On Wed, Sep 18, 2013 at 10:33:52AM -0400, Scott Kitterman wrote: > I object to the mandatory nature of the proposal and the associated be sure to document for your users why you were idiots and didn't ship this. End users should not need these kinds of tools. I agree. > I think that introducing a package download mechanism that is not cryptographically secured with a promise to later insecurely update the mechanism to have security is crazy talk. I also agree. > The basic message I get from the proposal is "screw you Linux". I think it's a bit more subtle than that - but I do think most Pythonistas tend to forget that end users may not know what pip is - hell, they may not even know what Python is. I think clarifying this upstream would be nice. > Scott K > > P.S. I'm not nominating myself to be the diplomat that talks to upstream for what are probably obvious reasons. Samesies. On Wed, Sep 18, 2013 at 10:33:52AM -0400, Scott Kitterman wrote: > I get why they exist. I was talking to the people who were advocating for the removal of pip from the archive, not you, Scott :) Cheers, Paul -- .''`. Paul Tagliamonte <paultag@debian.org> : :' : Proud Debian Developer `. `'` 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `- http://people.debian.org/~paultag
Attachment:
signature.asc
Description: Digital signature