Bug#745342: marked as done (ITP: twine -- Collection of utilities for interacting with PyPI)
Your message dated Wed, 17 Sep 2014 16:00:10 +0000
with message-id <E1XUHeM-00029a-S0@franck.debian.org>
and subject line Bug#745342: fixed in twine 1.3.1-1
has caused the Debian Bug report #745342,
regarding ITP: twine -- Collection of utilities for interacting with PyPI
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
745342: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=745342
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ITP: twine -- Collection of utilities for interacting with PyPI
- From: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
- Date: Sun, 20 Apr 2014 19:52:56 +0200
- Message-id: <20140420175256.11180.89862.reportbug@silverblade>
Package: wnpp
Severity: wishlist
Owner: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
* Package name : twine
Version : 1.3.1
Upstream Author : Donald Stufft <donald@stufft.io>
* URL : https://github.com/dstufft/twine
* License : Apache 2.0
Programming Lang: Python
Description : Collection of utilities for interacting with PyPI
Twine is a utility for interacting with PyPI.
The biggest reason to use twine is that python setup.py upload uploads
files over plaintext. This means anytime you use it you expose your
username and password to a MITM attack. Twine uses only verified TLS to
upload to PyPI protecting your credentials from theft.
Secondly it allows you to precreate your distribution files. python
setup.py upload only allows you to upload something that you’ve created
in the same command invocation. This means that you cannot test the
exact file you’re going to upload to PyPI to ensure that it works before
uploading it.
Finally it allows you to pre-sign your files and pass the .asc files
into the command line invocation (twine upload twine-1.0.1.tar.gz
twine-1.0.1.tar.gz.asc). This enables you to be assured that you’re
typing your gpg passphrase into gpg itself and not anything else since
you will be the one directly executing gpg --detach-sign -a <filename>.
I'd like to maintain twine inside PAPT
--- End Message ---
--- Begin Message ---
Source: twine
Source-Version: 1.3.1-1
We believe that the bug you reported is fixed in the latest version of
twine, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 745342@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Zygmunt Krynicki <zygmunt.krynicki@canonical.com> (supplier of updated twine package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 20 Apr 2014 19:55:00 +0200
Source: twine
Binary: twine
Architecture: source all
Version: 1.3.1-1
Distribution: unstable
Urgency: medium
Maintainer: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Changed-By: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
Description:
twine - utility for interacting with PyPI
Closes: 745342
Changes:
twine (1.3.1-1) unstable; urgency=medium
.
* Initial release. (Closes: #745342)
Checksums-Sha1:
cb30e8e5da388ce64ffc28c997cf97d20f14ccb1 2073 twine_1.3.1-1.dsc
cf502855a5b1a596edb73e1e24923d4c2b031a36 17838 twine_1.3.1.orig.tar.gz
677ec778af9ee5158610e46667b3838aa5487875 34496 twine_1.3.1-1.debian.tar.xz
056863c3b06a09285b558cdda1d0e98ca2542958 25678 twine_1.3.1-1_all.deb
Checksums-Sha256:
4533dfa5c3ca9253ba46e1cc1e88d6a7e2bd0c6dcd417a79c15f1935c25619ef 2073 twine_1.3.1-1.dsc
fe5131c2b2bd7a831731b4c205080b670ad467fe2649082eb9fc2b161c2864d3 17838 twine_1.3.1.orig.tar.gz
1fda5195f6165e1525c526c9f76011fe6d11a344ae19d5f14e386faf5f6ff236 34496 twine_1.3.1-1.debian.tar.xz
43284ab9d59733d27b2c9d9f7587e60293b3ef97e69aaafc56f531bebe6a729d 25678 twine_1.3.1-1_all.deb
Files:
0d1bde8f630b92096a35b22285464da3 25678 utils optional twine_1.3.1-1_all.deb
3d3130c6621f2c943bbfb08d7ef3e371 2073 utils optional twine_1.3.1-1.dsc
db4d83a4c4af2a2602dad0160c0c2a4b 17838 utils optional twine_1.3.1.orig.tar.gz
df967f72e6464ae56b47c22e751f3c4d 34496 utils optional twine_1.3.1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCgAGBQJUF0CiAAoJEK728aKnRXZFzRoQAM4QvRwdoO/EmLvhY0ZmEl7l
Ir7wgjO/Bzb/6xNbR5Yi08FtE2JVDqaQsGwMPX13WysvDhIX2u/rqSg0ggyADGJz
Z1B+YnIE3eCpLceHkU/ah4su8r6R4f4GJupOYfJoVIJ/jJAtVW9E4syWMWtrfSWQ
IVXen7aX4pNjCT+nPxlJ65l5oL3STpMnnXcUg5R2CJw7pckpose+GQQMEz/mY5Mp
bEzbAt0Zyc9uja3YIZ6wu9e+f6WipvAdxPZ1LH6dUQZffwT2bC1wd051qkDKwrpC
+S0h0GsvBuwaJgyBBjv1NFvpfEP+SFSuja1oREHGI2ntHFia4m4RCog+Mv91Dr3n
up9YIxtuDeUWE/AaDybI+6H99c4xL7M21529MlYk3JJRLtYulxXmulYO8ppa7KBt
x7t6YnnlqQWxUXLII3nSHpP/22jDJp+ZeHbIrnLtT2J2z/7uxUOeTNNjxrE8DO50
oDU1V1u1WSefiyfAdbUvZRsfnlRvXOU99bh+ts1da9haZcmqJxfGHYJeqT0klFSg
PJkYkl9dPgLs3IgG4wVZ5yucUNOd5JChwSAu4XKoZwfKaLV2qZwliVo9ed4TEIya
rNgbF4eB0rDaIvfDQk7k0xo9EsLjxpnGmz+vnVnIeZXoQrsQywhw+FeuZlR3wrQ9
9cZs+DEbyYk9FkyYLe7r
=KV+0
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: