Debian-Python experts, I'm writing to you in hopes you will forward this to the right places, and file relevant bugs against uscan/watch, which I don't quite understand enough to do myself. And if you want to follow up on https://github.com/pypa/warehouse/issues/358#issuecomment-337233792 and file a new issue asking for us to support your redirector more cleanly, I'd welcome that. I'm the project manager for the new Python Package Index (Warehouse), which is currently in beta at http://pypi.org/ . On the Warehouse roadmap[1], it looks like the full switch will happen sometime in April, so here's a heads-up about why we're switching, what's changed, and what to expect. (Much of it won't be directly important to you, but I figure you might want to know anyway!) The legacy PyPI site at https://pypi.python.org started in the early 2000s. In recent years, users faced outages, malicious packages, and spam attacks, and the legacy codebase made it hard to maintain and even harder to develop new features. The new PyPI has a far more modern look, and is up-to-date under the hood as well; a proper web framework (Pyramid), 100% backend test coverage, and a Docker-based development environment, make it easier for current and new developers to maintain it and add features. Thanks to Mozilla's Open Source Support funding[2], developers have added many new features, overhauled infrastructure, and made steady progress towards redirecting traffic to the new site and shutting down the old one. As of the middle of last year, package releases must go through the new PyPI, and as of late February, new user account registration is only available on the new site. The full switch will include redirecting browser and pip install traffic from the old site; then, sometime in late April or early May, the legacy site will be entirely shut down. Thanks to redirects, you may not have to change anything immediately. Here's a migration guide.[3] Some new PyPI features: * mobile-responsive UI * chronological release history for each project (example[4]) * easy-to-read project activity journal for project maintainers * better search and filtering * support for multiple project URLs (e.g., for a homepage and a repo[5]) * user-visible Gravatars and email addresses for maintainers * no need to "register" a project before initial upload * far better backend infrastructure, reducing the frequency of outages Things that are going away, or already have (sometimes for policy or spam-fighting reasons), include: * pythonhosted.com documentation hosting (pypa/warehouse#582[6]) * download counts visible in the API[7] (instead, use the Google BigQuery service[8]) * GPG/PGP signatures for packages (still visible in the Simple Project API[9] per PEP 503[10], but no longer visible in the web UI * key management: PyPI no longer has a UI for users to manage their GPG or SSH public keys * package maintainers being able to upload a new release via the web UI (instead, the recommended command-line tool is Twine[11]) * package maintainers being able to log in and update release descriptions via the web UI (to update release metadata, they need to upload a new release; see distutils-sig discussion[12]) * OpenID and Google auth login[13] * users being able to upload a package without verifying their email address with PyPI first * HTTP access to APIs; now it's HTTPS-only[14] And in the works: * PEP 541[15] will enable more timely package takeovers, as people get package names transferred to them after conflict resolution * Now that PEP 566 has been approved, developers are working to get Markdown supported for README files on PyPI[16] For future updates, please sign up for the low-traffic PyPI announcements email list[17]. Thank you for integrating with PyPI, and please let us know[18] if you have any questions or problems with the new site! -- Sumana Harihareswara Changeset Consulting https://changeset.nyc Links: 1. https://wiki.python.org/psf/WarehouseRoadmap 2. https://pyfound.blogspot.com/2017/11/the-psf-awarded-moss-grant-pypi.html 3. https://warehouse.readthedocs.io/api-reference/integration-guide/#migrating-to-the-new-pypi 4. https://pypi.org/project/pip/#history 5. https://packaging.python.org/tutorials/distributing-packages/#project-urls 6. https://github.com/pypa/warehouse/issues/582 7. https://warehouse.readthedocs.io/api-reference/xml-rpc/#changes-to-legacy-api 8. https://packaging.python.org/guides/analyzing-pypi-package-downloads/ 9. https://warehouse.readthedocs.io/api-reference/legacy/#simple-project-api 10. https://www.python.org/dev/peps/pep-0503/ 11. http://twine.readthedocs.io/ 12. https://mail.python.org/pipermail/distutils-sig/2017-December/031826.html 13. https://mail.python.org/pipermail/distutils-sig/2018-January/031855.html 14. https://mail.python.org/pipermail/distutils-sig/2017-October/031712.html 15. https://www.python.org/dev/peps/pep-0541/ 16. https://github.com/pypa/warehouse/issues/869#issuecomment-340928703 17. https://mail.python.org/mm3/mailman3/lists/pypi-announce.python.org/ 18. https://github.com/pypa/warehouse/issues/new
Attachment:
0xB57DAF9C.asc
Description: application/pgp-keys