Stop recommending PyPI project name squatting
For years now, Warehouse (PyPI) has supported automatic project registration on initial upload. The reason our "registration" instructions got so complicated, in fact, is that they discouraged and then entirely stopped supporting any other method of project registration in order to help curb namesquatting. OpenStack's release automation has support for this workflow as well, so let's stop being part of the problem. Depends-On: https://review.opendev.org/852574 Change-Id: I00a72fd330a24f548b9c87cab852cf3f57d5e910
This commit is contained in:
Jeremy Stanley
parent
6e166e7581
commit
f281c80e5c
|
|
@ -106,32 +106,16 @@ choosing a name`_ for new Oslo libraries.
|
|||
Give OpenDev Permission to Publish Releases
|
||||
===========================================
|
||||
|
||||
New Python packages without any releases need to be manually
|
||||
registered on PyPI.
|
||||
New Python projects without any releases do *not* need to be
|
||||
manually registered on PyPI. The first upload for a nonexistent
|
||||
project will automatically register it and add the uploader's
|
||||
account as the initial owner.
|
||||
|
||||
If you do not have PyPI credentials, you should create them at
|
||||
https://pypi.org/account/register/ as they are
|
||||
required for the next step.
|
||||
|
||||
Once you have PyPI credentials see
|
||||
https://packaging.python.org/tutorials/packaging-projects/
|
||||
to create and upload your initial package. The initial package should
|
||||
contain a ``PKG-INFO`` file for a nonexistent version ``0`` of your
|
||||
package (that way any release you make is guaranteed to be higher).
|
||||
It can be as simple as a plain text file containing the following
|
||||
two lines (where ``packagename`` is replaced by the desired package
|
||||
name)::
|
||||
|
||||
Name: packagename
|
||||
Version: 0
|
||||
|
||||
Next your package needs to be updated so the "openstackci" user has
|
||||
"Owner" permissions.
|
||||
|
||||
Visit
|
||||
If your project already exists on PyPI, update the roles for it so
|
||||
the "openstackci" user has "Maintainer" permissions. Visit
|
||||
``https://pypi.org/manage/project/<projectname>/collaboration/``
|
||||
and add "openstackci" in the "User Name" field, set the role to "Owner",
|
||||
and click "Add Role".
|
||||
and add "openstackci" in the "User Name" field, set the role to
|
||||
"Maintainer", and click "Add Role".
|
||||
|
||||
.. image:: images/pypi-role-maintenance.png
|
||||
:height: 476
|
||||
|
|
|
|||
Loading…
Reference in New Issue