#238 Missing files from PyPI

sandbox
closed-fixed
nobody
None
5
2013-07-24
2013-07-23
No

Currently docutils seems to be missing some versions from being hosted on PyPi, this presents security and performance challenges. If you could upload the releases to PyPi and then follow the instructions at pypi-externals.caremad.io/help/what/ it'd be great!

There are a few releases hosted on PyPI which are 0.6, 0.7, 0.8, 0.8.1, 0.9, 0.9.1, 0.10 however 0.3, 0.3.5, 0.3.7, 0.3.9, 0.4, 0.5, 0.6, 0.7, and 0.11 are not.

Discussion

  • engelbert gruber

    sorry missed to upload 0.11 to pypi

    what security/performance risk is in not having an ancient package on pypi ?

     
  • Donald Stufft

    Donald Stufft - 2013-07-23

    If nobody is installing them? Nothing. But if anyone has those older versions pinned and are still installing them then the same as for a newer package. However you still have external urls and such turned on in your PyPI page so the packaging tools will crawl the source forge etc pages looking for those versions. So you should still follow the instructions at pypi-externals.caremad.io/help/what/ to solve the general security/performance problems of external urls. There's also a more detailed description on that page.

    I mostly care about the newer ones though and just included the older ones for completeness sake.

     
  • engelbert gruber

    i turned "Hosting Mode" to "Do not extract URL ..."
    and upload all version and remove all download urls.
    although i assume this problem originates in a change in pypi.

     
  • Donald Stufft

    Donald Stufft - 2013-07-24

    PyPI's always had this problem :) Just recently there's been a push to get rid of it.

    Thanks a lot! You're awesome!

     
  • engelbert gruber

    did not remove download urls, unnecessary as i understand the description.

     
  • engelbert gruber

    • status: open --> closed-fixed
     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks