#640 Python Guidelines reference HTTP sources and outdated source urls
Closed: Fixed None Opened 3 years ago by fschwarz.

The [https://fedoraproject.org/wiki/Packaging:Python#Example_common_spec_file "Example common spec file"] still uses plain HTTP urls. pypi supports HTTPS these days so I think we should recommend that as well.

Also the [https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org/thread/BA4EGMVMHQJEZFEBDT2MZXXTS5MZVQT2/ pypi download urls changed] recently so the example should reflect that as well.


Yes, we know pypi has changed, but so far nobody has provided a draft we could use for updating the guidelines. I note that you have selected the component "Guideline Draft" but... where's the draft?

Replying to [comment:1 tibbs]:

Yes, we know pypi has changed, but so far nobody has provided a draft we could use for updating the guidelines. I note that you have selected the component "Guideline Draft" but... where's the draft?

Well I assumed that the change was so trivial that no formal draft was necessary :-)

I see that you updated the example spec to use HTTPS. Do you still need a formal draft to update the source url to {{{https://files.pythonhosted.org/packages/source/e/%{srcname}/%{srcname}-%{version}.tar.gz}}}?

I don't know; is that the proper, accepted stable location that whoever made the crazy decision to change pypi expects us to use now?

The point is, for a quick change you at least need to tell us what needs to be done instead of what is being done now. Saying "it's wrong; see why somewhere in this thread" is not useful. Saying "you should use this; this is why; here are references and info to back that up" is far more useful.

Since I'm here with a pile of python devs here at flock, I asked which I should use and was told that files.pythonhosted.org is "guaranteed" to provide stable URLs. So I've gone ahead and written those in.

I will go ahead and announce since it's mildly confusing.

Announcement text:

Corrected the suggest source URL for tarballs hosted on pypi to use https://files.pythonhosted.org.

I also wrote a short paragraph into the SourceURL document so that this isn't missed.

Login to comment on this ticket.

Metadata