Hi!
The Python Package Index (PyPI) has decided to change the format of the
URLs to download tarballs/sources. The new format is not predictable,
because part of the URL is a hash of the contents of the file. [0]
This means that for the vast majority of Python packages (those using
PyPI to download sources) the Source0 link needs to be updated.
The maintainer can either go to PyPI with each version update and copy
the URL containing the hash, or use the new URL redirector provided by
PyPI with a predictable format (like the previous one was):
https://files.pythonhosted.org/packages/source/p/positional/positional-1.1.0.tar.gz
The URL redirector will have longterm support [1], so I believe it's the
better choice.
Maybe it would be beneficial to also work the change into the RPM
rebase-helper [2] which does automatic scratch builds when a new version
of software is detected upstream? Does anyone have experience with this
project?
[0]
https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package
[1]
https://bitbucket.org/pypa/pypi/issues/438/backwards-compatible-un-hashed-package#comment-27734791
[2] https://github.com/phracek/rebase-helper
Great day to all,
Tomas
--
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
http://lists.fedoraproject.org/admin/lists/devel@xxxxxxxxxxxxxxxxxxxxxxx
