign metadata and to generate the cryptographic key files.
@ -894,9 +895,10 @@ conclusions or recommendations expressed in this material are those of the
author(s) and do not necessarily reflect the views of the National Science author(s) and do not necessarily reflect the views of the National Science
Foundation. Foundation.
We thank Nick Coghlan, Daniel Holth, Donald Stufft, and the distutils-sig We thank Nick Coghlan, Daniel Holth, Donald Stufft, Sumana
community in general for helping us to think about how to usably and Harihareswara, and the distutils-sig community in general for helping
efficiently integrate TUF with PyPI. us to think about how to usably and efficiently integrate TUF with
PyPI.
Roger Dingledine, Sebastian Hahn, Nick Mathewson, Martin Peck and Justin Roger Dingledine, Sebastian Hahn, Nick Mathewson, Martin Peck and Justin
Samuel helped us to design TUF from its predecessor Thandy of the Tor project. Samuel helped us to design TUF from its predecessor Thandy of the Tor project.